Report - hotelfruerlund.de/

Report Overview

Submitted URL
hotelfruerlund.de/
IP
46.101.122.46
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2023-02-18 03:22:50
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
9
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.hotelfruerlund.de	unknown	2017-03-06T08:19:05Z	2023-03-06T05:22:45Z	5.8 kB	1.3 MB	46.101.122.46
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	687 B	18 kB	142.250.74.106
hotelfruerlund.de	unknown	2017-03-06T08:19:05Z	2023-03-10T01:22:49Z	349 B	357 B	46.101.122.46
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.84.138.44
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	66 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	4.9 kB	142.250.74.131
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.5 kB	92 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-18 03:22:40	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-02-18 03:22:40	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-02-18 03:22:41	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-02-18 03:22:41	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-02-18 03:22:41	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-02-18 03:22:41	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-02-18 03:22:41	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-02-18 03:22:41	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-02-18 03:22:41	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	www.hotelfruerlund.de/	56 B	2023-03-07	2024-03-01
Pretty URL www.hotelfruerlund.de/ IP 46.101.122.46 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:35:00 Last Seen2024-03-01 16:21:12 Times Seen63 Hash 83e3a0758c7d9df2a82bc2c3d1e1bfc6 c9253b5d08768fdec36b2c697a84a8604ff095e6 fc969eeb098739857c84e2ca8db45b1c397fb0db879e32b04c1e37c916b30d52 Loading...

	www.hotelfruerlund.de/	476 B	2023-03-07	2024-05-04
Pretty URL www.hotelfruerlund.de/ IP 46.101.122.46 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-05-04 14:55:52 Times Seen15754 Hash ce71388c2d441cfb9ef0985bc4e5bb71 1e74c490ed76f671eb45ab0b45c9c9f5b9b89f0f efb5a648656ae8f944fbf74e5644126464160ab50197a288c8b587e74edd575a Loading...

	www.hotelfruerlund.de/	8.7 kB	2023-03-07	2024-05-03
Pretty URL www.hotelfruerlund.de/ IP 46.101.122.46 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:42 Last Seen2024-05-03 20:07:50 Times Seen1112 Hash cd9680743225d3fd4c1b85a731dd2ec8 32741541072b130bfa55f22a4e738c5f0338f54e cdd6551cd2b3236957745d4eae454072cd51cea1fb31885069a31a34fe6c3735 Loading...

	www.hotelfruerlund.de/	148 B	2023-03-10	2024-01-12
Pretty URL www.hotelfruerlund.de/ IP 46.101.122.46 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:02:46 Last Seen2024-01-12 01:23:28 Times Seen3 Hash 1c5e3f73ce775965187f88a88dcd4e7e b6e8ac8d5f64aa8afea281e4003bd1e38bc5163d ddf6d1e5753de0b55b6900fa05e09140288538c4db97c2c4c9c62c621bd26124 Loading...

	www.hotelfruerlund.de/	478 B	2023-03-10	2024-01-12
Pretty URL www.hotelfruerlund.de/ IP 46.101.122.46 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:02:46 Last Seen2024-01-12 01:23:28 Times Seen3 Hash bc65c80709f152c417eb0e0d7e6ae2dc 96ebb178972877b7e4e9d9f35e1138476ebb4997 4d474d366ca5b56aa81346107532a73786237f17420eab665f4950b3267a49d8 Loading...

	www.hotelfruerlund.de/	670 B	2023-03-10	2024-01-12
Pretty URL www.hotelfruerlund.de/ IP 46.101.122.46 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:02:46 Last Seen2024-01-12 01:23:28 Times Seen3 Hash 0fe1d2e8d947e2f7ce7320f49e505687 d134b5701fd4b5dcd62c6c6a8739d4889280e512 64dd6eb132afa11b34478496f05e462c72a8bc322a74dc9c962de7bf240b12c0 Loading...

	www.hotelfruerlund.de/	167 B	2023-03-10	2024-01-12
Pretty URL www.hotelfruerlund.de/ IP 46.101.122.46 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:02:46 Last Seen2024-01-12 01:23:28 Times Seen3 Hash 7b41daba4fe537de00ba0d42ef0d8c38 2b9355e657e9caa6031d96ccb56bea7b8ef4bf74 42ef33c08e7779f1f7ec80f8caeed18102624d9b429faf190d107c6843d68509 Loading...

	www.hotelfruerlund.de/	3.2 kB	2023-03-10	2024-01-12
Pretty URL www.hotelfruerlund.de/ IP 46.101.122.46 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:02:46 Last Seen2024-01-12 01:23:28 Times Seen3 Hash 21e3d1d7b5e84d6d985ac65e7236cffb 2412bfc37b27399158be660c63b2ff4ed403c01c de18179b20d4946d8a48036e65e2eeb7382735ab8f7310f598b64befe6d94fc6 Loading...

	www.hotelfruerlund.de/	1.8 kB	2023-03-07	2024-05-04
Pretty URL www.hotelfruerlund.de/ IP 46.101.122.46 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:13 Last Seen2024-05-04 08:56:20 Times Seen1165 Hash 4987c278554aca0f434be960093da5ea a84e797c1bf51ba6880369c108139892b4ff222e 0bb088a70492e66de65d971724f3e1ffc81e79d10b7baad3881f38d5e41d159e Loading...

	www.hotelfruerlund.de/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js	8.3 kB	2023-03-07	2024-05-04
Pretty URL www.hotelfruerlund.de/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js IP 46.101.122.46 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:43 Last Seen2024-05-04 08:56:19 Times Seen3089 Hash b00219cb958052cb557115d55f0c8d48 3c55bbf5a8082db61decff924aaf787f4337df86 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6 Loading...

HTTP Transactions (45)

	URL	IP	Response	Size
	hotelfruerlund.de/	46.101.122.46	301 Moved Permanently	162 B
URL HTTP/1.1 hotelfruerlund.de/ IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 162 B (162 bytes) Hash 4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a HTTP Headers `GET / HTTP/1.1 Host: hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 18 Feb 2023 03:22:39 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: http://www.hotelfruerlund.de/`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 4229cfe19d214d22153fe5833a7b557a 2439958496306a257d266050b4313b9bac51c871 ddfa83afe45b77b508119ac50488a73c3c49a78fa7a64ad983bd4958e0c7a4f9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DDFA83AFE45B77B508119AC50488A73C3C49A78FA7A64AD983BD4958E0C7A4F9" Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20879 Expires: Sat, 18 Feb 2023 09:10:38 GMT Date: Sat, 18 Feb 2023 03:22:39 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 50ffd49bee3840941f9fc33baca23aad 2ff715abc76ea138eff267a64f26eb2dc6365b4a ff8709095d9b5a7d90ff10b31a6a9d2e071b42e215641d30dce6de6a782bffd6 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FF8709095D9B5A7D90FF10B31A6A9D2E071B42E215641D30DCE6DE6A782BFFD6" Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14373 Expires: Sat, 18 Feb 2023 07:22:12 GMT Date: Sat, 18 Feb 2023 03:22:39 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash b44c4b5daa307a355e7bab1c83c1ca82 dbd14cd873f1dd4502f277b3f51cb7bc8da0c080 fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 18 Feb 2023 02:53:21 GMT content-type: application/json age: 1759 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5539e12eac82ed8486057f67e18231d3 866778ccdac94dbeff9bc217d4a057079ee71b2a d82a876ba46480f2caa20e2112941bfb461bdb03e882949b347abb9e8006705f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D82A876BA46480F2CAA20E2112941BFB461BDB03E882949B347ABB9E8006705F" Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14632 Expires: Sat, 18 Feb 2023 07:26:32 GMT Date: Sat, 18 Feb 2023 03:22:40 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: pKU2VEAHYqOlw6Jubouno5S6URRUmbnkYy2aR3Qx2aAOK2NWByqWAWKK7VmDwb8OaRvxcQSDtCxI1RPiRBR7tw== x-amz-request-id: 1YXEYBCPYQPGZCM3 x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 18 Feb 2023 03:21:21 GMT age: 79 last-modified: Sun, 29 Jan 2023 18:44:47 GMT etag: "e76071a28ee566dababb3834f46d68ed" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:40 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Expires, Content-Type, Alert, Content-Length, Backoff, ETag, Cache-Control, Retry-After, Last-Modified, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 18 Feb 2023 02:51:23 GMT age: 1877 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash ffe8651a83ebc937a53bf14c980c348e 8fe2f9219fbe52ee890533f94dd617da679050a4 96149e604ad1e11ab2b100b60e4605b7213f215b0a788506185def01954cb70f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "96149E604AD1E11AB2B100B60E4605B7213F215B0A788506185DEF01954CB70F" Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6928 Expires: Sat, 18 Feb 2023 05:18:08 GMT Date: Sat, 18 Feb 2023 03:22:40 GMT Connection: keep-alive`

	push.services.mozilla.com/	35.84.138.44	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.84.138.44:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: JNaSFzso1eCXVyGAveMjYw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 7ulK5AQsmx8tpxRMOdIAJyYgQJQ=`

	www.hotelfruerlund.de/	46.101.122.46	301 Moved Permanently	0 B
URL HTTP/1.1 www.hotelfruerlund.de/ IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 18 Feb 2023 03:22:40 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive X-Pingback: http://www.hotelfruerlund.de/xmlrpc.php X-Redirect-By: WordPress Vary: Accept-Encoding Location: https://www.hotelfruerlund.de/ Cache-Control: max-age=0 Expires: Sat, 18 Feb 2023 03:22:40 GMT X-Powered-By: PHP/7.4.33, PleskLin`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash ec72f4854816590579b32d8588a6b808 3ca658a1ada4ff4fcb30cd7350193417dc89c3b3 e3d001a0f5ebf81cafd726f82a6e315044ce15376de1cd47fcb0d2e2702f587b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E3D001A0F5EBF81CAFD726F82A6E315044CE15376DE1CD47FCB0D2E2702F587B" Last-Modified: Fri, 17 Feb 2023 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Sat, 18 Feb 2023 09:22:41 GMT Date: Sat, 18 Feb 2023 03:22:41 GMT Connection: keep-alive`

	www.hotelfruerlund.de/	46.101.122.46	200 OK	34 kB
URL HTTP/2 www.hotelfruerlund.de/ IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (42788) Size 34 kB (33518 bytes) Hash b7bef1a38b8c2707c8935b1121851422 1524f4877f792536699edd59cbfa30a1dfbe433d d1ed2749c50f3b5aff24b647d31937ff032db81b968ac78bf59c1db896473105 HTTP Headers `GET / HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:41 GMT content-type: text/html; charset=UTF-8 content-length: 33518 vary: Accept-Encoding last-modified: Fri, 17 Feb 2023 18:37:52 GMT accept-ranges: bytes cache-control: max-age=0 expires: Sat, 18 Feb 2023 03:22:41 GMT content-encoding: gzip x-powered-by: PleskLin X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 06e06b8a5a6fd7eb0580e616478b58b8 c1e3a37c3c6b831fad95fb469ddbcd7154e5a3e8 5b8ac8bdb71711d0ac3c2cff8d21d1fee72f17042acbb70d59dde449b3745429 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 18 Feb 2023 03:22:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.hotelfruerlund.de/wp-content/cache/min/1/ff211251d81da0f7f633f71893a2ee54.css	46.101.122.46	200 OK	110 kB
URL HTTP/2 www.hotelfruerlund.de/wp-content/cache/min/1/ff211251d81da0f7f633f71893a2ee54.css IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type ASCII text, with very long lines (65536), with no line terminators Size 110 kB (109988 bytes) Hash 56fa13edbdca00d0ecf61f4384dc97c0 2d11b93e3fecab5bca5068360c3643777d4425b0 3cd68b92bdef4e877d954f422414e9e8c133caffae3988de63129f8ab6051174 HTTP Headers `GET /wp-content/cache/min/1/ff211251d81da0f7f633f71893a2ee54.css HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hotelfruerlund.de/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:41 GMT content-type: text/css; charset=utf-8 last-modified: Tue, 10 Jan 2023 11:45:25 GMT cache-control: max-age=31536000, public expires: Sun, 18 Feb 2024 03:22:41 GMT etag: W/"63bd4fd5-bab79" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2`

	www.hotelfruerlund.de/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507	46.101.122.46	200 OK	81 kB
URL HTTP/2 www.hotelfruerlund.de/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507 IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type Web Open Font Format, TrueType, length 81448, version 1.0\012- data Size 81 kB (81448 bytes) Hash 743706216bfe3fc0728d0bd15313ac92 d923ae95df3ea7676e8dc34f4de04abf2eefaaab 559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677 HTTP Headers GET /wp-content/themes/betheme/fonts/mfn/icons.woff?31690507 HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://www.hotelfruerlund.de/wp-content/cache/min/1/ff211251d81da0f7f633f71893a2ee54.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:41 GMT content-type: application/font-woff content-length: 81448 last-modified: Wed, 19 Oct 2022 15:11:16 GMT cache-control: max-age=2592000 expires: Mon, 20 Mar 2023 03:22:41 GMT etag: "63501394-13e28" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fc63911e4661aa872ac148ba0e622495 8c71e1a1ca7a84edaeda049a242868a603685883 f9801dcdaab6db35dde3127add82844087ebdba6bf3149e4b54946e5e8e234d4 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 18 Feb 2023 03:22:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fc63911e4661aa872ac148ba0e622495 8c71e1a1ca7a84edaeda049a242868a603685883 f9801dcdaab6db35dde3127add82844087ebdba6bf3149e4b54946e5e8e234d4 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 18 Feb 2023 03:22:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fc63911e4661aa872ac148ba0e622495 8c71e1a1ca7a84edaeda049a242868a603685883 f9801dcdaab6db35dde3127add82844087ebdba6bf3149e4b54946e5e8e234d4 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 18 Feb 2023 03:22:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Lato%3A100%2C300%2Cregular%2C700%2C900%7COpen%20Sans%3A300%7CIndie%20Flower%3Aregular%7COswald%3A300%2Cregular%2C700%7CRoboto%3A1%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%7CPlayfair%20Display%3A1%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap	142.250.74.106	200 OK	17 kB
URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A100%2C300%2Cregular%2C700%2C900%7COpen%20Sans%3A300%7CIndie%20Flower%3Aregular%7COswald%3A300%2Cregular%2C700%7CRoboto%3A1%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%7CPlayfair%20Display%3A1%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap IP 142.250.74.106:0 ASN #15169 GOOGLE File type data Size 17 kB (17322 bytes) Hash 07e7381efd5e49fe16a8c07fe4022a04 36ecc2a3269964597fa1e49513725f23535c0286 fb49ba9e02fab22d2986c714522c5b532a190322b5485ea84b4d37c8345a359a HTTP Headers GET /css?family=Lato%3A100%2C300%2Cregular%2C700%2C900%7COpen%20Sans%3A300%7CIndie%20Flower%3Aregular%7COswald%3A300%2Cregular%2C700%7CRoboto%3A1%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%7CPlayfair%20Display%3A1%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hotelfruerlund.de/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 18 Feb 2023 03:22:41 GMT date: Sat, 18 Feb 2023 03:22:41 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fc63911e4661aa872ac148ba0e622495 8c71e1a1ca7a84edaeda049a242868a603685883 f9801dcdaab6db35dde3127add82844087ebdba6bf3149e4b54946e5e8e234d4 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 18 Feb 2023 03:22:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2	216.58.207.227	200 OK	36 kB
URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data Size 36 kB (35764 bytes) Hash 60f23230f1a8d5c3b7d25b73f5b5ce23 ed08ada85d017893b9bcb8224e99154c6708f5d2 22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8 HTTP Headers `GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.hotelfruerlund.de Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 35764 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 15 Feb 2023 13:17:58 GMT expires: Thu, 15 Feb 2024 13:17:58 GMT cache-control: public, max-age=31536000 last-modified: Mon, 18 Jul 2022 19:06:36 GMT content-type: font/woff2 age: 223483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/playfairdisplay/v30/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2	216.58.207.227	200 OK	36 kB
URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 36104, version 1.0\012- data Size 36 kB (36104 bytes) Hash 32938cccb9665d3b8afe8689b88a9ea3 5834c8e5bf4a8daf23f518a5ccb2e8b8391f6190 b574669ac419e9857b34bd603555cc632152f8122f6b154d049e13cc0a167b35 HTTP Headers `GET /s/playfairdisplay/v30/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.hotelfruerlund.de Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 36104 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 15 Feb 2023 13:24:01 GMT expires: Thu, 15 Feb 2024 13:24:01 GMT cache-control: public, max-age=31536000 last-modified: Mon, 18 Jul 2022 19:13:00 GMT content-type: font/woff2 age: 223120 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2	216.58.207.227	200 OK	18 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 17508, version 1.0\012- data Size 18 kB (17508 bytes) Hash 7fbdfaab6bd8b191496ffe1ef1b9e748 e9e592f8498d489d8000f3a4cfb1bb447f251edd bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1 HTTP Headers `GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.hotelfruerlund.de Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 17508 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 16 Feb 2023 21:13:09 GMT expires: Fri, 16 Feb 2024 21:13:09 GMT cache-control: public, max-age=31536000 last-modified: Wed, 11 May 2022 19:24:41 GMT content-type: font/woff2 age: 108572 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash fc63911e4661aa872ac148ba0e622495 8c71e1a1ca7a84edaeda049a242868a603685883 f9801dcdaab6db35dde3127add82844087ebdba6bf3149e4b54946e5e8e234d4 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 18 Feb 2023 03:22:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.hotelfruerlund.de/wp-content/uploads/2017/02/Hotel-slider.jpg	46.101.122.46	200 OK	428 kB
URL HTTP/2 www.hotelfruerlund.de/wp-content/uploads/2017/02/Hotel-slider.jpg IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3119x1662, components 3\012- data Size 428 kB (428347 bytes) Hash 3cd563e6b35f5e7f2a8c4cf4082ec14c a5a3577a523850f3abd8550700a3949d2a36ed82 e37d8af40ec4b7a40f4e836771495affe41815dde9e2d5a08c9db03133a3f407 HTTP Headers `GET /wp-content/uploads/2017/02/Hotel-slider.jpg HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hotelfruerlund.de/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:41 GMT content-type: image/jpeg content-length: 428347 last-modified: Thu, 31 Jan 2019 18:37:05 GMT cache-control: max-age=10368000, public expires: Sun, 18 Jun 2023 03:22:41 GMT etag: "5c534051-6893b" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2`

	www.hotelfruerlund.de/wp-content/uploads/2016/06/home_minimal_sep.png	46.101.122.46	200 OK	164 B
URL HTTP/2 www.hotelfruerlund.de/wp-content/uploads/2016/06/home_minimal_sep.png IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type PNG image data, 11 x 86, 4-bit colormap, non-interlaced\012- data Size 164 B (164 bytes) Hash 4235346b4f2c2bb6f2eb7dd1b182e65b f9eb134956230c678143d8a17b8beb24f7a44468 226661a47e6e33c87b858040a85a2d7b62cb8d6e047111e87ea656f85aed7a4a HTTP Headers `GET /wp-content/uploads/2016/06/home_minimal_sep.png HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hotelfruerlund.de/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:41 GMT content-type: image/png content-length: 164 vary: Accept-Encoding x-accel-version: 0.01 last-modified: Fri, 27 Jan 2017 11:13:07 GMT accept-ranges: bytes cache-control: max-age=10368000, public expires: Sun, 18 Jun 2023 03:22:41 GMT x-powered-by: PleskLin X-Firefox-Spdy: h2`

	www.hotelfruerlund.de/wp-content/uploads/2016/06/home_minimal_sep1.png	46.101.122.46	200 OK	582 B
URL HTTP/2 www.hotelfruerlund.de/wp-content/uploads/2016/06/home_minimal_sep1.png IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type PNG image data, 35 x 17, 8-bit colormap, non-interlaced\012- data Size 582 B (582 bytes) Hash 5f50aae76c60c3bf55f810ddc5e92831 e698cc3fca327a51223a02461ee868c22c5988a7 8141b141b1bc433fdba4a6849b302fd361667c001e967d5acff15d79e9ccac5c HTTP Headers `GET /wp-content/uploads/2016/06/home_minimal_sep1.png HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hotelfruerlund.de/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:41 GMT content-type: image/png content-length: 582 vary: Accept-Encoding x-accel-version: 0.01 last-modified: Fri, 27 Jan 2017 11:13:05 GMT accept-ranges: bytes cache-control: max-age=10368000, public expires: Sun, 18 Jun 2023 03:22:41 GMT x-powered-by: PleskLin X-Firefox-Spdy: h2`

	www.hotelfruerlund.de/wp-content/uploads/2017/02/Hotel-slider2.jpg	46.101.122.46	200 OK	346 kB
URL HTTP/2 www.hotelfruerlund.de/wp-content/uploads/2017/02/Hotel-slider2.jpg IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1662, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3119], progressive, precision 8, 3119x1662, components 3\012- data Size 346 kB (346301 bytes) Hash 84719d64ae1297cf20888a59551fcecf 3c0455199b52f393519aa8b2c949d4f8c2675c1f 62031034b6db6b159f4c5cf6e3fba6a2062fc37cace9c3d1c9be737cc44f10d1 HTTP Headers `GET /wp-content/uploads/2017/02/Hotel-slider2.jpg HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hotelfruerlund.de/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:41 GMT content-type: image/jpeg content-length: 346301 last-modified: Thu, 31 Jan 2019 20:19:00 GMT cache-control: max-age=10368000, public expires: Sun, 18 Jun 2023 03:22:41 GMT etag: "5c535834-548bd" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2`

	www.hotelfruerlund.de/wp-content/uploads/2017/02/slide2-1630x860.jpg	46.101.122.46	200 OK	133 kB
URL HTTP/2 www.hotelfruerlund.de/wp-content/uploads/2017/02/slide2-1630x860.jpg IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1630x860, components 3\012- data Size 133 kB (133204 bytes) Hash 4b2b340a047ed0a201b864b77e70fc1f 059712c001e26b34d2a2f247f40c22c6cd65bede 197c112858c199d6b1962df707de9e012b047367837ead1abc5c681f9de16f67 HTTP Headers `GET /wp-content/uploads/2017/02/slide2-1630x860.jpg HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hotelfruerlund.de/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:41 GMT content-type: image/jpeg content-length: 133204 last-modified: Thu, 31 Jan 2019 18:36:28 GMT cache-control: max-age=10368000, public expires: Sun, 18 Jun 2023 03:22:41 GMT etag: "5c53402c-20854" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2`

	www.hotelfruerlund.de/wp-content/uploads/2017/02/slide3-1630x860.jpg	46.101.122.46	200 OK	121 kB
URL HTTP/2 www.hotelfruerlund.de/wp-content/uploads/2017/02/slide3-1630x860.jpg IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1630x860, components 3\012- data Size 121 kB (120951 bytes) Hash 0c67144df9ce1211758887d315b37981 7ad582affa5809a64b9e4c515e27696f38d1125e 33b85b82c0c81ed0a3f59cf6de7c402940e8cb6c9833280a65581ac6eef44daf HTTP Headers `GET /wp-content/uploads/2017/02/slide3-1630x860.jpg HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hotelfruerlund.de/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:41 GMT content-type: image/jpeg content-length: 120951 last-modified: Thu, 31 Jan 2019 18:35:56 GMT cache-control: max-age=10368000, public expires: Sun, 18 Jun 2023 03:22:41 GMT etag: "5c53400c-1d877" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2`

	www.hotelfruerlund.de/wp-content/uploads/2017/03/favi.png	46.101.122.46	200 OK	18 kB
URL HTTP/2 www.hotelfruerlund.de/wp-content/uploads/2017/03/favi.png IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type PNG image data, 32 x 32, 4-bit colormap, non-interlaced\012- data Size 18 kB (18098 bytes) Hash 0c3c229f8347fc5554c7ace9e2b6c729 7edc44ae7add77dfe325b0317a069a4bf42dc4b1 cb4cc36221fded48d1453a8bab1ec575092e15453b9d1e3b80f0086049101375 HTTP Headers `GET /wp-content/uploads/2017/03/favi.png HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hotelfruerlund.de/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:41 GMT content-type: image/png content-length: 18098 last-modified: Thu, 31 Jan 2019 18:28:54 GMT cache-control: max-age=10368000, public expires: Sun, 18 Jun 2023 03:22:41 GMT etag: "5c533e66-46b2" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5b1775b8f4f9ebbac7a1572afa4e4f92 7c7c748730a9422b0f5f9bcdde36a91c9639c595 a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946" Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4843 Expires: Sat, 18 Feb 2023 04:43:25 GMT Date: Sat, 18 Feb 2023 03:22:42 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5b1775b8f4f9ebbac7a1572afa4e4f92 7c7c748730a9422b0f5f9bcdde36a91c9639c595 a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946" Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4843 Expires: Sat, 18 Feb 2023 04:43:25 GMT Date: Sat, 18 Feb 2023 03:22:42 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5b1775b8f4f9ebbac7a1572afa4e4f92 7c7c748730a9422b0f5f9bcdde36a91c9639c595 a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946" Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4843 Expires: Sat, 18 Feb 2023 04:43:25 GMT Date: Sat, 18 Feb 2023 03:22:42 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5b1775b8f4f9ebbac7a1572afa4e4f92 7c7c748730a9422b0f5f9bcdde36a91c9639c595 a1685273829a7672a3fa089525b959f1f95f11c0a5c0d09fbbf1f4667b3f7946 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A1685273829A7672A3FA089525B959F1F95F11C0A5C0D09FBBF1F4667B3F7946" Last-Modified: Fri, 17 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4843 Expires: Sat, 18 Feb 2023 04:43:25 GMT Date: Sat, 18 Feb 2023 03:22:42 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b24d1f6-0bfe-423b-8a41-cab14cdafb36.jpeg	34.120.237.76	200 OK	6.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b24d1f6-0bfe-423b-8a41-cab14cdafb36.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.4 kB (6437 bytes) Hash e1699d358c4b2c0326b3a75820c6c6c2 8899a75752d0a9f5e291d9a10794168130371a6b 82949c9a8d6714d87e0dec97188cade8a0198120cbd19a5ff58e3f2a276de3e5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b24d1f6-0bfe-423b-8a41-cab14cdafb36.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6437 x-amzn-requestid: a1e59bc0-b46f-4f14-bd4b-6a08314e0e9c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: AgLzQFEgIAMF9dA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63eff347-7be05f285f87bae55580f76c;Sampled=0 x-amzn-remapped-date: Fri, 17 Feb 2023 21:36:07 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: GOjeIreI6LIb1ksnW3SZZ4U4avBmuHjq5mikAcRt7PgX5z9JbXoyIg== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Fri, 17 Feb 2023 21:48:48 GMT age: 20034 etag: "8899a75752d0a9f5e291d9a10794168130371a6b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe6ec09c-2481-4d93-aee3-3dde17537f86.jpeg	34.120.237.76	200 OK	8.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe6ec09c-2481-4d93-aee3-3dde17537f86.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.5 kB (8512 bytes) Hash e5db8e1b0d268a25b3c85656ae3bf3fa 4540144d4c551f4784574f462479a7ce1760c307 3ef7c30f92193ac28f1676918f122658b989c5ebfb3477f5b3f721e9fc5699fd HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe6ec09c-2481-4d93-aee3-3dde17537f86.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8512 x-amzn-requestid: e6899f84-7a7a-44d2-bbf9-77707586e52e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: AgLzQF3pIAMFlGA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63eff347-170dd53314f1c984350bb56c;Sampled=0 x-amzn-remapped-date: Fri, 17 Feb 2023 21:36:07 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 2yy08A3kfegH7SIWpYd78MJo_przB-p4VzXLv_9tKNMLFQpMsqYEMA== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Fri, 17 Feb 2023 21:48:51 GMT age: 20031 etag: "4540144d4c551f4784574f462479a7ce1760c307" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1bbb831-0f0c-4e8b-a058-3df51f84441e.jpeg	34.120.237.76	200 OK	8.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1bbb831-0f0c-4e8b-a058-3df51f84441e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.7 kB (8738 bytes) Hash f23ca4e9814484b5b5a9f4aaebe55b3c 60e9086d089b969a0032112556ec017121a28737 08542994657c166e9fef6a8c36e545470d29ae5795b9a69c189018bab1c386d2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1bbb831-0f0c-4e8b-a058-3df51f84441e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8738 x-amzn-requestid: 23d71f32-9933-43d5-b001-65450ce5a37f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ARAqjETloAMFZtg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e9e176-2a7c93f00cd2b8745bc420e7;Sampled=0 x-amzn-remapped-date: Mon, 13 Feb 2023 07:06:30 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ORxQclwKNrPCpNyGGzceha7rMPocaWKPwIp4kwX7eWIP8mIQQS8MHw== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google date: Fri, 17 Feb 2023 14:39:37 GMT age: 45785 etag: "60e9086d089b969a0032112556ec017121a28737" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (14477 bytes) Hash 504b69ec2b6350345c36777959b0765a c302824325b8f0839c7de54af9c5bd02541e4269 6e3a5b1cd7d17a9f448b8189d5683567269b3b3d461838770482283898008f39 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 14477 x-amzn-requestid: 2544b5cc-3fb0-4536-88ec-8cb9044fb612 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ANtsXFBYoAMF6tA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e88fe8-452901f67af9f5d95ccc61c3;Sampled=0 x-amzn-remapped-date: Sun, 12 Feb 2023 07:06:16 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: QTHmfrEThwRtGFhI3YpLu-1RUIdMM_QrCg5mnH9FT3SQf62cYUdj7A== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Fri, 17 Feb 2023 06:57:56 GMT age: 73486 etag: "c302824325b8f0839c7de54af9c5bd02541e4269" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b480279-2590-4382-81b1-24b027e07e23.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b480279-2590-4382-81b1-24b027e07e23.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11525 bytes) Hash e69d793b99a3580240403d04ac2aa684 4d27074ad95bd4bde2fb79f4b2ecb11434b3c8c8 3ead4940dbccbae1663545f603abf717d3e27726469bbf6939a18cd9c74bbc8b HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b480279-2590-4382-81b1-24b027e07e23.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11525 x-amzn-requestid: 6976315f-a5c5-4268-ba27-ee4407b86407 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: AgMITFBioAMFweg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63eff3ce-0b750d8e643e823042d5cf88;Sampled=0 x-amzn-remapped-date: Fri, 17 Feb 2023 21:38:22 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: klbTkdAZ65NP8L84NTsLd-fnxt0rzUa_gqtFp4gkRqzbl4rCaG0JJg== via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google date: Fri, 17 Feb 2023 21:52:10 GMT age: 19832 etag: "4d27074ad95bd4bde2fb79f4b2ecb11434b3c8c8" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56003924-e7e6-4f4a-b1d1-31bde499e56a.jpeg	34.120.237.76	200 OK	9.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56003924-e7e6-4f4a-b1d1-31bde499e56a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.9 kB (9894 bytes) Hash 848745d081ceb438f5d304081814c2d1 f736a1755fd9a2b5a5721602ac3b7758abc50396 0762a9fc3b2340aa961897519d33adb7c0f36949abb8a083c6c3b056f2bc1f98 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56003924-e7e6-4f4a-b1d1-31bde499e56a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9894 x-amzn-requestid: f05182eb-fde7-41b5-b8ef-81b3d46e1562 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: AgMSDFtEoAMFXXw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63eff40c-74d0ec195c13b0035d470b9d;Sampled=0 x-amzn-remapped-date: Fri, 17 Feb 2023 21:39:24 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: EMQT1x95fJst2a_YGeVy-gFqT4WuSzCDGRvzlxQ96S6BOtVYqBpmmQ== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Fri, 17 Feb 2023 21:57:44 GMT age: 19498 etag: "f736a1755fd9a2b5a5721602ac3b7758abc50396" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 1d265a8dd327a623f78bca3983a79e02 61e62434256bfbb2a88b27f50b059c03580300ca cada3b43d2add1edbac39f050ec315498f12b2ec3c8ea1061322054ec5c56549 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 18 Feb 2023 03:22:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.hotelfruerlund.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	46.101.122.46	200 OK	0 B
URL HTTP/2 www.hotelfruerlund.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hotelfruerlund.de/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:48 GMT content-type: application/javascript; charset=utf-8 last-modified: Wed, 09 Dec 2020 04:25:56 GMT cache-control: max-age=31536000, public expires: Sun, 18 Feb 2024 03:22:48 GMT etag: W/"5fd051d4-2bd8" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2`

	www.hotelfruerlund.de/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js	46.101.122.46	200 OK	0 B
URL HTTP/2 www.hotelfruerlund.de/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js IP 46.101.122.46:0 ASN #14061 DIGITALOCEAN-ASN File type Size 0 B (0 bytes) Hash HTTP Headers `GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1 Host: www.hotelfruerlund.de User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.hotelfruerlund.de/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK server: nginx date: Sat, 18 Feb 2023 03:22:41 GMT content-type: application/javascript; charset=utf-8 last-modified: Tue, 08 Nov 2022 14:14:39 GMT cache-control: max-age=31536000, public expires: Sun, 18 Feb 2024 03:22:41 GMT etag: W/"636a644f-2063" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML