Report - bestes-reisebuero.de/

Report Overview

Submitted URL
bestes-reisebuero.de/
IP
92.51.134.215
ASN
#8972 Host Europe GmbH
Submitted
2022-09-11 06:14:19
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	954 B	65 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
app.usercentrics.eu	12624	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	231 kB	35.190.14.188
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	834 B	12 kB	104.17.25.14
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	510 B	2.2 kB	142.250.74.10
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	2.4 kB	142.250.74.164
api.usercentrics.eu	11845	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	9.2 kB	35.241.3.184
kit-pro.fontawesome.com	21124	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	137 kB	104.18.23.52
bestes-reisebuero.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	534 B	92.51.134.215
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
aggregator.service.usercentrics.eu	14703	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	697 B	7.4 kB	34.120.28.121
graphql.usercentrics.eu	14191	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	751 B	34.120.238.166
www.backend.tcautor.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	456 B	489 kB	5.175.22.217
booking.traveltermin.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	2.1 kB	134.119.241.212
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	48 kB	34.120.237.76
ocsp.starfieldtech.com	6616	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	334 B	2.4 kB	192.124.249.22
www.prive.eu	208682	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	833 B	8.6 kB	159.69.215.183
www.robertz.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	19 kB	3.8 MB	5.175.22.217
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.4 kB	11 kB	142.250.74.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.149.101.24
backend.tcautor.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	274 kB	5.175.22.217
khms0.googleapis.com	4926	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	16 kB	142.250.74.74
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.33.119.27
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	736 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-11	medium	bestes-reisebuero.de/	Phishing
2022-09-11	medium	www.robertz.de/fonts/flaticon/Flaticon.woff2	Phishing
2022-09-11	medium	www.robertz.de/assets/js/jquery-3.4.1_plusUI.min.js	Phishing
2022-09-11	medium	www.robertz.de/assets/js/core.min.js	Phishing
2022-09-11	medium	www.robertz.de/assets/js/vendor_bundle.min.js	Phishing
2022-09-11	medium	www.robertz.de/assets/fonts/flaticon/Flaticon.woff2	Phishing
2022-09-11	medium	www.robertz.de/assets/js/scripts.min.js?_=1662876839219	Phishing
2022-09-11	medium	www.robertz.de/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1662876839220	Phishing
2022-09-11	medium	www.robertz.de/assets/js/vendor.swiper.min.js	Phishing
2022-09-11	medium	www.robertz.de/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (35)

	URL	Size	First Seen	Last Seen
	app.usercentrics.eu/latest/bundle.js	1.2 MB	2023-03-07	2023-03-17
Pretty URL app.usercentrics.eu/latest/bundle.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-03-17 12:46:30 Times Seen1 Hash bae63ec48c1886ffdc8617dabf6ea4a7 b7a5c6d82215a6ab6b0e20fb8a52beb24335b0db e9de45fb3308d149f5925893839eacf25298c71a5ed223d7ed2ca937b5d52004 Loading...

	www.robertz.de/	10 kB	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash bc181d89c903325ebfff3cc312b3fa25 5d24d486f72d8e5d978fb9239bce0e98e9df6211 c7a047fdc86d0e046d89b5ec7d63a7be79c761e8c7971eed21c0b230f245a157 Loading...

	maps.gstatic.com/maps-api-v3/embed/js/50/4/intl/de_ALL/init_embed.js	226 kB	2023-03-07	2023-03-07
Pretty URL maps.gstatic.com/maps-api-v3/embed/js/50/4/intl/de_ALL/init_embed.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:02:21 Last Seen2023-03-07 16:08:27 Times Seen1 Hash 56548e9dbe5996b80856c441339f7372 8f7da207b6940b6fa64c78e2dad109a339619294 b1586f35d93da8c245139d681a475c01641ec3dd846b688e08a3aceabdb258b0 Loading...

	www.robertz.de/	7.9 kB	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 269f13584fe0b6ffe232701487e42478 cf83bc0e51753e938c0bd704fe6c84e8c5a686c2 c10fea60a9bfd1a76e8a0c9bc550de49668a3529b971a058ae1826beba17e51b Loading...

	booking.traveltermin.de/button?IpdVpkq9Li	4.3 kB	2023-03-07	2023-03-17
Pretty URL booking.traveltermin.de/button?IpdVpkq9Li IP 134.119.241.212 ASN #34011 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:45 Last Seen2023-03-17 12:39:05 Times Seen1 Hash f12b23d058146b2242e497bd62ae6ef1 260e0bd908abfd3b75ebaa39212461b405715aa0 a333159fd381dc4d3e07ce48957fd55d84858c9a48e8e3adc8a56c7343a275f5 Loading...

	app.usercentrics.eu/latest/main.js	25 kB	2023-03-07	2024-04-18
Pretty URL app.usercentrics.eu/latest/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-04-18 15:22:55 Times Seen360 Hash 2f6ee33ec707f2be99eab89a14bf538d f2164827c88ba17ef1488c6c976b27cc1376f2a3 c33a649699a0dba95a5914251da89c9a6439c07cad273e1138245c012169738b Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d50.8518987496633&2d6.228794884300774&2m2&1d50.98608404598944&2d6.49283691900706&2u13&4sde&5e0&6sm%40617000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._4b4tww&client=google-maps-embed&token=25659	24 kB	2023-03-07	2023-03-07
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d50.8518987496633&2d6.228794884300774&2m2&1d50.98608404598944&2d6.49283691900706&2u13&4sde&5e0&6sm%40617000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._4b4tww&client=google-maps-embed&token=25659 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:28 Last Seen2023-03-07 14:38:28 Times Seen1 Hash 237811efc283672d8b1e0c2d49dba22c 5a4c8587ebcb5d9179ee883e247d61bf742223be 1dcb41469e39e1a78e20924a60ef8021ced59e6856ab1d87e3b1af0e7ed06b92 Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7swxxpuc&10e1&callback=_xdc_._txy8g3&client=google-maps-embed&token=85159	62 B	2023-03-07	2023-03-07
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7swxxpuc&10e1&callback=_xdc_._txy8g3&client=google-maps-embed&token=85159 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:28 Last Seen2023-03-07 14:38:28 Times Seen1 Hash b04177ad0def9c4b4e78f91fbd1669f3 9260edb9da43e9ad5664c85208894b21d2e0143c 03d65e8b5d5c2df1f99e36b6c60e244dd9e31e16591d22c9333267ed548f7ad8 Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7swxxpw7&10e1&callback=_xdc_._vq23y1&client=google-maps-embed&token=30204	62 B	2023-03-07	2023-03-07
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7swxxpw7&10e1&callback=_xdc_._vq23y1&client=google-maps-embed&token=30204 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:28 Last Seen2023-03-07 14:38:28 Times Seen1 Hash c923dc87c08903c9820e78d49f8c8ef3 aae41c9fc3600e2c0ec048c1e473c6aaef9ac949 3aa432534a0c5a7938ce88b1c6f4e250fc2fef9ec24d22e97bbaa72ca4d442e0 Loading...

	www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2526.786715193806!2d6.177955315201229!3d50.70534237684755!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c09d15cd13d4a9%3A0x71bd550f4d1d0bce!2sReiseb%C3%BCro%20Robertz!5e0!3m2!1sde!2sde!4v1617715148434!5m2!1sde!2sde	3.6 kB	2023-03-07	2023-03-07
Pretty URL www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2526.786715193806!2d6.177955315201229!3d50.70534237684755!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c09d15cd13d4a9%3A0x71bd550f4d1d0bce!2sReiseb%C3%BCro%20Robertz!5e0!3m2!1sde!2sde!4v1617715148434!5m2!1sde!2sde IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:28 Last Seen2023-03-07 14:38:28 Times Seen1 Hash 686248d7012900586c073f40a1d1c1c4 463008ff252a73d69a2f3ad00b798357dde273df bb315dd453a258009babf9238097923f0ff1b0035115deb0af4d4eaa35d8b3a9 Loading...

	maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de&region=de&callback=onApiLoad	174 kB	2023-03-07	2023-03-07
Pretty URL maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de&region=de&callback=onApiLoad IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:28 Last Seen2023-03-07 14:38:28 Times Seen1 Hash aee2f17475232af3d5de3d564aa91a94 68acab41419292a7b7f8549223cbea063cc14d3b 1f371b22f90f11ab4520ae9f613bb41ae3d8ff9a3b085c308e3290759f984fde Loading...

	maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&callback=_xdc_._lkdbea&client=google-maps-embed&token=84694	62 B	2023-03-07	2023-03-17
Pretty URL maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&callback=_xdc_._lkdbea&client=google-maps-embed&token=84694 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-03-17 12:55:46 Times Seen1 Hash 0e17a392d717b51a588445d5d37fde38 bf28db243e1250adcbc26ead733c95fde9b8ff9d e8787b986ce1452c351a4976cb95b95be50429a278530debf91d524e72a65ec8 Loading...

	www.robertz.de/	9.5 kB	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash b37c16552c444a1e10761ac0a8a4191f d845da399730dcfffebeafe2fcc743faf4b6f482 3039ad005dab183cf141a88f50b31a88ec72af6469f1dda66e6d4816ef6d8381 Loading...

	www.robertz.de/	141 kB	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 6c4b78281edfb785e3a4c763912719a6 d9d9134ce3dbd015001d53d733d0253f32932b5d 0b0d7f064405e1ece0b32d80e4f5ebcdf52a95c34c4cfcb4194dfdda2e92138a Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d50.696904587631344&2d6.16357730704814&2m2&1d50.71375535899729&2d6.196735276510168&2u16&4sde&5e0&6sm%40617000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._dkt30&client=google-maps-embed&token=2805	26 kB	2023-03-07	2023-03-07
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d50.696904587631344&2d6.16357730704814&2m2&1d50.71375535899729&2d6.196735276510168&2u16&4sde&5e0&6sm%40617000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._dkt30&client=google-maps-embed&token=2805 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:28 Last Seen2023-03-07 14:38:28 Times Seen1 Hash 94d4afc9c48d5d4897a891a42df8b0fd 6dc68048850c8f80c237289b2423d9ed74915aa0 1e4b461965fcf543329746749256cfe94c8574ec8f6b4045b7f4a376de18dcf8 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/controls.js	93 kB	2023-03-07	2023-03-07
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/controls.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:42 Last Seen2023-03-07 15:29:04 Times Seen1 Hash 599a5c61e28bb0d21d1b1e166dfed6a8 eabf1ee66b1f18f15cdc0cc59c3b862def19da6f 532de4d7b8fd87927947392e2ada697db0bcf794e8733084d691c23ef7a7b279 Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d50.86869329064773&2d6.280044977808092&2m2&1d50.970674115326645&2d6.441240474881217&2u10&4sde&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._42s68i&client=google-maps-embed&token=29525	3.1 kB	2023-03-07	2023-03-17
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d50.86869329064773&2d6.280044977808092&2m2&1d50.970674115326645&2d6.441240474881217&2u10&4sde&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._42s68i&client=google-maps-embed&token=29525 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:46 Last Seen2023-03-17 12:39:05 Times Seen1 Hash f7931fccd062f38557c06b4078458221 1d2e59fada0e9c3dc357775f7aa371a8ba396459 5af4bf69768a493d67068ae8b6ce6bedaea7d81cc767f6c40782375896f06d76 Loading...

	www.robertz.de/assets/js/jquery-3.4.1_plusUI.min.js	342 kB	2023-03-07	2023-03-29
Pretty URL www.robertz.de/assets/js/jquery-3.4.1_plusUI.min.js IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 9e0b7c6f995445028697316f74ac529d 19017a63f3c3716758d003319be5bdbb82bb816c b63b95393e3b4d95fdcaf2c499d3e3b5bf230d0b3b115748a3beefc42aa2b753 Loading...

	www.robertz.de/assets/js/core.min.js	279 kB	2023-03-07	2023-03-17
Pretty URL www.robertz.de/assets/js/core.min.js IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-17 12:39:05 Times Seen1 Hash d185bd1dfdc64366e486dbbdbb8b1e0b 61de9d69c59be9b7859d2e6d1537bfaf076fad51 d74587ea895404943e576fb691bbf01c684fbc2887b30c08026738865bf0ad4c Loading...

	www.robertz.de/	1.7 kB	2023-03-07	2023-03-17
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-03-17 12:39:05 Times Seen1 Hash 1a1a0808e412aaef1ec7d5821e3b2142 e151a173dcd5664bc3b003d9d6339faa84dd1f43 d03ea1a7d7805402048a204da3d2c749ebc339bcd72ecf43e145095a56bbc964 Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d50.69879621863417&2d6.1702958721797865&2m2&1d50.71160280487128&2d6.190125425063064&2u13&4sde&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._qo3qyx&client=google-maps-embed&token=66653	3.0 kB	2023-03-07	2023-03-17
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d50.69879621863417&2d6.1702958721797865&2m2&1d50.71160280487128&2d6.190125425063064&2u13&4sde&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._qo3qyx&client=google-maps-embed&token=66653 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:46 Last Seen2023-03-17 12:39:05 Times Seen1 Hash 32436c5dd0410585a6fd578c093eb3f1 983f6148d260c35a02e9a0935d57a974eace4ff1 b4efd762b04c5fcb68d048ec4da602f636e5a866036f8241136d6b99e283414e Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7swxxr2r&10e1&callback=_xdc_._db8f11&client=google-maps-embed&token=67729	62 B	2023-03-07	2023-03-07
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7swxxr2r&10e1&callback=_xdc_._db8f11&client=google-maps-embed&token=67729 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:28 Last Seen2023-03-07 14:38:28 Times Seen1 Hash abe067922e35d9bb903a7ef50e34a70c 8b9d2af2069742a8e5220a2c41412ff43cc08356 e225036074b8f8cd1af5328925458586fec58c778f229f9e07e6dd63e59e175c Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 18:50:12 Times Seen37044062 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/overlay.js	3.6 kB	2023-03-07	2023-03-17
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/overlay.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:45:21 Last Seen2023-03-17 11:36:14 Times Seen1 Hash 2d774d8969534d45af0df5bc94ec8f7e 70a6199937c7176ca64c64a90e76e41d0a546d4d b0d43a28c161dbd82647123b0863755d861e79d9b1da75f6dfef141cdb0d2656 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/search_impl.js	2.8 kB	2023-03-07	2023-03-07
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/search_impl.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:42 Last Seen2023-03-07 16:12:36 Times Seen1 Hash bd2b9023a1b9dd5117e895a83a60b81c fe74a1914a7b6d6ad5fc1b1d120d12e53cb22b6b 876f5021f81008a31b82fb683dc2ac0018a2aab03bb81a78ca6d07f5a76952d2 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js	28 kB	2023-03-07	2024-03-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2024-03-04 15:30:38 Times Seen275 Hash 1d6ae7e6b82dd230033595eac215ac28 4feda8ad306195d129c2d9bc918150979c68a726 29af286f1b07342cfa1fd851a65f17e105775e68715b2a81a64fc4a476328fd9 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/common.js	252 kB	2023-03-07	2023-08-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:42 Last Seen2023-08-11 03:38:40 Times Seen44 Hash 9f5cadd32155c1b2670ff333de9aeefe 446e4771ec9af3919880ec89e3b8a2ff32bc3ed7 6a7ef14413178cad8bc813c70ec67fb03ca397d872912a14cef7982d1f0e53f4 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/onion.js	27 kB	2023-03-07	2023-03-07
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/onion.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:42 Last Seen2023-03-07 15:29:04 Times Seen1 Hash 45b631ce6fc6624e335878b58324ebd8 92ceb8d9ec059c37effa9ff9e8a4cf8c4ecbfb8b 684803c901c8d47eb3b4916109dcd8382a0c4ff5530e936e546bd8379f0cdca4 Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7swxxr37&10e1&callback=_xdc_._xbohbn&client=google-maps-embed&token=69112	62 B	2023-03-07	2023-03-07
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7swxxr37&10e1&callback=_xdc_._xbohbn&client=google-maps-embed&token=69112 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:29 Last Seen2023-03-07 14:38:29 Times Seen1 Hash 990682095be00c757a7008e592a50816 6139803222b7a67a5f938e9a225d0853f9dc1cad 05b569c760b7f8f39ecf63e14ff3dedc089a633a6681e87020bb213c8d910909 Loading...

	www.robertz.de/	106 B	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash fc216d7510d31dde74f4401325fa1e13 eb1ccb57c28628989a36f694c96648f672069349 24b70705c3490ec56793f741d0ad5a8e2fe57e96af4b0d2c8902da125809d4cf Loading...

	www.robertz.de/assets/js/vendor_bundle.min.js	421 kB	2023-03-07	2023-03-29
Pretty URL www.robertz.de/assets/js/vendor_bundle.min.js IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:26 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 2b5b6c884ee703467573b96a50275262 451d0a95b007aff5d246263ea65dda904a7c41c2 5b28a15fae3f9860278e2133e3c9e7348cb6ab4db151db86406afd04800c3aaa Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/util.js	162 kB	2023-03-07	2023-08-11
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:42 Last Seen2023-08-11 03:38:40 Times Seen44 Hash f9a4689508edcdd96ed098a12809b61a 26ab730e415a8f03c7210eb199d4a5265e145b81 22df11c17fe7fd004d8c7ee1299f535098297f521c01b901fc2f69f2885f794f Loading...

	www.robertz.de/	132 B	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 206d3035e76fe3cddd8a2a036fddef75 0ea3fd3e269c16e3dc467d340dc107ba72b47c55 1309ebd1087c85cff2a226e2ae661bcfba4c1de0fc31b2f8233a40b38f8842f3 Loading...

	www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d20121.212314762954!2d6.342435539550781!3d50.9209137!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47bf5eab1cac4f7b%3A0x77db4736472c743d!2sReiseb%C3%BCro%20Robertz!5e0!3m2!1sde!2sde!4v1617714931520!5m2!1sde!2sde	3.6 kB	2023-03-07	2023-03-07
Pretty URL www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d20121.212314762954!2d6.342435539550781!3d50.9209137!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47bf5eab1cac4f7b%3A0x77db4736472c743d!2sReiseb%C3%BCro%20Robertz!5e0!3m2!1sde!2sde!4v1617714931520!5m2!1sde!2sde IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:38:29 Last Seen2023-03-07 14:38:29 Times Seen1 Hash e33d36b3be1cb971c558c18249a3b100 59b7808844ae2db30000f587f9e5409e7917cd3e 1e899736b63bb3213dbeaf6e89daa526d5c65da4e4e0af22b9f126b841cf8e11 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/map.js	72 kB	2023-03-07	2023-03-07
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/4/intl/de_ALL/map.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:42 Last Seen2023-03-07 15:29:04 Times Seen1 Hash 0650759c404488ceea22eed7f829a6f4 c5190fd6ea0e96b3be480c341a8d92a8382eb0db b1c43d1131b335d10b66354fd66c675c4906bb2c3cb22290c80c20d60e96c52e Loading...

HTTP Transactions (107)

URL IP Response Size

bestes-reisebuero.de/

92.51.134.215

301 Moved Permanently

301 B

URL HTTP/1.1
bestes-reisebuero.de/
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
301 B (301 bytes)
Hash
151cbf7d9ef69d5f5de1356289733878
70391b418e6448b71b445fb44d7ac908a4099ea6
774391698cb80a8fbc5031a53ac71274318345fa3f52567466329d74b3475714

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: bestes-reisebuero.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 11 Sep 2022 06:14:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 301
Connection: keep-alive
Location: https://www.robertz.de/
X-Powered-By: PleskLin

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 06:07:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G5k9sBza5dXJTOypArDODTaX--RDO1CWir5eM_5MN3zg2QTU17n7Gw==
Age: 405

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17125
Expires: Sun, 11 Sep 2022 10:59:32 GMT
Date: Sun, 11 Sep 2022 06:14:07 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QkjYDWMevnCaIFGYxMvfEoadd13WGOga3gWzGCGqyii0LchKh3c69w==
age: 82615
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 06:14:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f42a9d7d16db20e8ca72936a1346502a
ac31c9eb9e3571bdb4e25b9fdbce9c3f36d6364d
8079629e0deaee1dcc9ad9e50d4eb3a94b862b99ae416e7f30c8d3de9657a290

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8079629E0DEAEE1DCC9AD9E50D4EB3A94B862B99AE416E7F30C8D3DE9657A290"
Last-Modified: Fri, 09 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 11 Sep 2022 12:14:08 GMT
Date: Sun, 11 Sep 2022 06:14:08 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 11 Sep 2022 05:56:07 GMT
Expires: Sun, 11 Sep 2022 06:17:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Fv7Hr-Yp-JeXdBxcHJaGROcblRS_VAz3XorbF8BEYuRCdVvOXU-WSg==
Age: 1081

cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css

104.17.25.14

200 OK

2.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (22251)
Size
2.9 kB (2880 bytes)
Hash
4dbf1735a5370350943bce0dbad5843d
3a9d68ea18c3aa70887283c3c36b154ddd31ced8
b7cd289c437127d58b709dc9999390fe68d378d506a8a31252c74c70597e162e

HTTP Headers

GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
content-type: text/css; charset=utf-8
content-length: 2880
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-580a"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 17815209
expires: Fri, 01 Sep 2023 06:14:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTwfc2PiagNq9X7wiTR8Hr635Zuu%2BrfrVb4k6e7FYvuwVqhBnTiPfgw97spvcoQXPdEpnPWXr3okiD9nEdoWWYjxcdLEpiTnjJQsatzk2oLPM%2B0OswmnoRTN8fYGkm3RcQ8dNxRY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748e42ef88011c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 977
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:08 GMT
Last-Modified: Sun, 11 Sep 2022 05:57:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js

104.17.25.14

200 OK

6.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27931)
Size
6.4 kB (6422 bytes)
Hash
beafb90e7e7cb9afd1931dd1ce3d8a6b
ecb8187bf858a727949be0fffbadd1d018e0c169
eabdef01e87e471436dfac8d11edcd16c85d433aa854cdd695165399980ca818

HTTP Headers

GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 6422
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-6e3e"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8961160
expires: Fri, 01 Sep 2023 06:14:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztu6n6OKj%2FKGvs9JGYAMZFsr0oq%2FG6BmCBmYQhf29pTmviCqX9nD5GOte%2BniKnK7kmDzUZFPjV%2F1M%2BaASyd0C%2FxTFkBbRa58l38VPNMXe3s693PBbduXajlJ%2BFMvRc7nWCxpUTON"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748e42efbb95b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.robertz.de/fonts/flaticon/Flaticon.woff2

5.175.22.217

200 OK

37 kB

URL HTTP/2
www.robertz.de/fonts/flaticon/Flaticon.woff2
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Size
37 kB (36736 bytes)
Hash
e97e6acd6d5fae4dfb1b353ddf3dcf0f
186f523c36cdd4d80122ea6daf40106e0ce3e20d
0b56c2c2e69c2334a1881c975f0a1223b73447cd57a13f6b435b239a87de961e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 36736
content-type: font/woff2
X-Firefox-Spdy: h2

www.robertz.de/assets/css/colorpalette.min.css

5.175.22.217

200 OK

1.9 kB

URL HTTP/2
www.robertz.de/assets/css/colorpalette.min.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
assembler source, ASCII text, with very long lines (8960), with CRLF line terminators
Size
1.9 kB (1898 bytes)
Hash
475de567aa0032280982829dcfc11116
4eceb810b11b830494dc13abff7eb578c42c2f0c
e405a2f80f2edb9470ad0a5184108ea934d9e512a8ed7894e60d9d2388ce219b

HTTP Headers

GET /assets/css/colorpalette.min.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Wed, 08 Jul 2020 05:55:56 GMT
etag: "3e89-5a9e7c2ecfd8b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 1898
content-type: text/css
X-Firefox-Spdy: h2

www.robertz.de/assets/css/color_scheme/customcolor.css

5.175.22.217

200 OK

3.1 kB

URL HTTP/2
www.robertz.de/assets/css/color_scheme/customcolor.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
assembler source, ASCII text, with very long lines (582), with CRLF line terminators
Size
3.1 kB (3095 bytes)
Hash
60d56c255a871ae01312cdbdf6ec1e27
8d986fa1d7258c73f1d6d2a043fc0bea80b88ca7
598057d50bdcc975d1742a5b6e8cc49575cb5394cead95b3a4d34aa94ffa97a5

HTTP Headers

GET /assets/css/color_scheme/customcolor.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Sun, 12 Jul 2020 12:43:45 GMT
etag: "4498-5aa3decc0656d-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 3095
content-type: text/css
X-Firefox-Spdy: h2

www.robertz.de/assets/css/custom.css

5.175.22.217

200 OK

3.0 kB

URL HTTP/2
www.robertz.de/assets/css/custom.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
assembler source, ASCII text, with CRLF, LF line terminators
Size
3.0 kB (2987 bytes)
Hash
3f3dcde275d75ccd807e2e5e2f616812
e530d19c468592f6d6b2e217ca8b4b62aa6e5688
476ee261ef6f668eadf94cfffb6d64d227d6ccc1ee23659ab6f29835c61d94ac

HTTP Headers

GET /assets/css/custom.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Wed, 29 Jul 2020 14:42:41 GMT
etag: "3fbb-5ab959162640a-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 2987
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.robertz.de/images/Robertz/Team/Nadim.jpg

5.175.22.217

200 OK

13 kB

URL HTTP/2
www.robertz.de/images/Robertz/Team/Nadim.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "Created with GIMP", progressive, precision 8, 236x236, components 3\012- data
Size
13 kB (12859 bytes)
Hash
3852a6818d8136feda41e6124cfc6cc3
ce6549af4a84a1a132941ec06a160e54ff8df933
baf32cf30024c0d847421b4b06190ddb3c2fb1a6144d2781c4bbc6a23df10626

HTTP Headers

GET /images/Robertz/Team/Nadim.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Tue, 28 Jun 2022 16:20:05 GMT
etag: "323b-5e28468cded6b"
accept-ranges: bytes
content-length: 12859
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8e77d89ba91f1ae4e1eb815e6fd5c734
31278eb98e74b9a27c71377744c16adc8dbed49c
3c2b34ba7362d1f3eaa5c2836b3ce96dd5cd80eee68de01e07e7c80fd0ae06d8

HTTP Headers

POST /s/gts1d4/tkhg_zkCU7U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.robertz.de/assets/css/vendor.swiper.min.css

5.175.22.217

200 OK

4.2 kB

URL HTTP/2
www.robertz.de/assets/css/vendor.swiper.min.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (21675), with no line terminators
Size
4.2 kB (4187 bytes)
Hash
21888b586f9fd75d444d25f8e118f5d7
3f92c9c4fe3cb925d4e4f78f5af3b681b3c8c9e5
4151ce7b54bb179dd95e4b52465aeb2e0396d1868207e9ba98f8490cb1b352c0

HTTP Headers

GET /assets/css/vendor.swiper.min.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Tue, 07 Jul 2020 09:54:09 GMT
etag: "54b2-5a9d6f907ba36-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 4187
content-type: text/css
X-Firefox-Spdy: h2

www.robertz.de/assets/css/vendor_bundle.min.css

5.175.22.217

200 OK

3.8 kB

URL HTTP/2
www.robertz.de/assets/css/vendor_bundle.min.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (39344)
Size
3.8 kB (3836 bytes)
Hash
f95b5a6991b49a2d93a49c25b0507269
7ddba3d5c0fec9763dc37659af52ddc9a5fdb9ca
5c88a4b0439697d533ea190a067005a323d0a9e481b871985ebf30f8b854ed58

HTTP Headers

GET /assets/css/vendor_bundle.min.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:43 GMT
etag: "99c6-5a67923a7b3c0-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 3836
content-type: text/css
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Siegel/DER_Touristik_Partner_4C.png

5.175.22.217

200 OK

5.0 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Siegel/DER_Touristik_Partner_4C.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
PNG image data, 253 x 284, 8-bit colormap, non-interlaced\012- data
Size
5.0 kB (5009 bytes)
Hash
6cfa5757073c810990a30df5a3a5c142
f3929708377b03ea028621abfd7cc33e2cfdf3c0
42508c7e75bbaaf132edb306339680c86694005e71e2ea2c1c8cb0736949c5b8

HTTP Headers

GET /images/BilderPool/Siegel/DER_Touristik_Partner_4C.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Thu, 03 Mar 2022 07:25:15 GMT
etag: "1391-5d94b4ca70b47"
accept-ranges: bytes
content-length: 5009
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2

app.usercentrics.eu/latest/bundle.js

35.190.14.188

200 OK

230 kB

URL HTTP/2
app.usercentrics.eu/latest/bundle.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (65470)
Size
230 kB (230316 bytes)
Hash
652ef4955d0a1fd3b522b4f21cf9b416
80ef29f0962cba31b5609e11ea2c90826b228916
9e1c3f1f1611295f4a746ee5a4bbd7f0e1726bf1b2d8dbcafe42b8cb2f330aa3

HTTP Headers

GET /latest/bundle.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdv0PlPq0xBbIGIYwPir_1aNedc2PsVqRI4XLtPpBQ-c1aBU-OuvMW6hUgA2PCSD8BLtkybco1mK9WsF5QQLDGtNCg
x-goog-generation: 1659355771721227
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 230316
x-goog-meta-version: 2.17.0
content-encoding: gzip
x-goog-hash: crc32c=ILZ2ew==, md5=ZS70lV0KH9O1IrTyHPm0Fg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 230316
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Sat, 10 Sep 2022 12:14:03 GMT
expires: Sun, 11 Sep 2022 12:14:03 GMT
cache-control: public, max-age=86400, no-transform
age: 64805
last-modified: Mon, 01 Aug 2022 12:09:31 GMT
etag: "652ef4955d0a1fd3b522b4f21cf9b416"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png

5.175.22.217

200 OK

16 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
PNG image data, 454 x 133, 8-bit colormap, non-interlaced\012- data
Size
16 kB (16245 bytes)
Hash
0455fe31c325d7dd343f2850cadf4a94
7c8e5403561010cee48bd0cbd0ca22e9c04be5f1
d1e74da66036dbf70f913bf71757dfb97ad2ce1dc3c974f72306becf8defc349

HTTP Headers

GET /images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Fri, 07 Jan 2022 08:48:44 GMT
etag: "3f75-5d4fa0df2f661"
accept-ranges: bytes
content-length: 16245
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png

5.175.22.217

200 OK

15 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
PNG image data, 454 x 156, 8-bit colormap, non-interlaced\012- data
Size
15 kB (14564 bytes)
Hash
5e41153831859cf6af64b682b586a248
15597ac62ce2440e6e8972a18542567db2bac39b
52d5ee205bc379b3b4f1559493e543d0b29d90d6ef6b89316b69574b808d56f1

HTTP Headers

GET /images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Fri, 07 Jan 2022 08:48:44 GMT
etag: "38e4-5d4fa0df3705c"
accept-ranges: bytes
content-length: 14564
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/time-371226_1920.jpg

5.175.22.217

200 OK

38 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/time-371226_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
38 kB (38229 bytes)
Hash
58731c57d2c4a4705ef2a6cf5494ae00
13b8a27acf646fa51ac89e2ef4ca2d010f27cde3
4c7210d0d25aa8e279de465665cdd06a133e3456a412dd46ba51d50ad548e801

HTTP Headers

GET /images/BilderPool/Thementeaser/time-371226_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "9555-5cac1e06495a6"
accept-ranges: bytes
content-length: 38229
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg

5.175.22.217

200 OK

53 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
53 kB (52914 bytes)
Hash
2074572132e9f3e6743aa540110cc27c
965ceb90356ad01c37a5d68f032b7e0e99540f9a
193322064111e8baec20884ca8df731e5a3f99bf8fb326a0915694381613eb17

HTTP Headers

GET /images/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "ceb2-5ca8ae539421c"
accept-ranges: bytes
content-length: 52914
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/woman-4373078_1920.jpg

5.175.22.217

200 OK

55 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/woman-4373078_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
55 kB (55282 bytes)
Hash
a9f3532465426567c8c1ac1c8ec1ae61
bc42eb71d1db2559cb0d197a37d2cc6211ad98cd
48e008b189b0bfa0a9df6bc1361338a96a570331770beb2097f364eb46297196

HTTP Headers

GET /images/BilderPool/Thementeaser/woman-4373078_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "d7f2-5cac1e06512c1"
accept-ranges: bytes
content-length: 55282
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/www/robertz.de/img/logo_WEB.png

5.175.22.217

200 OK

75 kB

URL HTTP/2
www.robertz.de/www/robertz.de/img/logo_WEB.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
PNG image data, 3094 x 1605, 8-bit colormap, non-interlaced\012- data
Size
75 kB (74928 bytes)
Hash
13c968b38081445f5d6f272e75372335
23cf26c06c9b28cc80dca32e2cec05399a02c966
1f38b8099b47ae9370ef51927f8b026212c789137fa1dbb5ccf7c0d867984824

HTTP Headers

GET /www/robertz.de/img/logo_WEB.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Thu, 03 Mar 2022 07:58:32 GMT
accept-ranges: bytes
content-length: 74928
cache-control: max-age=2592000, public
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg

5.175.22.217

200 OK

79 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
79 kB (78687 bytes)
Hash
192a66bef59226d6ab6b3a5097bb2d4d
5d4ef05d8529e310115d7ee15724985469343319
f014df907df2ab80a94cd71c2267a0896ec6c7831308e92a3c726c8592a81eb1

HTTP Headers

GET /images/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1335f-5cac1e06418a1"
accept-ranges: bytes
content-length: 78687
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/vacations-2490266_1920.jpg

5.175.22.217

200 OK

114 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/vacations-2490266_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
114 kB (114078 bytes)
Hash
7d47e7c0e4644bdb9f6390233fa64b5d
309923c63deee1d97fb8dd2e70a902ee6faf7ac7
653e3553dd08d47e5a964311149365a582a90dfde032adaa54097e17882843f7

HTTP Headers

GET /images/BilderPool/Thementeaser/vacations-2490266_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1bd9e-5cac1e0664f6e"
accept-ranges: bytes
content-length: 114078
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/women-3266211_1920.jpg

5.175.22.217

200 OK

124 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/women-3266211_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
124 kB (123987 bytes)
Hash
4d620151c765ed8bdd1ddd6193f9e244
475c4f9ce545458df2a3c53b3f9767508d2b325d
3629b868912b11d754f948b8f297b7ba056e82256ee83c85fc41e401ea0dc1a6

HTTP Headers

GET /images/BilderPool/Thementeaser/women-3266211_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1e453-5cac1e06691e6"
accept-ranges: bytes
content-length: 123987
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/road-3114475_1920.jpg

5.175.22.217

200 OK

138 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/road-3114475_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
138 kB (137929 bytes)
Hash
8808244f83f82cd6238b27cbbe3aee77
be55dca9bc25da62682dfbf202fe44d7a5a06f62
e965149dc4efeb45f020927785ae74b417994f2cea94f6c281776a8409eb4e2c

HTTP Headers

GET /images/BilderPool/Thementeaser/road-3114475_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "21ac9-5cac1e0668242"
accept-ranges: bytes
content-length: 137929
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/mountaineers-5649828_1920.jpg

5.175.22.217

200 OK

177 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/mountaineers-5649828_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
177 kB (176563 bytes)
Hash
8da55968b05019655e9ecf0814bf99fc
017da0fd24e608d42fd9e3ad9686fce2fceab09f
50ed47e128d4c9293417c6f08606c8b4ca05e991790bc83d068ddb077bb7a6f0

HTTP Headers

GET /images/BilderPool/Thementeaser/mountaineers-5649828_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "2b1b3-5cac1e0667e58"
accept-ranges: bytes
content-length: 176563
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/Robertz/Sonderreisen/2023_douro/Dourotal_2023_Teaser.jpg

5.175.22.217

200 OK

245 kB

URL HTTP/2
www.robertz.de/images/Robertz/Sonderreisen/2023_douro/Dourotal_2023_Teaser.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1260x860, components 3\012- data
Size
245 kB (245098 bytes)
Hash
5222d6d387662013bd7de8cafb3880b7
100376302444e5e425af578536be126cec89ba9e
982289b28aeb3839fe78a3fd9bac5951971c3b417438dc25510224939b6f5ac5

HTTP Headers

GET /images/Robertz/Sonderreisen/2023_douro/Dourotal_2023_Teaser.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Wed, 07 Sep 2022 14:51:51 GMT
etag: "3bd6a-5e81773f7aa75"
accept-ranges: bytes
content-length: 245098
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9c37142b3fa3fb3d82dd8352961fd2bd
72fab8ebf5b3942f700efb9d4be2cc3a2f351cff
f1f7f4539711dd25b1f8a8211d2357b8b44aa34e3464aaaaf0a938b0bc95f919

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1F7F4539711DD25B1F8A8211D2357B8B44AA34E3464AAAAF0A938B0BC95F919"
Last-Modified: Sat, 10 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Sun, 11 Sep 2022 12:13:13 GMT
Date: Sun, 11 Sep 2022 06:14:08 GMT
Connection: keep-alive

www.robertz.de/images/Robertz/Sonderreisen/2023_ostsee-oder/2023_kultour_kreuzfahrt_teaser.jpg

5.175.22.217

200 OK

394 kB

URL HTTP/2
www.robertz.de/images/Robertz/Sonderreisen/2023_ostsee-oder/2023_kultour_kreuzfahrt_teaser.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "Created with GIMP", progressive, precision 8, 1260x860, components 3\012- data
Size
394 kB (393584 bytes)
Hash
f51e6ae37f5a6725e91f8dfe90751218
401450013faed0a350a16741ec91b7a9cac1d6dd
2ecd15ac2f69b67784e4a621a7f99b16aebf75641d789ab511717b0f6a13f353

HTTP Headers

GET /images/Robertz/Sonderreisen/2023_ostsee-oder/2023_kultour_kreuzfahrt_teaser.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Wed, 27 Jul 2022 15:35:52 GMT
etag: "60170-5e4cb2c193ac4"
accept-ranges: bytes
content-length: 393584
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9c37142b3fa3fb3d82dd8352961fd2bd
72fab8ebf5b3942f700efb9d4be2cc3a2f351cff
f1f7f4539711dd25b1f8a8211d2357b8b44aa34e3464aaaaf0a938b0bc95f919

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1F7F4539711DD25B1F8A8211D2357B8B44AA34E3464AAAAF0A938B0BC95F919"
Last-Modified: Sat, 10 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Sun, 11 Sep 2022 12:13:33 GMT
Date: Sun, 11 Sep 2022 06:14:08 GMT
Connection: keep-alive

fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.10

200 OK

1.5 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 kB (1502 bytes)
Hash
ba374f3facba86ae4252aa1ca12da29b
f47ce6f5109c683307912cc11fb4e5294398faed
ecd7746c3323522defd9ba37498d98526adcd45142f1bc0b0d42824859f5b650

HTTP Headers

GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 06:14:08 GMT
date: Sun, 11 Sep 2022 06:14:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9c37142b3fa3fb3d82dd8352961fd2bd
72fab8ebf5b3942f700efb9d4be2cc3a2f351cff
f1f7f4539711dd25b1f8a8211d2357b8b44aa34e3464aaaaf0a938b0bc95f919

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1F7F4539711DD25B1F8A8211D2357B8B44AA34E3464AAAAF0A938B0BC95F919"
Last-Modified: Sat, 10 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 11 Sep 2022 12:14:08 GMT
Date: Sun, 11 Sep 2022 06:14:08 GMT
Connection: keep-alive

www.robertz.de/assets/css/core.min.css

5.175.22.217

200 OK

41 kB

URL HTTP/2
www.robertz.de/assets/css/core.min.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Unicode text, UTF-8 text, with very long lines (65516)
Size
41 kB (41057 bytes)
Hash
06249bcfa64e75d0dd5d3e77f960cdd9
078839991c838dd732613ae7a8b4d1201aca8017
99fae1a53fa84932d6a5c938f27b7e776b99c7b27e3709a51f28d84ca65b9306

HTTP Headers

GET /assets/css/core.min.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:44 GMT
etag: "50315-5a67923b6f600-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 41057
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8e77d89ba91f1ae4e1eb815e6fd5c734
31278eb98e74b9a27c71377744c16adc8dbed49c
3c2b34ba7362d1f3eaa5c2836b3ce96dd5cd80eee68de01e07e7c80fd0ae06d8

HTTP Headers

POST /s/gts1d4/tkhg_zkCU7U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.robertz.de/assets/js/jquery-3.4.1_plusUI.min.js

5.175.22.217

200 OK

85 kB

URL HTTP/2
www.robertz.de/assets/js/jquery-3.4.1_plusUI.min.js
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
85 kB (85178 bytes)
Hash
d12f6a571f27f8f789cf30b5b17bfeea
6b61e7dbdb4fe26ca656015704e4e0270f2e3c05
1f278360aad59de34a97aeebd39d19149d60ccacb878ee9ebc3cbb398bd75437

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery-3.4.1_plusUI.min.js HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Sat, 04 Jul 2020 16:32:09 GMT
etag: "53745-5a9a02ed31440-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 85178
content-type: application/javascript
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.149.101.24

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.101.24:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TOKOaHUp9q97iNyW7W9Atg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hsteKKWkgF5FzNBtCyGEKBrT20A=

www.robertz.de/assets/js/core.min.js

5.175.22.217

200 OK

64 kB

URL HTTP/2
www.robertz.de/assets/js/core.min.js
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65512)
Size
64 kB (64543 bytes)
Hash
21485a5c91a6e030255faa364281aa40
69e8f4ae330ece58c4c9dc6fa319187d907bc2bd
af79c3c862f29c5011444e6c6a4259961c61f414202b97559225b92339095f84

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/core.min.js HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Thu, 09 Jul 2020 18:02:01 GMT
etag: "4432f-5aa0605764a50-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 64543
content-type: application/javascript
X-Firefox-Spdy: h2

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Claudia.jpg

5.175.22.217

200 OK

44 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Claudia.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16], baseline, precision 8, 236x236, components 3\012- data
Size
44 kB (44182 bytes)
Hash
56c8f6150d913b65e5aab67b3ba62f84
ae1a6d0a553a211f0cf4fa673dfc6ed342f8cbe8
de7089fd245c1c2896802772b8c72120ecc7d66fcd972df725c9d1569af8ae4f

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Claudia.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "ac96-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 44182
content-type: image/jpeg
X-Firefox-Spdy: h2

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Nadine.jpg

5.175.22.217

200 OK

48 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Nadine.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16], baseline, precision 8, 235x236, components 3\012- data
Size
48 kB (47748 bytes)
Hash
431793fe981ba51d3b6281986775045c
6b2ae55ed6162eac106b6149e1774bc7f94bd324
7496b26a859adfd8e480d681110c18d952b79bf7da7ed06e7e28968d9be66aa8

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Nadine.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "ba84-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 47748
content-type: image/jpeg
X-Firefox-Spdy: h2

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Julia.jpg

5.175.22.217

200 OK

12 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Julia.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 236x236, components 3\012- data
Size
12 kB (12259 bytes)
Hash
a8194c06c8a8d294277daa462319d516
7a506471abff545dc237fd28cecd026b3637698f
b0df99082d55ea503390a5b00e84e450747dc5a4f891fe362481ac2e70a98185

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Julia.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "2fe3-5bf4e5b3d1c51"
accept-ranges: bytes
content-length: 12259
content-type: image/jpeg
X-Firefox-Spdy: h2

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Michael.jpg

5.175.22.217

200 OK

12 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Michael.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 236x236, components 3\012- data
Size
12 kB (11836 bytes)
Hash
7366bcfcda634ede8deb3d9c355a8b91
92f9e20b7355c4784e755f8c569ee2a5173d2168
7655969dad71f9c7b976b4e97c83bcaea8230e6cf2a48c17b591fd68362d059a

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Michael.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "2e3c-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 11836
content-type: image/jpeg
X-Firefox-Spdy: h2

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Sabrina.jpg

5.175.22.217

200 OK

44 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Sabrina.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=GIMP 2.8.22, datetime=2018:06:08 15:13:15], progressive, precision 8, 236x236, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-25701, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 197.285858, slope 0.000169\012- data
Size
44 kB (44238 bytes)
Hash
3f10608c9147bb7f2c6ed6d2d127d7a0
1aeb71c57ac6e2e9ab78ff28d9238bc26b83a67c
9eb3343464fc4fbf0e6e1d554d49f0e7eca0c5b6bf69abd3faf55b352788bce8

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Sabrina.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "acce-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 44238
content-type: image/jpeg
X-Firefox-Spdy: h2

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Britta.jpg

5.175.22.217

200 OK

52 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Britta.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16], baseline, precision 8, 236x236, components 3\012- data
Size
52 kB (51830 bytes)
Hash
f5eb98bfc65d1965e8d436efee6102cc
0a39804268d9f4a2c24a910bdf0b9bc3f0921d6d
2cae6eef310345f33a06ed4ddbc645d0def20687e9cc332f051b9d57170b9f7a

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Britta.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "ca76-5bf4e5b3ec77a"
accept-ranges: bytes
content-length: 51830
content-type: image/jpeg
X-Firefox-Spdy: h2

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Melanie.jpg

5.175.22.217

200 OK

60 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Melanie.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, xresolution=174, yresolution=182, resolutionunit=2, software=GIMP 2.8.22, datetime=2018:06:08 15:18:14], progressive, precision 8, 236x236, components 3\012- data
Size
60 kB (60279 bytes)
Hash
dc2176c3173039123f7bd12a81306dda
9e4c94c2e2e0ca5fe5a1250294700613660321b6
d91036d1030fc79849ec5ac99b29a6ef2d1769e420fb100074b380a15c1679e8

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Melanie.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "eb77-5bf4e5b3ec77a"
accept-ranges: bytes
content-length: 60279
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif

5.175.22.217

200 OK

489 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
GIF image data, version 89a, 2000 x 400\012- data
Size
489 kB (488926 bytes)
Hash
5d4acf5c3a2b71be434b261b76b7e6a9
d9e2645d08cec0a26fe80d30e973de6a4a0b7455
05655f50624596e80672653afde7d5ff99e5efa933bab177057a92812cb659f5

HTTP Headers

GET /www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Tue, 23 Aug 2022 16:09:31 GMT
etag: "775de-5e6eaca279e6a"
accept-ranges: bytes
content-length: 488926
content-type: image/gif
X-Firefox-Spdy: h2

www.robertz.de/assets/js/vendor_bundle.min.js

5.175.22.217

200 OK

101 kB

URL HTTP/2
www.robertz.de/assets/js/vendor_bundle.min.js
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (65514)
Size
101 kB (101220 bytes)
Hash
eb1235ec9c4c6300e795fdf0be02224f
d3f8f421bdfc1938f6dbdd41b76b0eb01c3a0bcd
37fe01d6f5a8a0bcf91568940e0202f4728b966b15f2e3141d3729dce8cb2a34

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor_bundle.min.js HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:42:21 GMT
etag: "66b1b-5a67925eb8940-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:08 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 101220
content-type: application/javascript
X-Firefox-Spdy: h2

www.robertz.de/assets/fonts/flaticon/Flaticon.woff2

5.175.22.217

200 OK

37 kB

URL HTTP/2
www.robertz.de/assets/fonts/flaticon/Flaticon.woff2
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Size
37 kB (36732 bytes)
Hash
ae2dd4b29a7c28b5cc6e9364c7a69983
602976fc50a9aa00adc99bc2d93888db7a81d2fc
0ebd2de93302226f320140f8051d5cff7c3752be9700d0d598e498bbe0dde638

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.robertz.de/assets/css/core.min.css
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:09 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800"
accept-ranges: bytes
content-length: 36732
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:09 GMT
vary: Accept-Encoding
x-cache: MISS from www.robertz.de
content-type: font/woff2
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.163

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 16:40:18 GMT
expires: Fri, 08 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 221631
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

142.250.74.163

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size
32 kB (31760 bytes)
Hash
fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

HTTP Headers

GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 22:18:58 GMT
expires: Tue, 05 Sep 2023 22:18:58 GMT
cache-control: public, max-age=31536000
age: 460511
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

booking.traveltermin.de/button?IpdVpkq9Li

134.119.241.212

200 OK

1.8 kB

URL HTTP/1.1
booking.traveltermin.de/button?IpdVpkq9Li
IP
134.119.241.212:0
ASN
#34011 Host Europe GmbH

File type
Unicode text, UTF-8 text, with very long lines (1932)
Size
1.8 kB (1791 bytes)
Hash
b2a18eea1fb5589375a73c522fceb48a
c512ce391fae7566a6fed1ceb4d51dd3e9c365a5
dd9601ec2e7dfa466cb09bf94b47b45a5c539a7a5cc002cc56410d887310de5f

HTTP Headers

GET /button?IpdVpkq9Li HTTP/1.1
Host: booking.traveltermin.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:14:09 GMT
Server: Apache
X-Powered-By: PHP/7.3.10
Cache-Control: max-age=604800
Expires: Sun, 18 Sep 2022 06:14:09 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1791
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8;

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
da7b1c24eee0db0c23872933557b7521
b8bc1215b4073784c048587e51a40152bd88c8ed
6ba38b5c68971135ed3f1fbe7afa658ce883240142a4244ce7d84fa251a64c3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
da7b1c24eee0db0c23872933557b7521
b8bc1215b4073784c048587e51a40152bd88c8ed
6ba38b5c68971135ed3f1fbe7afa658ce883240142a4244ce7d84fa251a64c3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.robertz.de/images/BilderPool/Reisethemen/Wandern-Alpen/mountaineers-5649828_1920.jpg

5.175.22.217

200 OK

495 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Reisethemen/Wandern-Alpen/mountaineers-5649828_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size
495 kB (495184 bytes)
Hash
d708b49b7c25267812f6899e2acf19b4
ec6ef0b325f9da1332ee56dec7599f93d793a758
cae3622c5e0a149cfeb6a634b0b19e833523997774f153d394e689b99f52c694

HTTP Headers

GET /images/BilderPool/Reisethemen/Wandern-Alpen/mountaineers-5649828_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:09 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 15:12:49 GMT
etag: "78e50-5c50bc1bd7f5c"
accept-ranges: bytes
content-length: 495184
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:09 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/assets/js/scripts.min.js?_=1662876839219

5.175.22.217

200 OK

3.2 kB

URL HTTP/2
www.robertz.de/assets/js/scripts.min.js?_=1662876839219
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (5449), with CRLF line terminators
Size
3.2 kB (3166 bytes)
Hash
1d16ebc0b3c66d6a10a2f844da041250
0bfc5df3e06ecc3af5ea0e5e4ec0c277d887c58f
7ddfb4f8b171063568c5f9d506d3777cfc061d6eff3deff43fcb5af2b6e38f11

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/scripts.min.js?_=1662876839219 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:09 GMT
server: Apache
last-modified: Sun, 05 Jul 2020 10:17:52 GMT
etag: "2541-5a9af1222b05b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:09 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 3166
content-type: application/javascript
X-Firefox-Spdy: h2

www.robertz.de/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1662876839220

5.175.22.217

200 OK

2.8 kB

URL HTTP/2
www.robertz.de/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1662876839220
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Unicode text, UTF-8 (with BOM) text
Size
2.8 kB (2824 bytes)
Hash
ff02a0dc373adfb3ebe39af4c7eef961
dac0bdc76620735d11975d970215c5d70207334c
7cdb80f8f5dea5cabf2936d0241e5d8a4b07f1cddaa5123a0c83b764c8f2c798

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1662876839220 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:09 GMT
server: Apache
last-modified: Sat, 18 Jul 2020 18:48:04 GMT
etag: "2936-5aabbb6b6819b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:09 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 2824
content-type: application/javascript
X-Firefox-Spdy: h2

www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d20121.212314762954!2d6.342435539550781!3d50.9209137!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47bf5eab1cac4f7b%3A0x77db4736472c743d!2sReiseb%C3%BCro%20Robertz!5e0!3m2!1sde!2sde!4v1617714931520!5m2!1sde!2sde

142.250.74.164

200 OK

1.7 kB

URL HTTP/2
www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d20121.212314762954!2d6.342435539550781!3d50.9209137!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47bf5eab1cac4f7b%3A0x77db4736472c743d!2sReiseb%C3%BCro%20Robertz!5e0!3m2!1sde!2sde!4v1617714931520!5m2!1sde!2sde
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3313)
Size
1.7 kB (1663 bytes)
Hash
ea964b6d6805c8d5eb40af971df471e9
d3b91ca4216b3f7b0836e30466da43bdcccfae87
258d81ef7253c206fddda93f905dd0c3f54cda32a0b4187602ea071a1baee232

HTTP Headers

GET /maps/embed?pb=!1m14!1m8!1m3!1d20121.212314762954!2d6.342435539550781!3d50.9209137!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47bf5eab1cac4f7b%3A0x77db4736472c743d!2sReiseb%C3%BCro%20Robertz!5e0!3m2!1sde!2sde!4v1617714931520!5m2!1sde!2sde HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sun, 11 Sep 2022 06:14:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-0tBCHOk6LDHUXxh-aHIefg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1663
x-xss-protection: 0
server-timing: gfet4t7; dur=150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/Q8kpYatjYYI

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/Q8kpYatjYYI
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cb984ff4a39ffe8800ade87559b91d65
7a5d6ae38c3c97dfe07a0ed597f5db89f8854b54
b60b75ff9265f1623b42f5ce58b0b1654e2d21d48241179eb8f0e950e29b6c1d

HTTP Headers

POST /s/gts1d4/Q8kpYatjYYI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.robertz.de/assets/js/vendor.swiper.min.js

5.175.22.217

200 OK

32 kB

URL HTTP/2
www.robertz.de/assets/js/vendor.swiper.min.js
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
32 kB (31466 bytes)
Hash
ed605729945876db2c8be9bb08804fe7
afc15092fc62fe09bbca09167410dac0f69f4b2e
a635d2fe17bba098e4d878bb51bd01c7e04655d1ace2b4164b65c9b209b14f2a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor.swiper.min.js HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:50 GMT
etag: "22538-5a67924128380-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 31466
content-type: application/javascript
X-Firefox-Spdy: h2

api.usercentrics.eu/settings/8EV1oBWbt/latest/de.json

35.241.3.184

200 OK

8.2 kB

URL HTTP/2
api.usercentrics.eu/settings/8EV1oBWbt/latest/de.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (27024), with no line terminators
Size
8.2 kB (8177 bytes)
Hash
c92139a22a2131fc3a5bb850a5594db1
17d59dcf6e2392d2388a961deaeeb083bd533839
56606d8f0d968f59066809a3dc770052f153872cc7d8085201c82ea774b596d4

HTTP Headers

GET /settings/8EV1oBWbt/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.robertz.de/
Origin: https://www.robertz.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsWE66Zs3IVjf7IVD-GpgsPic4IChUH1zmedElzkJnBXH7XGJ0Icy8V6bPXB7Z2qOAvo-5VnBYO1y427W2gramznQ
date: Sun, 11 Sep 2022 06:14:10 GMT
cache-control: public, max-age=1800, s-maxage=10, no-transform
expires: Sun, 11 Sep 2022 06:14:20 GMT
last-modified: Mon, 22 Aug 2022 07:36:09 GMT
etag: "c92139a22a2131fc3a5bb850a5594db1"
x-goog-generation: 1661153769506588
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8177
content-type: application/json
content-encoding: gzip
x-goog-hash: crc32c=DAzG9w==, md5=ySE5oiohMfw6W7hQpVlNsQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 8177
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/Q8kpYatjYYI

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/Q8kpYatjYYI
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cb984ff4a39ffe8800ade87559b91d65
7a5d6ae38c3c97dfe07a0ed597f5db89f8854b54
b60b75ff9265f1623b42f5ce58b0b1654e2d21d48241179eb8f0e950e29b6c1d

HTTP Headers

POST /s/gts1d4/Q8kpYatjYYI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14404
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 06:14:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14404
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 06:14:10 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5752 bytes)
Hash
12666d69f9af3ceb23fdfc2100bd3226
c4d17e3ea44ef6dee9819c1586424e5f056f149c
054236a4d1f88a486f48b8f3a8ac01d21ec2179d5b1f3fc9791d0982d07a88a2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5752
x-amzn-requestid: 622ffff0-1bd5-4eb4-a9ff-eb54c5ae44a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqiFiToAMF0tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f310-49efdcc572b4fad3543f857d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VKsU4S6tKOso216JLUWn7b1bKDyfruIVukt98JooNCjwaXDT9bkPYQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 19:50:13 GMT
age: 37437
etag: "c4d17e3ea44ef6dee9819c1586424e5f056f149c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (16983 bytes)
Hash
4c65d6ae04a64d9d01439fb4fca3f017
5ce0bc5b075b97639453d67d4f3cea61289b7698
eb48687a5974542d11882f854a86ff083528957b0fbc61c797167d8f04e0ffa9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16983
x-amzn-requestid: ed588125-de1d-47ae-a5d5-81ab8c2a8105
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRTpmH69oAMFYAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d330a-46ea16040beedf3903d87ec3;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 00:59:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iBwfZ5Vm2pbcO9zLGNtT2c0n6oZ9u-JjgIvbG47d4s6049ehYmXZ4w==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 04:26:46 GMT
age: 6444
etag: "5ce0bc5b075b97639453d67d4f3cea61289b7698"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg

5.175.22.217

200 OK

298 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size
298 kB (297622 bytes)
Hash
3b79d15ffab5a3bf79230f1267583e04
d52e852edaafb33ae8685188a9e8cdaae25a3a22
b1b7249a0435d37be3a8b06e71afafe1f56962a9c3fd167b7b5136efdc25cd8d

HTTP Headers

GET /images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
server: Apache
last-modified: Thu, 24 Jun 2021 07:47:06 GMT
etag: "48a96-5c57e3ac51ad4"
accept-ranges: bytes
content-length: 297622
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Reisethemen/Str%C3%A4nde/maldives-1993704_1920.jpg

5.175.22.217

200 OK

330 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Reisethemen/Str%C3%A4nde/maldives-1993704_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1078, components 3\012- data
Size
330 kB (329740 bytes)
Hash
40c94a0731f3cb48ce3c6bf8098cc6a2
4fd930156f53715838c95db4d38190dfab988506
fb175ae061cd06909b170af0d84d96d48e1398eb44c2ea0ecca04483fe4f6bde

HTTP Headers

GET /images/BilderPool/Reisethemen/Str%C3%A4nde/maldives-1993704_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 15:14:59 GMT
etag: "5080c-5c50bc97ad6d7"
accept-ranges: bytes
content-length: 329740
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7017 bytes)
Hash
fea5dfc4a6a5093fd81899ee4a79d446
c893d7475856809a59486e0bcebd6d662d1fc56f
915fb97690be97d97cb298fc60ceb4cf7c3ed8fb437836beb2d590a8e238363c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7017
x-amzn-requestid: df5e57d7-e54c-4b5a-aa1b-a9aee889842e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_Et0oAMFSjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-50d15bba03579a935342e22f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YRgmbTGaMvU9Kf47U90cPYhgpXaYgoNVA8ut6LOUStK4UfWahpSqVA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:41:08 GMT
age: 30782
etag: "c893d7475856809a59486e0bcebd6d662d1fc56f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6269 bytes)
Hash
47ae5cf125ce99bad80c283de8a85cec
0c0c1f84d8693d0c150c97faed21204622d48132
95f5b8cddbfcdb2b6105ed5a0d5ff0dd86390839e5df7416d4f879d69fcf20c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6269
x-amzn-requestid: 8f3cabdd-78c3-47d2-841b-02b674a79123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FSCoAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-4b44c935456026ba700a5759;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3lrbjYxWvd1Cm5rO-XAy1tCULAXdaeVZJAPCImd9GqQC7uZ3r3TxeA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:28 GMT
age: 30462
etag: "0c0c1f84d8693d0c150c97faed21204622d48132"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Reisethemen/St%C3%A4dtereisen/heidelberg-5360721_1920.jpg

5.175.22.217

200 OK

295 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Reisethemen/St%C3%A4dtereisen/heidelberg-5360721_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1277, components 3\012- data
Size
295 kB (295085 bytes)
Hash
94538df66b1ef89ce0421aca5a3d7686
fe8530ca9b8b16051a5d506a1e4a0001c7a40876
12bbd7295fda70b3d2227ea20c2a0df48ddcff4dae129776410eb93b022f397f

HTTP Headers

GET /images/BilderPool/Reisethemen/St%C3%A4dtereisen/heidelberg-5360721_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 15:13:53 GMT
etag: "480ad-5c50bc58fad9d"
accept-ranges: bytes
content-length: 295085
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/Robertz/B%C3%BCro/IMG_20210402_111030.jpg

5.175.22.217

200 OK

401 kB

URL HTTP/2
www.robertz.de/images/Robertz/B%C3%BCro/IMG_20210402_111030.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3500x1575, components 3\012- data
Size
401 kB (401026 bytes)
Hash
a086e897890422fd036447039e7a56ca
7497836c1c3c0eefee1dc141ecd065dff5d4375a
87c6ba7b28b0c178f38574bcd6529f6c55479e5cb74f8da6cb279289293efa3f

HTTP Headers

GET /images/Robertz/B%C3%BCro/IMG_20210402_111030.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 14:27:31 GMT
etag: "61e82-5c50b1fbffd85"
accept-ranges: bytes
content-length: 401026
cache-control: max-age=86400
expires: Mon, 12 Sep 2022 06:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2

104.18.23.52

200 OK

2.4 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 2412, version 331.-31196\012- data
Size
2.4 kB (2412 bytes)
Hash
714ee8de820748bab5090d91cd5b7690
07f4d4dfe5e3c9045f41996eb1ac8ecbbcc779bf
322c181b1aab5807cd0a7ed9e249ddbd97fa385ca3d338aa59ef1f610ca24601

HTTP Headers

GET /releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
content-type: font/woff2
content-length: 2412
x-amz-id-2: p8Ghakwkio+6WCazM09FYKvK2m2Vp89chWPOirfIrH17M+fFv/34SmQHueN9xfSqj3BkIqJe3ttk70f+x2wYsg==
x-amz-request-id: BEFNNSY2SKTFA7WE
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:37 GMT
etag: "714ee8de820748bab5090d91cd5b7690"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Sun, 11 Sep 2022 06:44:10 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 748e42fa0fbeb51d-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6889 bytes)
Hash
57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BPWrjstB3xKeYzHK9eQoJL8ORgRFsqjmNxu0j10epBANBtZCRU-m2g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:06 GMT
age: 30664
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2

104.18.23.52

200 OK

11 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10884, version 331.-31196\012- data
Size
11 kB (10884 bytes)
Hash
b297f9c677379a25dab795e0546e1e07
c0eeb3115545926ad1cb5d9b37a2fe573acf4b03
272922821dedf161cdf3bebb80a3353ae53e530698f4f92606e3f76b5415c158

HTTP Headers

GET /releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
content-type: font/woff2
content-length: 10884
x-amz-id-2: Gt6vRieh7YOTielsbn9+EKK71jfGw3RR5dgFJnbxmRlSaW+YFMySj6WYKCBCNTfVTLK9wmwNMVw=
x-amz-request-id: BEFYH2BEYC3V3PZF
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:39 GMT
etag: "b297f9c677379a25dab795e0546e1e07"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Sun, 11 Sep 2022 06:44:10 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 748e42fa0fb4b51d-OSL
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.1.woff2

104.18.23.52

200 OK

11 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.1.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10860, version 331.-31196\012- data
Size
11 kB (10860 bytes)
Hash
eb7a13166c2efdd5b305c75d341ce222
4f9e18b100b049b74efb8f0084e81756abaadfaa
b2698da8df8781bf12a07d76bab5c6353fbb730a8138fcaa1371c4950ad7c461

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.11.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
content-type: font/woff2
content-length: 10860
x-amz-id-2: GDEZr6uK+SMcG5mxKvUsLjpVDdvYiA2ns0BrlA8468qneQ22/yfdDLz3vyknOtGSkdPvCSy2Z4Mb/0CJDVe5dQ==
x-amz-request-id: BEFPZ4JFC32KA1Y2
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "eb7a13166c2efdd5b305c75d341ce222"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Sun, 11 Sep 2022 06:44:10 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 748e42fa1fc8b51d-OSL
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2

104.18.23.52

200 OK

10 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10412, version 331.-31196\012- data
Size
10 kB (10412 bytes)
Hash
82b2764fcd41e25136e931dd303a29f4
ec11167afa020752f2dcdbeba74c10ee6d9255d6
94db1583c12033a2b06418908eaf13362e9e79e6c4a78e5e8ce608774cf6e512

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
content-type: font/woff2
content-length: 10412
x-amz-id-2: Q1FUGJKOKXQ6H6lOlvqsqEBIKoYtvzHFpeR9mbmxwoqEK02a7DKMsTbTD09mBdDSg/elLDC1xAoursALbo0juw==
x-amz-request-id: BEFH422W7DEP5QZB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "82b2764fcd41e25136e931dd303a29f4"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Sun, 11 Sep 2022 06:44:10 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 748e42fa1fcfb51d-OSL
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2

104.18.23.52

200 OK

16 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 15748, version 331.-31196\012- data
Size
16 kB (15748 bytes)
Hash
1894bebba876a67d0cb7cd7351ab6ae4
0c2e2d2e73311bbd4c429e33e4e4c4036207b4b1
ec540bd82697b5fb43f1584f25446b7d58a0cf0a51e1544b0b278a2aaa5f1e77

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
content-type: font/woff2
content-length: 15748
x-amz-id-2: DPBfE/fkRa1bTXRNAil7socB8EfLmAIgzbsA+N4cF3etx8cukh2H+6/GNVhhRkdZ+3JvJU5FE/o=
x-amz-request-id: BEFMJW6Y3GPZATZA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "1894bebba876a67d0cb7cd7351ab6ae4"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Sun, 11 Sep 2022 06:44:10 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 748e42fa1fcbb51d-OSL
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.0.0.woff2

104.18.23.52

200 OK

38 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.0.0.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 37796, version 331.-31196\012- data
Size
38 kB (37796 bytes)
Hash
6cdf281bc8af0068561fe6aa361a6a0b
4b11f830ee1b852b8aa46ea7e4cfe709a327bf58
49fd3e0c64f247cf56cb828bc37b88cf139df6e5c7bb4c3a4507f740e9a52c17

HTTP Headers

GET /releases/latest/webfonts/pro-fa-brands-400-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
content-type: font/woff2
content-length: 37796
x-amz-id-2: dQpJ6eGCzZam/ew78F9xL/h1THUlNVp6pRvUYXmQVOOZIttWTY/4b0No2H0HIA+5tzTOXHEdnFAg+/7shj/BDA==
x-amz-request-id: BEFZ9STY5QH1B1WX
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:35 GMT
etag: "6cdf281bc8af0068561fe6aa361a6a0b"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Sun, 11 Sep 2022 06:44:10 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 748e42fa0fbfb51d-OSL
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2

104.18.23.52

200 OK

25 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 24800, version 331.-31196\012- data
Size
25 kB (24800 bytes)
Hash
4abe94f1746789f39110d3ebac7ebd96
bdc3b41f3cc3e5e3e87ca020eeddc2b288f0dd91
299dc8e16be2ab2214e279b5536efd387d17fd3d364f397ce9f1fed602384fea

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
content-type: font/woff2
content-length: 24800
x-amz-id-2: modOCJtZuOdsLYYoZcPosd3nu9az/Nq88UcFTzjKvvqbt3vaXaaXxigVZR3wKOcUY0qLxps9E+ies25XmxMSPg==
x-amz-request-id: BEFKM55R6FMF4V68
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:40 GMT
etag: "4abe94f1746789f39110d3ebac7ebd96"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Sun, 11 Sep 2022 06:44:10 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 748e42fa1fceb51d-OSL
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2

104.18.23.52

200 OK

17 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 17168, version 331.-31196\012- data
Size
17 kB (17168 bytes)
Hash
8a43eb7db323b6a82d87a458c34cbe82
968367a39a575ffe38f1cfda07eea12eff885831
2bbaabc785383c5d90abc17e6703ac6a057b9644c6ebdfe9e15709c6ffac9c71

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
content-type: font/woff2
content-length: 17168
x-amz-id-2: 42poKYydRmwzx9JKvoiZ1olzFhtXEqdSp3KPsLaku0xBF/fudTRabuYVF67OBzIKyIqXiNIsHnU=
x-amz-request-id: BEFGEPGNF8ZC1GG4
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "8a43eb7db323b6a82d87a458c34cbe82"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Sun, 11 Sep 2022 06:44:10 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 748e42fa1fcdb51d-OSL
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.22

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
59fc0b566322d25d746829f8cc5deef8
2e263cb3dd638b58e0d0109426874d73f2a65b4f
0ace618918316e62af3fd5b057e8ea84bb23a2fe73b09d1b8f4fdfcd90e8ce5b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 11 Sep 2022 06:14:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 10 Sep 2022 14:57:44 GMT
Expires: Sun, 11 Sep 2022 14:57:44 GMT
ETag: "2e263cb3dd638b58e0d0109426874d73f2a65b4f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

khms0.googleapis.com/kh?v=930&hl=de&x=530&y=343&z=10

142.250.74.74

200 OK

15 kB

URL HTTP/2
khms0.googleapis.com/kh?v=930&hl=de&x=530&y=343&z=10
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size
15 kB (15363 bytes)
Hash
8cdcfdb1f2af2420bb4bfb928c8bd297
3fd00b07e44c65af7539c2e87db035ebbab4dde7
efbc1b5b5664b45ca5bb3809d27f0ff2b1d4dd7952610a0a263e938ebc439cae

HTTP Headers

GET /kh?v=930&hl=de&x=530&y=343&z=10 HTTP/1.1
Host: khms0.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Mon, 11 Sep 2023 06:14:11 GMT
cache-control: public, max-age=31536000
access-control-allow-origin: *
date: Sun, 11 Sep 2022 06:14:11 GMT
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 15363
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/zA2MeURdANg

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/zA2MeURdANg
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2d5f94c879776d72227d4765c98083e
e4f16c710df600db9de46ea8c126c9b23b67d5cb
4d0b3cd38c043e319deb225e367b1cf0fc65afeeacb57d05662c1e05361023ae

HTTP Headers

POST /s/gts1d4/zA2MeURdANg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/zA2MeURdANg

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/zA2MeURdANg
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2d5f94c879776d72227d4765c98083e
e4f16c710df600db9de46ea8c126c9b23b67d5cb
4d0b3cd38c043e319deb225e367b1cf0fc65afeeacb57d05662c1e05361023ae

HTTP Headers

POST /s/gts1d4/zA2MeURdANg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.16.38,8eIqa_sKr@8.1.0,HkPBYFofN@10.3.1,S1pcEj_jZX@21.9.4,HkYNq4sdjbm@10.2.4,Sy7BcNo_ib7@4.2.2,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,Hk8e94jOjWX@11.1.4,BJz7qNsdj-7@15.7.12

34.120.28.121

200 OK

7.1 kB

URL HTTP/2
aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.16.38,8eIqa_sKr@8.1.0,HkPBYFofN@10.3.1,S1pcEj_jZX@21.9.4,HkYNq4sdjbm@10.2.4,Sy7BcNo_ib7@4.2.2,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,Hk8e94jOjWX@11.1.4,BJz7qNsdj-7@15.7.12
IP
34.120.28.121:0
ASN
#15169 GOOGLE

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (47344), with no line terminators
Size
7.1 kB (7079 bytes)
Hash
f557decf05dd1b3abd090def1f368156
a47ccfd6fcf09db0ef0a6ede2dae143b5b4e10c0
64bb9da6f93c4a676e0ad987b285f82844651ee2fb61ed22bd62ab19926d4a8c

HTTP Headers

GET /aggregate/de?templates=H1Vl5NidjWX@40.16.38,8eIqa_sKr@8.1.0,HkPBYFofN@10.3.1,S1pcEj_jZX@21.9.4,HkYNq4sdjbm@10.2.4,Sy7BcNo_ib7@4.2.2,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,Hk8e94jOjWX@11.1.4,BJz7qNsdj-7@15.7.12 HTTP/1.1
Host: aggregator.service.usercentrics.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.robertz.de/
Origin: https://www.robertz.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding, accept-encoding
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: public,max-age=604800
etag: "ed6j5y"
content-encoding: br
date: Sun, 11 Sep 2022 06:14:11 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/Ef3_vfLBTFo

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/Ef3_vfLBTFo
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8d89c1a4212df39214824183e49082d7
e71b115cc979c5965ba524af36bf01c515173f7f
87c2b94c061b33a1c52981dd58268404d54b2139fe740c35576e186a0cd60e8c

HTTP Headers

POST /s/gts1d4/Ef3_vfLBTFo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

graphql.usercentrics.eu/graphql

34.120.238.166

204 No Content

0 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Referer: https://www.robertz.de/
Origin: https://www.robertz.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 11 Sep 2022 06:14:11 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/Ef3_vfLBTFo

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/Ef3_vfLBTFo
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8d89c1a4212df39214824183e49082d7
e71b115cc979c5965ba524af36bf01c515173f7f
87c2b94c061b33a1c52981dd58268404d54b2139fe740c35576e186a0cd60e8c

HTTP Headers

POST /s/gts1d4/Ef3_vfLBTFo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:14:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.prive.eu/wp-content/uploads/2020/05/logo-erecht24-long-weiss72.png

159.69.215.183

301 Moved Permanently

0 B

URL HTTP/2
www.prive.eu/wp-content/uploads/2020/05/logo-erecht24-long-weiss72.png
IP
159.69.215.183:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/uploads/2020/05/logo-erecht24-long-weiss72.png HTTP/1.1
Host: www.prive.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
cache-control: max-age=3600
content-type: text/html; charset=UTF-8
date: Sun, 11 Sep 2022 06:14:11 GMT
expires: Sun, 11 Sep 2022 07:14:11 GMT
location: https://www.prive.eu/wp-content/uploads/2020/05/erecht24_logo_white.svg
server: Caddy, Apache/2.4.29 (Ubuntu)
vary: X-Forwarded-Proto,Accept-Encoding
x-redirect-by: redirection
content-length: 0
X-Firefox-Spdy: h2

www.prive.eu/wp-content/uploads/2020/05/erecht24_logo_white.svg

159.69.215.183

200 OK

7.9 kB

URL HTTP/2
www.prive.eu/wp-content/uploads/2020/05/erecht24_logo_white.svg
IP
159.69.215.183:0
ASN
#24940 Hetzner Online GmbH

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
7.9 kB (7878 bytes)
Hash
3c4a521dbf31f209692dd4ad6c15c70f
a7ed455bd5ed21466b2988f647ccc813bba16bcf
71d4f7a85b825c426a79569574f473bbee04cc01334f0cf103ca7bd975eb23cc

HTTP Headers

GET /wp-content/uploads/2020/05/erecht24_logo_white.svg HTTP/1.1
Host: www.prive.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.robertz.de/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
date: Sun, 11 Sep 2022 06:14:11 GMT
last-modified: Tue, 19 May 2020 08:49:32 GMT
server: Caddy, Apache/2.4.29 (Ubuntu)
vary: X-Forwarded-Proto,Accept-Encoding
content-length: 7878
X-Firefox-Spdy: h2

www.robertz.de/img/favicon-16x16.png

5.175.22.217

200 OK

0 B

URL HTTP/2
www.robertz.de/img/favicon-16x16.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/favicon-16x16.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:09 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Mon, 12 Sep 2022 06:14:09 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2

graphql.usercentrics.eu/graphql

34.120.238.166

200 OK

0 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.robertz.de/
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 1463f44a-bc5f-4bae-83f1-8f9a4f7ead48
Origin: https://www.robertz.de
Content-Length: 7017
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"535-CcqVbI/jXa9bXWc2hmsozf1U/8Q"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css

104.18.23.52

200 OK

0 B

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/latest/css/pro-v4-shims.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
content-type: text/css
x-amz-id-2: iT8ZupnOxWpWMAKwfkDwtp9P1xcr8oXnn2QOTNUaLIoyQ5jAD2cANg1mJrCWG1nyuIiPehlhVh0=
x-amz-request-id: V9KX785VYZEKCMK4
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"715826d7cea0f100c00238e5e5dc92b4"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1765
expires: Sun, 11 Sep 2022 06:44:10 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 748e42f89e65b51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css

104.18.23.52

200 OK

0 B

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/latest/css/pro-v4-font-face.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
content-type: text/css
x-amz-id-2: a0prlzPIjCNDq3t0r7ImxTn6Aaj+3i1MnzmhRTXXBzhb86n5FDAO5a3Wsu1xb/L6ENQF5VvJ8cs=
x-amz-request-id: EQ78T8FKH1SWXYE4
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"1cb05a2f9541200e1fa0a2cd0abc7663"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1778
expires: Sun, 11 Sep 2022 06:44:10 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 748e42f89e74b51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.robertz.de/

5.175.22.217

200 OK

0 B

URL HTTP/2
www.robertz.de/
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:08 GMT
server: Apache
set-cookie: CFID=35784088; Expires=Mon, 12-Sep-2022 06:14:08 GMT; Path=/; HttpOnly
CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E; Expires=Mon, 12-Sep-2022 06:14:08 GMT; Path=/; HttpOnly
cache-control: max-age=420, private, must-revalidate
expires: Mon, 12 Sep 2022 06:14:08 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2

www.robertz.de/img/android-icon-192x192.png

5.175.22.217

200 OK

0 B

URL HTTP/2
www.robertz.de/img/android-icon-192x192.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/android-icon-192x192.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=35784088; CFTOKEN=1954cef503993c35-AFC7966C-0CA7-6E47-3617F4E6425E730E; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:09 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Mon, 12 Sep 2022 06:14:09 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/css/pro.min.css

104.18.23.52

200 OK

0 B

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/css/pro.min.css
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/latest/css/pro.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:14:10 GMT
content-type: text/css
x-amz-id-2: AMRPnx/gGPWzkxpEroVSLO8Pi8J0vSGXWBOtNi24DEDy+QaEMCfu0MKQ1eDa2E4MPiKMDx3QOVg=
x-amz-request-id: Q09J8QG0HPK0XNQC
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"486b13730aafe2a39cdaf1666679fa5b"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1765
expires: Sun, 11 Sep 2022 06:44:10 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 748e42f89e72b51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations