Report - bestes-reisebuero.de/

Report Overview

Submitted URL
bestes-reisebuero.de/
IP
92.51.134.215
ASN
#8972 Host Europe GmbH
Submitted
2022-11-09 20:14:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
privacy-proxy.usercentrics.eu	43696	2019-09-20T10:09:07Z	2023-03-10T13:04:27Z	389 B	43 kB	35.190.14.188
backend.tcautor.de	unknown	2020-06-28T07:48:07Z	2023-01-30T14:52:15Z	2.9 kB	222 kB	5.175.22.217
i27.giatamedia.com	unknown	2022-08-17T09:35:48Z	2023-01-20T02:33:17Z	398 B	88 kB	136.243.0.17
i30.giatamedia.com	unknown	2022-02-08T15:40:18Z	2022-11-22T19:04:51Z	399 B	157 kB	78.46.86.14
i26.giatamedia.com	unknown	2022-08-30T16:34:03Z	2023-01-20T02:33:17Z	399 B	160 kB	148.251.18.66
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	35.83.91.138
www.paxconnect.de	unknown	2013-01-14T20:57:18Z	2023-03-09T04:58:54Z	390 B	1.3 kB	83.169.3.220
api.usercentrics.eu	11845	2018-04-17T10:09:01Z	2023-03-10T13:12:15Z	415 B	9.2 kB	35.241.3.184
www.chamaeleon-reisen.de	unknown			1.3 kB	524 kB	213.187.84.169
pax-smartberatung-signalr.azurewebsites.net	unknown	2022-07-01T17:32:33Z	2023-01-23T02:36:08Z	997 B	1.3 kB	20.50.2.10
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	7.1 kB	19 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	2.4 kB	5.5 kB	93.184.220.29
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-10T08:04:05Z	858 B	12 kB	104.17.24.14
www.robertz.de	unknown	2015-07-17T10:25:32Z	2023-01-30T15:22:20Z	20 kB	3.5 MB	5.175.22.217
privacy-proxy-server.usercentrics.eu	265938	2019-07-04T16:11:24Z	2023-03-10T13:04:28Z	885 B	170 kB	34.149.163.237
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	5.3 kB	11 kB	142.250.74.35
pax-signalr.service.signalr.net	unknown	2022-07-01T17:32:33Z	2023-01-23T02:35:56Z	2.4 kB	1.3 kB	20.86.94.141
app.usercentrics.eu	12624	2018-08-08T11:42:22Z	2023-03-10T13:12:14Z	370 B	231 kB	35.190.14.188
booking.traveltermin.de	unknown	2020-04-06T00:18:11Z	2023-01-24T20:07:19Z	375 B	2.1 kB	134.119.241.212
cluster2.images.traveltainment.eu	456243	2013-09-27T09:57:24Z	2023-03-08T05:27:48Z	1.2 kB	4.2 kB	185.64.96.3
aggregator.service.usercentrics.eu	14703	2020-07-29T15:16:57Z	2023-03-10T12:03:36Z	651 B	6.9 kB	34.120.28.121
graphql.usercentrics.eu	14191	2018-08-08T11:42:38Z	2023-03-10T13:12:15Z	1.1 kB	751 B	34.120.238.166
bestes-reisebuero.de	unknown			352 B	534 B	92.51.134.215
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	53 kB	34.120.237.76
kit-pro.fontawesome.com	21124	2019-05-02T14:15:01Z	2023-03-10T11:49:25Z	5.5 kB	168 kB	104.18.22.52
uc.e-recht24.de	386358	2021-02-25T10:55:23Z	2023-03-10T00:27:59Z	394 B	3.4 kB	159.69.24.179
oneocsp.microsoft.com	1473	2020-08-13T08:58:55Z	2023-03-10T12:42:46Z	698 B	4.5 kB	204.79.197.203
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
www.backend.tcautor.de	unknown	2020-06-28T07:47:24Z	2023-01-30T14:56:56Z	2.3 kB	855 kB	5.175.22.217
media.xmlteam.de	unknown	2019-07-08T12:25:13Z	2023-03-08T03:33:03Z	1.2 kB	226 kB	162.55.39.184
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.starfieldtech.com	6616	2012-06-22T20:08:50Z	2023-03-10T12:38:13Z	692 B	4.7 kB	192.124.249.23
www.meinereiseangebote.de	unknown	2017-03-09T08:47:42Z	2023-02-23T08:28:02Z	4.7 kB	136 kB	13.69.68.38
status.thawte.com	5123	2017-11-27T13:33:51Z	2023-03-10T05:17:36Z	1.0 kB	2.4 kB	93.184.220.29
cdn.smartberatung.com	unknown	2020-09-15T17:13:38Z	2023-03-10T03:55:31Z	2.8 kB	136 kB	13.107.213.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-09	medium	bestes-reisebuero.de/	Phishing
2022-11-09	medium	www.robertz.de/fonts/flaticon/Flaticon.woff2	Phishing
2022-11-09	medium	www.robertz.de/assets/js/core.min.js	Phishing
2022-11-09	medium	www.robertz.de/assets/js/jquery-3.4.1_plusUI.min.js	Phishing
2022-11-09	medium	www.robertz.de/assets/js/vendor_bundle.min.js	Phishing
2022-11-09	medium	www.robertz.de/assets/fonts/flaticon/Flaticon.woff2	Phishing
2022-11-09	medium	www.robertz.de/assets/js/scripts.min.js?_=1668024847227	Phishing
2022-11-09	medium	www.robertz.de/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1668024847228	Phishing
2022-11-09	medium	www.robertz.de/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.robertz.de/	143 B	2023-03-11	2023-03-11
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:54:25 Last Seen2023-03-11 15:20:49 Times Seen1 Hash 5345adb5db61bf8c88faf5a36a6c530d b2fe9a8b99623cf1c52264a145c912be09df2413 23853322e8cacce50af22c89c42be9e40eeb576973b010b0512039c2228d577e Loading...

	www.robertz.de/	132 B	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 206d3035e76fe3cddd8a2a036fddef75 0ea3fd3e269c16e3dc467d340dc107ba72b47c55 1309ebd1087c85cff2a226e2ae661bcfba4c1de0fc31b2f8233a40b38f8842f3 Loading...

	www.robertz.de/	9.5 kB	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash b37c16552c444a1e10761ac0a8a4191f d845da399730dcfffebeafe2fcc743faf4b6f482 3039ad005dab183cf141a88f50b31a88ec72af6469f1dda66e6d4816ef6d8381 Loading...

	app.usercentrics.eu/latest/main.js	25 kB	2023-03-07	2024-04-03
Pretty URL app.usercentrics.eu/latest/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-04-03 10:55:10 Times Seen357 Hash 2f6ee33ec707f2be99eab89a14bf538d f2164827c88ba17ef1488c6c976b27cc1376f2a3 c33a649699a0dba95a5914251da89c9a6439c07cad273e1138245c012169738b Loading...

	www.meinereiseangebote.de/js/jquery.validate.min.js	25 kB	2023-03-07	2024-04-16
Pretty URL www.meinereiseangebote.de/js/jquery.validate.min.js IP 13.69.68.38 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:26 Last Seen2024-04-16 12:50:58 Times Seen541 Hash 5861a036c2de6c2df26749fe41d57605 514dc9a21607634859963c49bbc773fb57a356db 270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820 Loading...

	www.robertz.de/	7.9 kB	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 269f13584fe0b6ffe232701487e42478 cf83bc0e51753e938c0bd704fe6c84e8c5a686c2 c10fea60a9bfd1a76e8a0c9bc550de49668a3529b971a058ae1826beba17e51b Loading...

	www.paxconnect.de/js/meinereiseangebote_iframe_v1.1.0.js	1.8 kB	2023-03-07	2023-03-17
Pretty URL www.paxconnect.de/js/meinereiseangebote_iframe_v1.1.0.js IP 83.169.3.220 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-17 10:34:31 Times Seen1 Hash b243ed483e930ca8aae4a7c0e525002e 7440e6f312ba2a4129e18950e6bf7bd629a96236 ce49f2956ba500abca1862dfce1836de75cb64e7fb19fe8a23cb9e20f2de27af Loading...

	www.meinereiseangebote.de/VRVR-5820?supressCookieConsent&output_content=iframe	639 B	2023-03-11	2023-03-11
Pretty URL www.meinereiseangebote.de/VRVR-5820?supressCookieConsent&output_content=iframe IP 13.69.68.38 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:54:25 Last Seen2023-03-11 15:20:49 Times Seen1 Hash f5a2b5e29afe86852e6e42c77b04be99 cec17183c3128f0e911f7e4b2ed65e58a4bcde19 b44f4293c7dd027287c6240421a42abe2323dab03054302ac9f30de78a26d3cb Loading...

	www.meinereiseangebote.de/js/iframeResizer.contentWindow.min.js	14 kB	2023-03-07	2024-01-08
Pretty URL www.meinereiseangebote.de/js/iframeResizer.contentWindow.min.js IP 13.69.68.38 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2024-01-08 15:01:47 Times Seen15 Hash 98bed7238b6b65d0ebcb9c4d5d16647b 0cc8049db0bbe81db1454deb813c64997998376d b2a0c4eee585201745033f70abdbde716072e7c5e4364fae64f0c107d11fb2e7 Loading...

	www.robertz.de/	106 B	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash fc216d7510d31dde74f4401325fa1e13 eb1ccb57c28628989a36f694c96648f672069349 24b70705c3490ec56793f741d0ad5a8e2fe57e96af4b0d2c8902da125809d4cf Loading...

	privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js	158 kB	2023-03-10	2023-03-11
Pretty URL privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:31:23 Last Seen2023-03-11 12:21:17 Times Seen1 Hash 24680c95cc754147cd6672ff826c5980 42e839240cab0af284f8cbadd74fe03c7ae40193 6b7880200ff1b32f545df2b7bbb24e5406d655345f63be253e93d3a0788f3dab Loading...

	www.robertz.de/	10 kB	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash bc181d89c903325ebfff3cc312b3fa25 5d24d486f72d8e5d978fb9239bce0e98e9df6211 c7a047fdc86d0e046d89b5ec7d63a7be79c761e8c7971eed21c0b230f245a157 Loading...

	www.robertz.de/	141 kB	2023-03-07	2023-03-29
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 6c4b78281edfb785e3a4c763912719a6 d9d9134ce3dbd015001d53d733d0253f32932b5d 0b0d7f064405e1ece0b32d80e4f5ebcdf52a95c34c4cfcb4194dfdda2e92138a Loading...

	www.meinereiseangebote.de/js/signalr.min.js	116 kB	2023-03-07	2023-03-17
Pretty URL www.meinereiseangebote.de/js/signalr.min.js IP 13.69.68.38 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:57 Last Seen2023-03-17 10:34:31 Times Seen1 Hash a6333c19b69d77cb0742c18240660e07 e217f1f7393ac0ec4f57c610def3abf324290b2b d8b99b6a0729e959515533dd7239875fb4c4c350929b3f4b2707fb91dec5eed0 Loading...

	www.meinereiseangebote.de/dist/list.67a1409927b5371fffa8.bundle.js	90 kB	2023-03-10	2023-03-11
Pretty URL www.meinereiseangebote.de/dist/list.67a1409927b5371fffa8.bundle.js IP 13.69.68.38 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:21:10 Last Seen2023-03-11 11:17:45 Times Seen1 Hash f2b4b834766e00c16a7e41b255a9d4a3 8508504cfb6f7db257a0ee3e89f0f14ef2c08684 d6a9ccd9f79e6820ef5fc4b95a8c4d568e937f3ec19825621122f31fcb95eab2 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js	28 kB	2023-03-07	2024-03-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2024-03-04 15:30:38 Times Seen275 Hash 1d6ae7e6b82dd230033595eac215ac28 4feda8ad306195d129c2d9bc918150979c68a726 29af286f1b07342cfa1fd851a65f17e105775e68715b2a81a64fc4a476328fd9 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 10:45:12 Times Seen36935106 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.robertz.de/assets/js/vendor_bundle.min.js	421 kB	2023-03-07	2023-03-29
Pretty URL www.robertz.de/assets/js/vendor_bundle.min.js IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:26 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 2b5b6c884ee703467573b96a50275262 451d0a95b007aff5d246263ea65dda904a7c41c2 5b28a15fae3f9860278e2133e3c9e7348cb6ab4db151db86406afd04800c3aaa Loading...

	www.meinereiseangebote.de/js/iframeResizer.min.js	14 kB	2023-03-07	2024-01-02
Pretty URL www.meinereiseangebote.de/js/iframeResizer.min.js IP 13.69.68.38 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2024-01-02 14:25:12 Times Seen9 Hash 2aaac39b084194a22aaf2949f369daab 16afa7e4b49219f8e32b86c2f672b9c2b04ad764 7584c84b0f5a6703b5243c67c4ba5d5c3875638c33b77b8799c24a065379b81d Loading...

	booking.traveltermin.de/button?IpdVpkq9Li	4.3 kB	2023-03-07	2023-03-17
Pretty URL booking.traveltermin.de/button?IpdVpkq9Li IP 134.119.241.212 ASN #34011 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:45 Last Seen2023-03-17 12:39:05 Times Seen1 Hash f12b23d058146b2242e497bd62ae6ef1 260e0bd908abfd3b75ebaa39212461b405715aa0 a333159fd381dc4d3e07ce48957fd55d84858c9a48e8e3adc8a56c7343a275f5 Loading...

	www.robertz.de/	1.7 kB	2023-03-07	2023-03-17
Pretty URL www.robertz.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-03-17 12:39:05 Times Seen1 Hash 1a1a0808e412aaef1ec7d5821e3b2142 e151a173dcd5664bc3b003d9d6339faa84dd1f43 d03ea1a7d7805402048a204da3d2c749ebc339bcd72ecf43e145095a56bbc964 Loading...

HTTP Transactions (168)

URL IP Response Size

bestes-reisebuero.de/

92.51.134.215

301 Moved Permanently

301 B

URL HTTP/1.1
bestes-reisebuero.de/
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
301 B (301 bytes)
Hash
151cbf7d9ef69d5f5de1356289733878
70391b418e6448b71b445fb44d7ac908a4099ea6
774391698cb80a8fbc5031a53ac71274318345fa3f52567466329d74b3475714

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: bestes-reisebuero.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 09 Nov 2022 20:14:09 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 301
Connection: keep-alive
Location: https://www.robertz.de/
X-Powered-By: PleskLin

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15868
Expires: Thu, 10 Nov 2022 00:38:37 GMT
Date: Wed, 09 Nov 2022 20:14:09 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5127
Cache-Control: max-age=142942
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:09 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:56:31 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5127
Cache-Control: max-age=142942
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:09 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:56:31 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9654
Expires: Wed, 09 Nov 2022 22:55:03 GMT
Date: Wed, 09 Nov 2022 20:14:09 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: lFkHjs7+d1bShixbKwb5w2Me6cC899MmHbeNMlYJ+L4ThDB8V4ZVLvmZpijT/iVWKl+zuSUzS74=
x-amz-request-id: X4MAD4R9R7CQS47M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 19:49:06 GMT
age: 1503
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 20:14:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0d076809aa6750dbbe18dfdd4ca23cf8
bcbe59c5cc5d52bf11255dae74d551178490fb63
fb389088f6ad10857185054ba9f80c1ab8c9a786e8416b8a013601a08f7fe434

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB389088F6AD10857185054BA9F80C1AB8C9A786E8416B8A013601A08F7FE434"
Last-Modified: Wed, 09 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21566
Expires: Thu, 10 Nov 2022 02:13:35 GMT
Date: Wed, 09 Nov 2022 20:14:09 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5739
Cache-Control: max-age=138499
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:09 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:42:28 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css

104.17.24.14

200 OK

2.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (22251)
Size
2.9 kB (2880 bytes)
Hash
4dbf1735a5370350943bce0dbad5843d
3a9d68ea18c3aa70887283c3c36b154ddd31ced8
b7cd289c437127d58b709dc9999390fe68d378d506a8a31252c74c70597e162e

HTTP Headers

GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
content-type: text/css; charset=utf-8
content-length: 2880
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-580a"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 22963211
expires: Mon, 30 Oct 2023 20:14:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6hgnhz97cuXuapaYv0nH%2Fh8UjeYjSzak4%2B1LZQGRceR0c%2FTZE%2FaKq%2BGA%2BgnOiKKKFaflfBCTU%2FTelccLatm80ln5j0GtWni5Lr0Lzn3Nzcc1%2FGaPT7IAgbn1M9DCM8%2BuZXdgcEG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76793690f80e1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.robertz.de/fonts/flaticon/Flaticon.woff2

5.175.22.217

200 OK

37 kB

URL HTTP/2
www.robertz.de/fonts/flaticon/Flaticon.woff2
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Size
37 kB (36736 bytes)
Hash
e97e6acd6d5fae4dfb1b353ddf3dcf0f
186f523c36cdd4d80122ea6daf40106e0ce3e20d
0b56c2c2e69c2334a1881c975f0a1223b73447cd57a13f6b435b239a87de961e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 36736
content-type: font/woff2
X-Firefox-Spdy: h2

www.robertz.de/assets/css/colorpalette.min.css

5.175.22.217

200 OK

1.9 kB

URL HTTP/2
www.robertz.de/assets/css/colorpalette.min.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
assembler source, ASCII text, with very long lines (8960), with CRLF line terminators
Size
1.9 kB (1898 bytes)
Hash
475de567aa0032280982829dcfc11116
4eceb810b11b830494dc13abff7eb578c42c2f0c
e405a2f80f2edb9470ad0a5184108ea934d9e512a8ed7894e60d9d2388ce219b

HTTP Headers

GET /assets/css/colorpalette.min.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 08 Jul 2020 05:55:56 GMT
etag: "3e89-5a9e7c2ecfd8b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 1898
content-type: text/css
X-Firefox-Spdy: h2

www.robertz.de/www/fonts/montserrat.css

5.175.22.217

404 Not Found

196 B

URL HTTP/2
www.robertz.de/www/fonts/montserrat.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

HTTP Headers

GET /www/fonts/montserrat.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.robertz.de/assets/css/color_scheme/customcolor.css

5.175.22.217

200 OK

3.1 kB

URL HTTP/2
www.robertz.de/assets/css/color_scheme/customcolor.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
assembler source, ASCII text, with very long lines (582), with CRLF line terminators
Size
3.1 kB (3095 bytes)
Hash
60d56c255a871ae01312cdbdf6ec1e27
8d986fa1d7258c73f1d6d2a043fc0bea80b88ca7
598057d50bdcc975d1742a5b6e8cc49575cb5394cead95b3a4d34aa94ffa97a5

HTTP Headers

GET /assets/css/color_scheme/customcolor.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Sun, 12 Jul 2020 12:43:45 GMT
etag: "4498-5aa3decc0656d-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 3095
content-type: text/css
X-Firefox-Spdy: h2

www.robertz.de/assets/css/vendor.swiper.min.css

5.175.22.217

200 OK

4.2 kB

URL HTTP/2
www.robertz.de/assets/css/vendor.swiper.min.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (21675), with no line terminators
Size
4.2 kB (4187 bytes)
Hash
21888b586f9fd75d444d25f8e118f5d7
3f92c9c4fe3cb925d4e4f78f5af3b681b3c8c9e5
4151ce7b54bb179dd95e4b52465aeb2e0396d1868207e9ba98f8490cb1b352c0

HTTP Headers

GET /assets/css/vendor.swiper.min.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 07 Jul 2020 09:54:09 GMT
etag: "54b2-5a9d6f907ba36-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 4187
content-type: text/css
X-Firefox-Spdy: h2

www.robertz.de/assets/css/custom.css

5.175.22.217

200 OK

3.0 kB

URL HTTP/2
www.robertz.de/assets/css/custom.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
assembler source, ASCII text, with CRLF, LF line terminators
Size
3.0 kB (2987 bytes)
Hash
3f3dcde275d75ccd807e2e5e2f616812
e530d19c468592f6d6b2e217ca8b4b62aa6e5688
476ee261ef6f668eadf94cfffb6d64d227d6ccc1ee23659ab6f29835c61d94ac

HTTP Headers

GET /assets/css/custom.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 29 Jul 2020 14:42:41 GMT
etag: "3fbb-5ab959162640a-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 2987
content-type: text/css
X-Firefox-Spdy: h2

www.robertz.de/images/Robertz/Team/Nadim.jpg

5.175.22.217

200 OK

13 kB

URL HTTP/2
www.robertz.de/images/Robertz/Team/Nadim.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "Created with GIMP", progressive, precision 8, 236x236, components 3\012- data
Size
13 kB (12859 bytes)
Hash
3852a6818d8136feda41e6124cfc6cc3
ce6549af4a84a1a132941ec06a160e54ff8df933
baf32cf30024c0d847421b4b06190ddb3c2fb1a6144d2781c4bbc6a23df10626

HTTP Headers

GET /images/Robertz/Team/Nadim.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 28 Jun 2022 16:20:05 GMT
etag: "323b-5e28468cded6b"
accept-ranges: bytes
content-length: 12859
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/assets/css/vendor_bundle.min.css

5.175.22.217

200 OK

3.8 kB

URL HTTP/2
www.robertz.de/assets/css/vendor_bundle.min.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (39344)
Size
3.8 kB (3836 bytes)
Hash
f95b5a6991b49a2d93a49c25b0507269
7ddba3d5c0fec9763dc37659af52ddc9a5fdb9ca
5c88a4b0439697d533ea190a067005a323d0a9e481b871985ebf30f8b854ed58

HTTP Headers

GET /assets/css/vendor_bundle.min.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:43 GMT
etag: "99c6-5a67923a7b3c0-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 3836
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cef82c60c8a0e800cb1abfb2b4043e43
7a538ee8563b6cdfdcc0e08358b0644d78ce5d77
e9ddd19b4750001e4a0a073576243a139ac51b5f95d1f9fe8c7067321cc5c8c1

HTTP Headers

POST /s/gts1d4/AO43Z6OvIBc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cef82c60c8a0e800cb1abfb2b4043e43
7a538ee8563b6cdfdcc0e08358b0644d78ce5d77
e9ddd19b4750001e4a0a073576243a139ac51b5f95d1f9fe8c7067321cc5c8c1

HTTP Headers

POST /s/gts1d4/AO43Z6OvIBc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js

104.17.24.14

200 OK

6.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27931)
Size
6.4 kB (6422 bytes)
Hash
beafb90e7e7cb9afd1931dd1ce3d8a6b
ecb8187bf858a727949be0fffbadd1d018e0c169
eabdef01e87e471436dfac8d11edcd16c85d433aa854cdd695165399980ca818

HTTP Headers

GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 6422
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-6e3e"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14109162
expires: Mon, 30 Oct 2023 20:14:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYFSo6xDugnsQ5Az1dCGUq10eNTA0sIZMR9DG65Gw%2Btydn5sTfbtDVXbxotWWbrgp1tKOkpqnmL9LdXehjgyQl96uWkMh7f%2BzBA6ahqRPIQ3zvxZPstVEZ3sfw2Hvq5edr5FGTC6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 767936915c1f0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Siegel/DER_Touristik_Partner_4C.png

5.175.22.217

200 OK

5.0 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Siegel/DER_Touristik_Partner_4C.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
PNG image data, 253 x 284, 8-bit colormap, non-interlaced\012- data
Size
5.0 kB (5009 bytes)
Hash
6cfa5757073c810990a30df5a3a5c142
f3929708377b03ea028621abfd7cc33e2cfdf3c0
42508c7e75bbaaf132edb306339680c86694005e71e2ea2c1c8cb0736949c5b8

HTTP Headers

GET /images/BilderPool/Siegel/DER_Touristik_Partner_4C.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 03 Mar 2022 07:25:15 GMT
etag: "1391-5d94b4ca70b47"
accept-ranges: bytes
content-length: 5009
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png

5.175.22.217

200 OK

15 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
PNG image data, 454 x 156, 8-bit colormap, non-interlaced\012- data
Size
15 kB (14564 bytes)
Hash
5e41153831859cf6af64b682b586a248
15597ac62ce2440e6e8972a18542567db2bac39b
52d5ee205bc379b3b4f1559493e543d0b29d90d6ef6b89316b69574b808d56f1

HTTP Headers

GET /images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Fri, 07 Jan 2022 08:48:44 GMT
etag: "38e4-5d4fa0df3705c"
accept-ranges: bytes
content-length: 14564
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2

privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js

35.190.14.188

200 OK

42 kB

URL HTTP/2
privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
42 kB (41812 bytes)
Hash
54b6b898832d24535f03a1eb80f8f84a
40de73f5b117d0ac4ab0ee9ed88e0e295a1cc4b5
16a6b0d3f4aee0f3e43d15ee8571af111cba7424099e9a079bda1dcf02c64689

HTTP Headers

GET /latest/uc-block.bundle.js HTTP/1.1
Host: privacy-proxy.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycds7BlPkcwi9ewbA-IltrSUs6Au_orL8ze2T1mmJrQBumyfxS9GJUObWyhz2CwZim2VyAa5DVuM8arR_6IwHTr2ln_1mu7j9
x-goog-generation: 1667392245922040
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 41812
x-goog-meta-version: 2.6.27
content-encoding: gzip
x-goog-hash: crc32c=8fwuJA==, md5=VLa4mIMtJFNfA6HrgPj4Sg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 41812
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
server: UploadServer
date: Wed, 09 Nov 2022 19:35:11 GMT
expires: Wed, 09 Nov 2022 20:35:11 GMT
cache-control: public, max-age=3600
age: 2339
last-modified: Wed, 02 Nov 2022 12:30:45 GMT
etag: "54b6b898832d24535f03a1eb80f8f84a"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.robertz.de/images/Robertz/nachhaltigkeit/planet_tree.png

5.175.22.217

200 OK

17 kB

URL HTTP/2
www.robertz.de/images/Robertz/nachhaltigkeit/planet_tree.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
PNG image data, 500 x 314, 8-bit colormap, non-interlaced\012- data
Size
17 kB (16628 bytes)
Hash
13565539b4331994ee95a8ec15ed3dd4
e79de348e181301e82ecf381f121146c28df31b1
1a195b360b9e9b30d4f708e0c5a94fcf7d4a538c6e3717576739ab8e2599cd6b

HTTP Headers

GET /images/Robertz/nachhaltigkeit/planet_tree.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 05 Oct 2022 15:19:13 GMT
etag: "40f4-5ea4b196c287f"
accept-ranges: bytes
content-length: 16628
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.83.91.138

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.91.138:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ix1mOra/A8H4D9wqG4/ygw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jymbFP7qtMvyFV40abMSfB3YFbA=

www.robertz.de/images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png

5.175.22.217

200 OK

16 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
PNG image data, 454 x 133, 8-bit colormap, non-interlaced\012- data
Size
16 kB (16245 bytes)
Hash
0455fe31c325d7dd343f2850cadf4a94
7c8e5403561010cee48bd0cbd0ca22e9c04be5f1
d1e74da66036dbf70f913bf71757dfb97ad2ce1dc3c974f72306becf8defc349

HTTP Headers

GET /images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Fri, 07 Jan 2022 08:48:44 GMT
etag: "3f75-5d4fa0df2f661"
accept-ranges: bytes
content-length: 16245
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/time-371226_1920.jpg

5.175.22.217

200 OK

38 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/time-371226_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
38 kB (38229 bytes)
Hash
58731c57d2c4a4705ef2a6cf5494ae00
13b8a27acf646fa51ac89e2ef4ca2d010f27cde3
4c7210d0d25aa8e279de465665cdd06a133e3456a412dd46ba51d50ad548e801

HTTP Headers

GET /images/BilderPool/Thementeaser/time-371226_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "9555-5cac1e06495a6"
accept-ranges: bytes
content-length: 38229
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

app.usercentrics.eu/latest/bundle.js

35.190.14.188

200 OK

230 kB

URL HTTP/2
app.usercentrics.eu/latest/bundle.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (65470)
Size
230 kB (230157 bytes)
Hash
66cf4a8df76a5634eb0a576bf197b3c9
316e22421f1fdc6387978f20484d4ed2d5662fa5
bafed4c1f3bfb8cf821a0d86370090534d283199f9c665e2e3bed8e29c0bd6bc

HTTP Headers

GET /latest/bundle.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdu9SOJutqsQNSnNOdCyKAIs6ztKXTTWYUKNMj37CjXHqu7hqFYDuFayQWIvVCgpH_LeiGB0OF0LemYemsV196UkKQ
x-goog-generation: 1666097577382615
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 230157
x-goog-meta-version: 2.18.1
content-encoding: gzip
x-goog-hash: crc32c=dNeQCQ==, md5=Zs9KjfdqVjTrCldr8ZezyQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 230157
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Wed, 09 Nov 2022 12:06:05 GMT
expires: Thu, 10 Nov 2022 12:06:05 GMT
cache-control: public, max-age=86400, no-transform
age: 29285
last-modified: Tue, 18 Oct 2022 12:52:57 GMT
etag: "66cf4a8df76a5634eb0a576bf197b3c9"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg

5.175.22.217

200 OK

53 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
53 kB (52914 bytes)
Hash
2074572132e9f3e6743aa540110cc27c
965ceb90356ad01c37a5d68f032b7e0e99540f9a
193322064111e8baec20884ca8df731e5a3f99bf8fb326a0915694381613eb17

HTTP Headers

GET /images/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "ceb2-5ca8ae539421c"
accept-ranges: bytes
content-length: 52914
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/woman-4373078_1920.jpg

5.175.22.217

200 OK

55 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/woman-4373078_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
55 kB (55282 bytes)
Hash
a9f3532465426567c8c1ac1c8ec1ae61
bc42eb71d1db2559cb0d197a37d2cc6211ad98cd
48e008b189b0bfa0a9df6bc1361338a96a570331770beb2097f364eb46297196

HTTP Headers

GET /images/BilderPool/Thementeaser/woman-4373078_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "d7f2-5cac1e06512c1"
accept-ranges: bytes
content-length: 55282
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
a3081036dedfddb97754dd48062fb278
b21230f9a16d465cf145c5d9c8e81983b4088702
55405e4ae05b5489109fa6144c6ba34cff586125cb2fa17764bb61ef7a83a03a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 09 Nov 2022 20:14:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 08 Nov 2022 22:14:08 GMT
Expires: Wed, 09 Nov 2022 22:14:08 GMT
ETag: "b21230f9a16d465cf145c5d9c8e81983b4088702"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.robertz.de/assets/js/core.min.js

5.175.22.217

200 OK

64 kB

URL HTTP/2
www.robertz.de/assets/js/core.min.js
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65512)
Size
64 kB (64543 bytes)
Hash
21485a5c91a6e030255faa364281aa40
69e8f4ae330ece58c4c9dc6fa319187d907bc2bd
af79c3c862f29c5011444e6c6a4259961c61f414202b97559225b92339095f84

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/core.min.js HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 09 Jul 2020 18:02:01 GMT
etag: "4432f-5aa0605764a50-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 64543
content-type: application/javascript
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cbdf82a54fa61cac2964664dac91f550
3dcc923cd72c998ae98351d816243668bc5c3dd8
f352ec70e847dd4d4972b148ff2db433dea76190566a7539612088fe8759d670

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F352EC70E847DD4D4972B148FF2DB433DEA76190566A7539612088FE8759D670"
Last-Modified: Wed, 09 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 10 Nov 2022 02:14:10 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03e024f252d171fe178d5d160a2d289f
d3ba0004bc25a072c51e09d140009fb509be9592
5b0bb55852a68c2b5fe96ee5ed099a0d7bd52d8dd24babc10f1b754de2069763

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B0BB55852A68C2B5FE96EE5ED099A0D7BD52D8DD24BABC10F1B754DE2069763"
Last-Modified: Mon, 07 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7324
Expires: Wed, 09 Nov 2022 22:16:14 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03e024f252d171fe178d5d160a2d289f
d3ba0004bc25a072c51e09d140009fb509be9592
5b0bb55852a68c2b5fe96ee5ed099a0d7bd52d8dd24babc10f1b754de2069763

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B0BB55852A68C2B5FE96EE5ED099A0D7BD52D8DD24BABC10F1B754DE2069763"
Last-Modified: Mon, 07 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15810
Expires: Thu, 10 Nov 2022 00:37:40 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03e024f252d171fe178d5d160a2d289f
d3ba0004bc25a072c51e09d140009fb509be9592
5b0bb55852a68c2b5fe96ee5ed099a0d7bd52d8dd24babc10f1b754de2069763

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B0BB55852A68C2B5FE96EE5ED099A0D7BD52D8DD24BABC10F1B754DE2069763"
Last-Modified: Mon, 07 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 10 Nov 2022 02:14:10 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive

www.robertz.de/www/robertz.de/img/logo_WEB.png

5.175.22.217

200 OK

75 kB

URL HTTP/2
www.robertz.de/www/robertz.de/img/logo_WEB.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
PNG image data, 3094 x 1605, 8-bit colormap, non-interlaced\012- data
Size
75 kB (74928 bytes)
Hash
13c968b38081445f5d6f272e75372335
23cf26c06c9b28cc80dca32e2cec05399a02c966
1f38b8099b47ae9370ef51927f8b026212c789137fa1dbb5ccf7c0d867984824

HTTP Headers

GET /www/robertz.de/img/logo_WEB.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 03 Mar 2022 07:58:32 GMT
accept-ranges: bytes
content-length: 74928
cache-control: max-age=2592000, public
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg

5.175.22.217

200 OK

79 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
79 kB (78687 bytes)
Hash
192a66bef59226d6ab6b3a5097bb2d4d
5d4ef05d8529e310115d7ee15724985469343319
f014df907df2ab80a94cd71c2267a0896ec6c7831308e92a3c726c8592a81eb1

HTTP Headers

GET /images/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1335f-5cac1e06418a1"
accept-ranges: bytes
content-length: 78687
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/assets/js/jquery-3.4.1_plusUI.min.js

5.175.22.217

200 OK

85 kB

URL HTTP/2
www.robertz.de/assets/js/jquery-3.4.1_plusUI.min.js
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
85 kB (85178 bytes)
Hash
d12f6a571f27f8f789cf30b5b17bfeea
6b61e7dbdb4fe26ca656015704e4e0270f2e3c05
1f278360aad59de34a97aeebd39d19149d60ccacb878ee9ebc3cbb398bd75437

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery-3.4.1_plusUI.min.js HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Sat, 04 Jul 2020 16:32:09 GMT
etag: "53745-5a9a02ed31440-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 85178
content-type: application/javascript
X-Firefox-Spdy: h2

www.robertz.de/images/Robertz/nachhaltigkeit/Zertifikat_Robertz_September-2022_03_PNG.png

5.175.22.217

200 OK

92 kB

URL HTTP/2
www.robertz.de/images/Robertz/nachhaltigkeit/Zertifikat_Robertz_September-2022_03_PNG.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
PNG image data, 1239 x 1754, 8-bit colormap, non-interlaced\012- data
Size
92 kB (91788 bytes)
Hash
fab49a5b2ee69c36cd5a19bf436acfc6
4cad67a4347f9931746ea1433f8415d24343c823
17dd3c7b5aade4ca96c7864a820ff97c1af95b2f786a0cf738b2f88bda99e697

HTTP Headers

GET /images/Robertz/nachhaltigkeit/Zertifikat_Robertz_September-2022_03_PNG.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 05 Oct 2022 15:07:14 GMT
etag: "1668c-5ea4aee8f958e"
accept-ranges: bytes
content-length: 91788
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2

booking.traveltermin.de/button?IpdVpkq9Li

134.119.241.212

200 OK

1.8 kB

URL HTTP/1.1
booking.traveltermin.de/button?IpdVpkq9Li
IP
134.119.241.212:0
ASN
#34011 Host Europe GmbH

File type
Unicode text, UTF-8 text, with very long lines (1932)
Size
1.8 kB (1791 bytes)
Hash
b2a18eea1fb5589375a73c522fceb48a
c512ce391fae7566a6fed1ceb4d51dd3e9c365a5
dd9601ec2e7dfa466cb09bf94b47b45a5c539a7a5cc002cc56410d887310de5f

HTTP Headers

GET /button?IpdVpkq9Li HTTP/1.1
Host: booking.traveltermin.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 20:14:10 GMT
Server: Apache
X-Powered-By: PHP/7.3.10
Cache-Control: max-age=604800
Expires: Wed, 16 Nov 2022 20:14:10 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1791
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8;

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Michael.jpg

5.175.22.217

200 OK

12 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Michael.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 236x236, components 3\012- data
Size
12 kB (11836 bytes)
Hash
7366bcfcda634ede8deb3d9c355a8b91
92f9e20b7355c4784e755f8c569ee2a5173d2168
7655969dad71f9c7b976b4e97c83bcaea8230e6cf2a48c17b591fd68362d059a

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Michael.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "2e3c-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 11836
content-type: image/jpeg
X-Firefox-Spdy: h2

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Julia.jpg

5.175.22.217

200 OK

12 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Julia.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 236x236, components 3\012- data
Size
12 kB (12259 bytes)
Hash
a8194c06c8a8d294277daa462319d516
7a506471abff545dc237fd28cecd026b3637698f
b0df99082d55ea503390a5b00e84e450747dc5a4f891fe362481ac2e70a98185

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Julia.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "2fe3-5bf4e5b3d1c51"
accept-ranges: bytes
content-length: 12259
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/women-3266211_1920.jpg

5.175.22.217

200 OK

124 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/women-3266211_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
124 kB (123987 bytes)
Hash
4d620151c765ed8bdd1ddd6193f9e244
475c4f9ce545458df2a3c53b3f9767508d2b325d
3629b868912b11d754f948b8f297b7ba056e82256ee83c85fc41e401ea0dc1a6

HTTP Headers

GET /images/BilderPool/Thementeaser/women-3266211_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1e453-5cac1e06691e6"
accept-ranges: bytes
content-length: 123987
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/vacations-2490266_1920.jpg

5.175.22.217

200 OK

114 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/vacations-2490266_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
114 kB (114078 bytes)
Hash
7d47e7c0e4644bdb9f6390233fa64b5d
309923c63deee1d97fb8dd2e70a902ee6faf7ac7
653e3553dd08d47e5a964311149365a582a90dfde032adaa54097e17882843f7

HTTP Headers

GET /images/BilderPool/Thementeaser/vacations-2490266_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1bd9e-5cac1e0664f6e"
accept-ranges: bytes
content-length: 114078
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
576101a5bceb3126ce720a2c5ce64569
54f3093107feb874fb047227701cbb9808078322
69ed56d28da051efa95cc770cc3043ffab0d31fd199e8690fc3c82d27ee90d6e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69ED56D28DA051EFA95CC770CC3043FFAB0D31FD199E8690FC3C82D27EE90D6E"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13217
Expires: Wed, 09 Nov 2022 23:54:27 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Claudia.jpg

5.175.22.217

200 OK

44 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Claudia.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16], baseline, precision 8, 236x236, components 3\012- data
Size
44 kB (44182 bytes)
Hash
56c8f6150d913b65e5aab67b3ba62f84
ae1a6d0a553a211f0cf4fa673dfc6ed342f8cbe8
de7089fd245c1c2896802772b8c72120ecc7d66fcd972df725c9d1569af8ae4f

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Claudia.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "ac96-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 44182
content-type: image/jpeg
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
576101a5bceb3126ce720a2c5ce64569
54f3093107feb874fb047227701cbb9808078322
69ed56d28da051efa95cc770cc3043ffab0d31fd199e8690fc3c82d27ee90d6e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69ED56D28DA051EFA95CC770CC3043FFAB0D31FD199E8690FC3C82D27EE90D6E"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13158
Expires: Wed, 09 Nov 2022 23:53:28 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Nadine.jpg

5.175.22.217

200 OK

48 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Nadine.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16], baseline, precision 8, 235x236, components 3\012- data
Size
48 kB (47748 bytes)
Hash
431793fe981ba51d3b6281986775045c
6b2ae55ed6162eac106b6149e1774bc7f94bd324
7496b26a859adfd8e480d681110c18d952b79bf7da7ed06e7e28968d9be66aa8

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Nadine.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "ba84-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 47748
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/road-3114475_1920.jpg

5.175.22.217

200 OK

138 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/road-3114475_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
138 kB (137929 bytes)
Hash
8808244f83f82cd6238b27cbbe3aee77
be55dca9bc25da62682dfbf202fe44d7a5a06f62
e965149dc4efeb45f020927785ae74b417994f2cea94f6c281776a8409eb4e2c

HTTP Headers

GET /images/BilderPool/Thementeaser/road-3114475_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "21ac9-5cac1e0668242"
accept-ranges: bytes
content-length: 137929
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
576101a5bceb3126ce720a2c5ce64569
54f3093107feb874fb047227701cbb9808078322
69ed56d28da051efa95cc770cc3043ffab0d31fd199e8690fc3c82d27ee90d6e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69ED56D28DA051EFA95CC770CC3043FFAB0D31FD199E8690FC3C82D27EE90D6E"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21532
Expires: Thu, 10 Nov 2022 02:13:02 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ab7b947ab614098d920a9f2295a3a55
9082f4f86395f10e51cd07b3cb8b228c817ee7d5
8e61e9a11c8196ba4e5cddc9840b912f6f6f33d7acb67f449aaee6508df175d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E61E9A11C8196BA4E5CDDC9840B912F6F6F33D7ACB67F449AAEE6508DF175D3"
Last-Modified: Wed, 09 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Thu, 10 Nov 2022 02:13:18 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
576101a5bceb3126ce720a2c5ce64569
54f3093107feb874fb047227701cbb9808078322
69ed56d28da051efa95cc770cc3043ffab0d31fd199e8690fc3c82d27ee90d6e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69ED56D28DA051EFA95CC770CC3043FFAB0D31FD199E8690FC3C82D27EE90D6E"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 10 Nov 2022 02:14:10 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f61b9f83e9e6674330c72e109f67832c
bb3cc2320539a0aebed558d372272423c61cc7a9
11edc48e342e2998e89a82f4f759168bf95dd1c0faa3063e6179e4f0827aaa54

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11EDC48E342E2998E89A82F4F759168BF95DD1C0FAA3063E6179E4F0827AAA54"
Last-Modified: Tue, 08 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1302
Expires: Wed, 09 Nov 2022 20:35:52 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cef82c60c8a0e800cb1abfb2b4043e43
7a538ee8563b6cdfdcc0e08358b0644d78ce5d77
e9ddd19b4750001e4a0a073576243a139ac51b5f95d1f9fe8c7067321cc5c8c1

HTTP Headers

POST /s/gts1d4/AO43Z6OvIBc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cef82c60c8a0e800cb1abfb2b4043e43
7a538ee8563b6cdfdcc0e08358b0644d78ce5d77
e9ddd19b4750001e4a0a073576243a139ac51b5f95d1f9fe8c7067321cc5c8c1

HTTP Headers

POST /s/gts1d4/AO43Z6OvIBc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Sabrina.jpg

5.175.22.217

200 OK

44 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Sabrina.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=GIMP 2.8.22, datetime=2018:06:08 15:13:15], progressive, precision 8, 236x236, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-25701, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 197.285858, slope 0.000169\012- data
Size
44 kB (44238 bytes)
Hash
3f10608c9147bb7f2c6ed6d2d127d7a0
1aeb71c57ac6e2e9ab78ff28d9238bc26b83a67c
9eb3343464fc4fbf0e6e1d554d49f0e7eca0c5b6bf69abd3faf55b352788bce8

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Sabrina.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "acce-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 44238
content-type: image/jpeg
X-Firefox-Spdy: h2

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Melanie.jpg

5.175.22.217

200 OK

60 kB

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Melanie.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, xresolution=174, yresolution=182, resolutionunit=2, software=GIMP 2.8.22, datetime=2018:06:08 15:18:14], progressive, precision 8, 236x236, components 3\012- data
Size
60 kB (60279 bytes)
Hash
dc2176c3173039123f7bd12a81306dda
9e4c94c2e2e0ca5fe5a1250294700613660321b6
d91036d1030fc79849ec5ac99b29a6ef2d1769e420fb100074b380a15c1679e8

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Melanie.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "eb77-5bf4e5b3ec77a"
accept-ranges: bytes
content-length: 60279
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Thementeaser/mountaineers-5649828_1920.jpg

5.175.22.217

200 OK

177 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Thementeaser/mountaineers-5649828_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
177 kB (176563 bytes)
Hash
8da55968b05019655e9ecf0814bf99fc
017da0fd24e608d42fd9e3ad9686fce2fceab09f
50ed47e128d4c9293417c6f08606c8b4ca05e991790bc83d068ddb077bb7a6f0

HTTP Headers

GET /images/BilderPool/Thementeaser/mountaineers-5649828_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "2b1b3-5cac1e0667e58"
accept-ranges: bytes
content-length: 176563
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.paxconnect.de/js/meinereiseangebote_iframe_v1.1.0.js

83.169.3.220

200 OK

653 B

URL HTTP/1.1
www.paxconnect.de/js/meinereiseangebote_iframe_v1.1.0.js
IP
83.169.3.220:0
ASN
#8972 Host Europe GmbH

File type
ASCII text
Size
653 B (653 bytes)
Hash
f5bf508542930203b6d507c968670502
b2a0ed3ceeb796f0aa21b6efe84bf6d6a710c0f8
6c3a3bb55c78ea17e0b9e1b9e821e509b94d2dc67e20b32515e1f3b9b423211c

HTTP Headers

GET /js/meinereiseangebote_iframe_v1.1.0.js HTTP/1.1
Host: www.paxconnect.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:10 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 May 2022 09:37:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"628df8db-72b"
X-FRAME-OPTIONS: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' paxconnect.de *.paxconnect.de *.smartberatung.com *.meinereiseangebote.de youtube.com  *.youtube.com
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
X-Powered-By: PleskLin
Content-Encoding: br

www.robertz.de/assets/js/vendor_bundle.min.js

5.175.22.217

200 OK

101 kB

URL HTTP/2
www.robertz.de/assets/js/vendor_bundle.min.js
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (65514)
Size
101 kB (101220 bytes)
Hash
eb1235ec9c4c6300e795fdf0be02224f
d3f8f421bdfc1938f6dbdd41b76b0eb01c3a0bcd
37fe01d6f5a8a0bcf91568940e0202f4728b966b15f2e3141d3729dce8cb2a34

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor_bundle.min.js HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:42:21 GMT
etag: "66b1b-5a67925eb8940-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 101220
content-type: application/javascript
X-Firefox-Spdy: h2

www.robertz.de/images/Robertz/Sonderreisen/2023_douro/Dourotal_2023_Teaser.jpg

5.175.22.217

200 OK

245 kB

URL HTTP/2
www.robertz.de/images/Robertz/Sonderreisen/2023_douro/Dourotal_2023_Teaser.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1260x860, components 3\012- data
Size
245 kB (245098 bytes)
Hash
5222d6d387662013bd7de8cafb3880b7
100376302444e5e425af578536be126cec89ba9e
982289b28aeb3839fe78a3fd9bac5951971c3b417438dc25510224939b6f5ac5

HTTP Headers

GET /images/Robertz/Sonderreisen/2023_douro/Dourotal_2023_Teaser.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 07 Sep 2022 14:51:51 GMT
etag: "3bd6a-5e81773f7aa75"
accept-ranges: bytes
content-length: 245098
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/Robertz/Sonderreisen/2023_ostsee-oder/2023_kultour_kreuzfahrt_teaser.jpg

5.175.22.217

200 OK

394 kB

URL HTTP/2
www.robertz.de/images/Robertz/Sonderreisen/2023_ostsee-oder/2023_kultour_kreuzfahrt_teaser.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "Created with GIMP", progressive, precision 8, 1260x860, components 3\012- data
Size
394 kB (393584 bytes)
Hash
f51e6ae37f5a6725e91f8dfe90751218
401450013faed0a350a16741ec91b7a9cac1d6dd
2ecd15ac2f69b67784e4a621a7f99b16aebf75641d789ab511717b0f6a13f353

HTTP Headers

GET /images/Robertz/Sonderreisen/2023_ostsee-oder/2023_kultour_kreuzfahrt_teaser.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 27 Jul 2022 15:35:52 GMT
etag: "60170-5e4cb2c193ac4"
accept-ranges: bytes
content-length: 393584
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/www/fonts/montserrat.css

5.175.22.217

404 Not Found

196 B

URL HTTP/2
www.robertz.de/www/fonts/montserrat.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

HTTP Headers

GET /www/fonts/montserrat.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/medical-563427_1920.jpg

5.175.22.217

200 OK

41 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/medical-563427_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
41 kB (41083 bytes)
Hash
1a14e9bc192ef71737e00e2659b943a3
b34da10383fc7cf2f7588d01f7c7f161ecd3de59
609b9a791933979e096a4778fdd0b046a29d58be123a66fe975951a5db751aff

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/medical-563427_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 09:40:48 GMT
etag: "a07b-5e9cdac1b9435"
accept-ranges: bytes
content-length: 41083
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/statue-of-liberty-g91a003ec7_1920.jpg

5.175.22.217

200 OK

73 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/statue-of-liberty-g91a003ec7_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
73 kB (73186 bytes)
Hash
73991d5ed68858c2a662504dc2183e32
1cedc862bb3824ea216db4591c71d5b3a0b49dc2
21127e3e4b00b57465d7dc43dbbb6bf6adbb931c512aa1b76d7096061556fecc

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/statue-of-liberty-g91a003ec7_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 09:40:48 GMT
etag: "11de2-5e9cdac1c4b5e"
accept-ranges: bytes
content-length: 73186
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/passport-6012618_1920.jpg

5.175.22.217

200 OK

135 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/passport-6012618_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
135 kB (135254 bytes)
Hash
6c6cce06a97cb2121796d60972afafaa
3a66e9eb3f93e7a004adbd13405588d7b7cc3ef2
55c47ab26263641d379014113b867e685ab1a3747d8419ad5b07c6834ba25623

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/passport-6012618_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 11 Nov 2021 09:39:05 GMT
etag: "21056-5d0801d0be818"
accept-ranges: bytes
content-length: 135254
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/lake-louise-1761286_1920.jpg

5.175.22.217

200 OK

115 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/lake-louise-1761286_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
115 kB (115135 bytes)
Hash
ae636582e580e0d24e4fedbc84af6894
02040d1ef25f7ec7678ef64ba984a2236dfb0153
836653e3204500f3598e1bc344205a816584c96b5393cea8b4af40e74e736f7d

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/lake-louise-1761286_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 09:40:48 GMT
etag: "1c1bf-5e9cdac1c8868"
accept-ranges: bytes
content-length: 115135
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif

5.175.22.217

200 OK

489 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
GIF image data, version 89a, 2000 x 400\012- data
Size
489 kB (488926 bytes)
Hash
5d4acf5c3a2b71be434b261b76b7e6a9
d9e2645d08cec0a26fe80d30e973de6a4a0b7455
05655f50624596e80672653afde7d5ff99e5efa933bab177057a92812cb659f5

HTTP Headers

GET /www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 23 Aug 2022 16:09:31 GMT
etag: "775de-5e6eaca279e6a"
accept-ranges: bytes
content-length: 488926
content-type: image/gif
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/cGpVLbInt0o

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/cGpVLbInt0o
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3e7d6fd8a3b554c92dce54bb47ed14d4
de02b7f8d8b8165ee2a5eaef5180ac7c919246b2
71229a8d9de7c87b6e0e6cbffb6ad0e965917efce026eac64fa927c91220451b

HTTP Headers

POST /s/gts1d4/cGpVLbInt0o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/cGpVLbInt0o

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/cGpVLbInt0o
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3e7d6fd8a3b554c92dce54bb47ed14d4
de02b7f8d8b8165ee2a5eaef5180ac7c919246b2
71229a8d9de7c87b6e0e6cbffb6ad0e965917efce026eac64fa927c91220451b

HTTP Headers

POST /s/gts1d4/cGpVLbInt0o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.robertz.de/assets/fonts/flaticon/Flaticon.woff2

5.175.22.217

200 OK

37 kB

URL HTTP/2
www.robertz.de/assets/fonts/flaticon/Flaticon.woff2
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Size
37 kB (36732 bytes)
Hash
ae2dd4b29a7c28b5cc6e9364c7a69983
602976fc50a9aa00adc99bc2d93888db7a81d2fc
0ebd2de93302226f320140f8051d5cff7c3752be9700d0d598e498bbe0dde638

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.robertz.de/assets/css/core.min.css
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800"
accept-ranges: bytes
content-length: 36732
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:11 GMT
vary: Accept-Encoding
x-cache: MISS from www.robertz.de
content-type: font/woff2
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Reisethemen/Wandern-Alpen/mountaineers-5649828_1920.jpg

5.175.22.217

200 OK

495 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Reisethemen/Wandern-Alpen/mountaineers-5649828_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size
495 kB (495184 bytes)
Hash
d708b49b7c25267812f6899e2acf19b4
ec6ef0b325f9da1332ee56dec7599f93d793a758
cae3622c5e0a149cfeb6a634b0b19e833523997774f153d394e689b99f52c694

HTTP Headers

GET /images/BilderPool/Reisethemen/Wandern-Alpen/mountaineers-5649828_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 15:12:49 GMT
etag: "78e50-5c50bc1bd7f5c"
accept-ranges: bytes
content-length: 495184
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:11 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

privacy-proxy-server.usercentrics.eu/googleMaps?center=NaN,6.342&size=1000x500&zoom=12

34.149.163.237

200 OK

9.4 kB

URL HTTP/2
privacy-proxy-server.usercentrics.eu/googleMaps?center=NaN,6.342&size=1000x500&zoom=12
IP
34.149.163.237:0
ASN
#15169 GOOGLE

File type
PNG image data, 1280 x 1000, 8-bit colormap, non-interlaced\012- data
Size
9.4 kB (9353 bytes)
Hash
54fd6e96885c88070add8a1c693dd342
27bfae7fa82cc11de8f58165c4b8d1c6f757654f
c7754a82e1f13d5c3282796111a227df7afdd9c4b6fc26466baa566654545865

HTTP Headers

GET /googleMaps?center=NaN,6.342&size=1000x500&zoom=12 HTTP/1.1
Host: privacy-proxy-server.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
content-type: image/png
expires: Thu, 10 Nov 2022 20:14:11 GMT
cache-control: public, max-age=2592000
x-staticmap-api-warning: Error geocoding: center
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=82
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cloud-trace-context: a730ba2d29a69ebc49564135fd38ab87
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Google Frontend
content-length: 9353
via: 1.1 google
X-Firefox-Spdy: h2

www.robertz.de/assets/js/scripts.min.js?_=1668024847227

5.175.22.217

200 OK

3.2 kB

URL HTTP/2
www.robertz.de/assets/js/scripts.min.js?_=1668024847227
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (5449), with CRLF line terminators
Size
3.2 kB (3166 bytes)
Hash
1d16ebc0b3c66d6a10a2f844da041250
0bfc5df3e06ecc3af5ea0e5e4ec0c277d887c58f
7ddfb4f8b171063568c5f9d506d3777cfc061d6eff3deff43fcb5af2b6e38f11

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/scripts.min.js?_=1668024847227 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
last-modified: Sun, 05 Jul 2020 10:17:52 GMT
etag: "2541-5a9af1222b05b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:11 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 3166
content-type: application/javascript
X-Firefox-Spdy: h2

www.robertz.de/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1668024847228

5.175.22.217

200 OK

2.8 kB

URL HTTP/2
www.robertz.de/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1668024847228
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Unicode text, UTF-8 (with BOM) text
Size
2.8 kB (2824 bytes)
Hash
ff02a0dc373adfb3ebe39af4c7eef961
dac0bdc76620735d11975d970215c5d70207334c
7cdb80f8f5dea5cabf2936d0241e5d8a4b07f1cddaa5123a0c83b764c8f2c798

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1668024847228 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
last-modified: Sat, 18 Jul 2020 18:48:04 GMT
etag: "2936-5aabbb6b6819b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:11 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 2824
content-type: application/javascript
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/cGpVLbInt0o

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/cGpVLbInt0o
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3e7d6fd8a3b554c92dce54bb47ed14d4
de02b7f8d8b8165ee2a5eaef5180ac7c919246b2
71229a8d9de7c87b6e0e6cbffb6ad0e965917efce026eac64fa927c91220451b

HTTP Headers

POST /s/gts1d4/cGpVLbInt0o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

privacy-proxy-server.usercentrics.eu/googleMaps?center=50.705,6.178&size=1000x500&zoom=12

34.149.163.237

200 OK

159 kB

URL HTTP/2
privacy-proxy-server.usercentrics.eu/googleMaps?center=50.705,6.178&size=1000x500&zoom=12
IP
34.149.163.237:0
ASN
#15169 GOOGLE

File type
PNG image data, 1280 x 1000, 8-bit colormap, non-interlaced\012- data
Size
159 kB (159032 bytes)
Hash
72ea0883ee7d17e4ac26e0957d2025b4
ec59bdad0d54dd2f4581697d10b1d6962285cc5a
61a2d460c0bd77a757f6bb5bc1b79fcc61765b32039258902cb9b622247daf52

HTTP Headers

GET /googleMaps?center=50.705,6.178&size=1000x500&zoom=12 HTTP/1.1
Host: privacy-proxy-server.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
content-type: image/png
expires: Thu, 10 Nov 2022 20:14:11 GMT
cache-control: public, max-age=2592000
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cloud-trace-context: 6aebbfd62caec3947e1f75bcdfbbc022
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Google Frontend
content-length: 159032
via: 1.1 google
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9529
Expires: Wed, 09 Nov 2022 22:53:00 GMT
Date: Wed, 09 Nov 2022 20:14:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9529
Expires: Wed, 09 Nov 2022 22:53:00 GMT
Date: Wed, 09 Nov 2022 20:14:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9529
Expires: Wed, 09 Nov 2022 22:53:00 GMT
Date: Wed, 09 Nov 2022 20:14:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg

34.120.237.76

200 OK

2.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.8 kB (2808 bytes)
Hash
547f07effeda1f7041b06fa3f10f90bf
d453f8017ebbbb8362f745a15c95acbddf55ac26
c4c4063cae55e4e2192ab2ac98543f4495a81879b8001fd2efb7989ca6eddba9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2808
x-amzn-requestid: 7360c882-e191-456f-a3bd-a60b9521fa1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTvFUXIAMFXHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-76c6b1c251a2bf7e56fd9ba2;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YjFB1BpcpATyMj0aZldTHb6xWSeTIzklGyc1WWT09DsrnYQ1bUiTkg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 18:54:44 GMT
age: 4767
etag: "d453f8017ebbbb8362f745a15c95acbddf55ac26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8154 bytes)
Hash
c69b19d2273c3ade32fd0797921c0459
8cafda5659f5b36c855a2bbcaeb03aa715ddeebd
d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5sq7XRYInS334VVDEtCJNlf_O9FTHn2G4u-WAIygFZ-SALN0flMwew==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:14 GMT
age: 79917
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4737 bytes)
Hash
39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQBFkEhLIAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:49:16 GMT
age: 80695
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 06:24:20 GMT
age: 49791
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10822 bytes)
Hash
86ec3f22045de1a100eccf27d91593ae
e26769d82108f89057b05096061f1276d34e223a
b863d19ab12945922b4d014c517f5ffe349cefe2bbe1c2f16661371f22378cbd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 730ec36d-2d1d-4a0f-90c8-dd819811bdd1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bM39VEZkIAMF7lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636839ee-6e75e34c64d489ca25765e67;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 22:49:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: R2JUiJdMAsIbCHDmMMHyN0sKaVBZMDRh2WOfBPUWZpnMBVOcI40Y3w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 11:14:53 GMT
age: 32358
etag: "e26769d82108f89057b05096061f1276d34e223a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9313 bytes)
Hash
29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 81040
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f8a52741b0ee3af3c68c41aef452d17
cacb0ae9576b236cc69c8b5242023e0d74286315
7db9821452de393101757931023b2ddb1dcbc2f5b423bd74418c01ae8c7ddd4a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1911
Cache-Control: max-age=129645
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Etag: "636b5a09-1d7"
Expires: Fri, 11 Nov 2022 08:14:56 GMT
Last-Modified: Wed, 09 Nov 2022 07:43:05 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f8a52741b0ee3af3c68c41aef452d17
cacb0ae9576b236cc69c8b5242023e0d74286315
7db9821452de393101757931023b2ddb1dcbc2f5b423bd74418c01ae8c7ddd4a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1911
Cache-Control: max-age=129645
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Etag: "636b5a09-1d7"
Expires: Fri, 11 Nov 2022 08:14:56 GMT
Last-Modified: Wed, 09 Nov 2022 07:43:05 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f8a52741b0ee3af3c68c41aef452d17
cacb0ae9576b236cc69c8b5242023e0d74286315
7db9821452de393101757931023b2ddb1dcbc2f5b423bd74418c01ae8c7ddd4a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3473
Cache-Control: max-age=131207
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Etag: "636b5a09-1d7"
Expires: Fri, 11 Nov 2022 08:40:58 GMT
Last-Modified: Wed, 09 Nov 2022 07:43:05 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2bf7b638b101c892bd1a137dbd10595f
3a596d93e08dfd3222b54a540604c7c999594b7a
6797dbb4b423a259959bdfb27a0f3102f7a222d2521250f3ebd9f445c555179f

HTTP Headers

POST /s/gts1d4/qXJ6BhT-uwQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.meinereiseangebote.de/VRVR-5820?supressCookieConsent&output_content=iframe

13.69.68.38

200 OK

10 kB

URL HTTP/1.1
www.meinereiseangebote.de/VRVR-5820?supressCookieConsent&output_content=iframe
IP
13.69.68.38:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1611), with CRLF, LF line terminators
Size
10 kB (10012 bytes)
Hash
b5c2e5770b5b9bc0ff4624ab25d4b580
95cf4d50454479603688b77d015c865b72e01f1c
29d4e74b83d5bb62eee983fe7f16e64e36af3367ffd206feb17ef26be1961001

HTTP Headers

GET /VRVR-5820?supressCookieConsent&output_content=iframe HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 10012
Content-Type: text/html; charset=utf-8
Date: Wed, 09 Nov 2022 20:14:11 GMT
Server: Apache
Cache-Control: no-store, must-revalidate, no-cache
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=ee84f27a16cd686ed435f2d2e3a9eef5; path=/; secure; HttpOnly; SameSite=Strict
ARRAffinity=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51;Path=/;HttpOnly;Secure;Domain=www.meinereiseangebote.de
ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.meinereiseangebote.de
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Security-Policy: default-src 'none';frame-src 'self' *.trustyou.com *.youtube.com *.google.com review.holidaycheck.com;media-src 'self' static.gebeco.de *.studiosus.com;font-src 'self' https://fonts.gstatic.com *.smartberatung.com;img-src * 'self' data:;object-src 'none';script-src 'strict-dynamic' 'nonce-8iUXN7UCGoQauIEdfce74NBc9yA=' *.smartberatung.com ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.core.windows.net cdn.smartberatung.com;frame-ancestors *;base-uri 'self';form-action 'self';connect-src *;

www.meinereiseangebote.de/dist/main-db9ddf5617.min.css

13.69.68.38

200 OK

22 kB

URL HTTP/1.1
www.meinereiseangebote.de/dist/main-db9ddf5617.min.css
IP
13.69.68.38:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size
22 kB (22471 bytes)
Hash
b70cafcc617fbbce13bdab78b616c169
a501a5dc9a740c30a61c371d6e9cacf553f1e7ce
dd7540f7d2624662af87ab440ced5035b6a072706bd77034f21740d52bf1ff81

HTTP Headers

GET /dist/main-db9ddf5617.min.css HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 22471
Content-Type: text/css
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1df4b-5ead190906580-gzip"
Last-Modified: Wed, 12 Oct 2022 07:44:38 GMT
Vary: Accept-Encoding

api.usercentrics.eu/settings/8EV1oBWbt/latest/de.json

35.241.3.184

200 OK

8.2 kB

URL HTTP/2
api.usercentrics.eu/settings/8EV1oBWbt/latest/de.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (26196), with no line terminators
Size
8.2 kB (8174 bytes)
Hash
c62ae3f23a1b9db989b30786d7623166
c5fa759c2f95c4bcab5393391838ce826948babf
e96186ea046c8600f2cd9200a2298bdb42a9b26bc89a7bcc62f80933d903be7d

HTTP Headers

GET /settings/8EV1oBWbt/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.robertz.de/
Origin: https://www.robertz.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdufXpGapI-9QNj-sdqaVfRFqlnALlQnfFd3KHXTcas-CgtkcjS3i5OxCXGoLb38w5KnqE36PygxmYM0En_JHzatHg
date: Wed, 09 Nov 2022 20:14:12 GMT
cache-control: public, max-age=1800, s-maxage=10
expires: Wed, 09 Nov 2022 20:14:22 GMT
last-modified: Fri, 04 Nov 2022 16:59:00 GMT
etag: "c62ae3f23a1b9db989b30786d7623166"
x-goog-generation: 1667581140461575
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8174
content-type: application/json
content-encoding: gzip
x-goog-hash: crc32c=R4cBkQ==, md5=xirj8jobnbmJsweG12IxZg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8174
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.meinereiseangebote.de/js/signalr.min.js

13.69.68.38

200 OK

20 kB

URL HTTP/1.1
www.meinereiseangebote.de/js/signalr.min.js
IP
13.69.68.38:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (59658)
Size
20 kB (20395 bytes)
Hash
a489a138f3892c6cd7e480f3434cb0f0
833fb6efed094733f67c9f1ea199857d6d8e648b
36ccf5a6da80777f525f90110963dfed1323c6518ba2d1b9efb4f409ce617371

HTTP Headers

GET /js/signalr.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 20395
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1c662-58abf392a1880-gzip"
Last-Modified: Fri, 07 Jun 2019 17:33:06 GMT
Vary: Accept-Encoding

ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2bf7b638b101c892bd1a137dbd10595f
3a596d93e08dfd3222b54a540604c7c999594b7a
6797dbb4b423a259959bdfb27a0f3102f7a222d2521250f3ebd9f445c555179f

HTTP Headers

POST /s/gts1d4/qXJ6BhT-uwQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.meinereiseangebote.de/css/customer.css.php?c=e9e2d6&c_text=000&cback=ffffff&cback_text=000&cbutton=ec6328&cbutton_text=fff&cattr=ff0000&cattr_text=fff

13.69.68.38

200 OK

843 B

URL HTTP/1.1
www.meinereiseangebote.de/css/customer.css.php?c=e9e2d6&c_text=000&cback=ffffff&cback_text=000&cbutton=ec6328&cbutton_text=fff&cattr=ff0000&cattr_text=fff
IP
13.69.68.38:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
843 B (843 bytes)
Hash
402d16529c960b4b420de44987f3f6a4
cadf55654c2f1a0bcc6ffa5c916e120d7df052ef
6b73063b356a21320999f666ca5501937ea3cbb311b1e3c10242a2b88ced768e

HTTP Headers

GET /css/customer.css.php?c=e9e2d6&c_text=000&cback=ffffff&cback_text=000&cbutton=ec6328&cbutton_text=fff&cattr=ff0000&cattr_text=fff HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 843
Content-Type: text/css; charset=UTF-8
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28

www.meinereiseangebote.de/dist/list.67a1409927b5371fffa8.bundle.js

13.69.68.38

200 OK

29 kB

URL HTTP/1.1
www.meinereiseangebote.de/dist/list.67a1409927b5371fffa8.bundle.js
IP
13.69.68.38:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (65411)
Size
29 kB (28921 bytes)
Hash
964547c7340dc77600503e74e18ef665
3f22284d414830ecf0d407c7317e2b0e4ae21cc0
2cfab7ab81d9e5157bbd3daa813d162829be775588391d5cb8e5ecd31a1c5b7a

HTTP Headers

GET /dist/list.67a1409927b5371fffa8.bundle.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 28921
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1606f-5ead191c19280-gzip"
Last-Modified: Wed, 12 Oct 2022 07:44:58 GMT
Vary: Accept-Encoding

www.meinereiseangebote.de/js/jquery.validate.min.js

13.69.68.38

200 OK

7.9 kB

URL HTTP/1.1
www.meinereiseangebote.de/js/jquery.validate.min.js
IP
13.69.68.38:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (24463)
Size
7.9 kB (7917 bytes)
Hash
98dd0eff9bec7b5449b1a875a095efe8
601c8f3cd6fbf7f62599872cff4c19045718428c
16d1d1da78f61d81e9657708cdc110eec288a5f8613a6a50d4a10ed6de3c522b

HTTP Headers

GET /js/jquery.validate.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 7917
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "6019-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding

www.meinereiseangebote.de/js/iframeResizer.contentWindow.min.js

13.69.68.38

200 OK

5.1 kB

URL HTTP/1.1
www.meinereiseangebote.de/js/iframeResizer.contentWindow.min.js
IP
13.69.68.38:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (13224)
Size
5.1 kB (5062 bytes)
Hash
acf6ed4a5a0367bf4192578cd9d14af2
6cbf60125c288e9ee11cb114ef6146f433213189
16869f60747c1ed316dbf077789e13a43f9de6ea4d5319c7bb101d32b6070c74

HTTP Headers

GET /js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 5062
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "34fb-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding

www.meinereiseangebote.de/js/iframeResizer.min.js

13.69.68.38

200 OK

5.6 kB

URL HTTP/1.1
www.meinereiseangebote.de/js/iframeResizer.min.js
IP
13.69.68.38:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (13786)
Size
5.6 kB (5586 bytes)
Hash
2dbe7ca3eeeecd201e821ae3e8615fd1
6082808fe38faf7d285a4e0da66f2d23200109da
b8d2a53b285cca535708451e516647e02dfbcc2f7f45164919fb2b2408b1c38a

HTTP Headers

GET /js/iframeResizer.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 5586
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "36fc-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding

www.meinereiseangebote.de/js/jquery.min.js

13.69.68.38

200 OK

31 kB

URL HTTP/1.1
www.meinereiseangebote.de/js/jquery.min.js
IP
13.69.68.38:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65447)
Size
31 kB (30902 bytes)
Hash
31d53c8cdce8012a24abc8e84aa972e5
7287b1ec5d88304ba44fc1958b8de9596274c4e3
1b72bc7f54bc9170e605f6c4bb5529668c4ee3efeee602fdb63036b45b49f41c

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 30902
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "15d9d-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding

www.meinereiseangebote.de/images/map-pointer.svg

13.69.68.38

200 OK

520 B

URL HTTP/1.1
www.meinereiseangebote.de/images/map-pointer.svg
IP
13.69.68.38:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Size
520 B (520 bytes)
Hash
ac3b43d0d75a0c358464b8c81b168ba0
a8de09edc55ab38a335e7c883b480c0602089e8a
128a253d55271bb538fa48869e9ccb3374f64267e0f7559fa749d37fa83e8abf

HTTP Headers

GET /images/map-pointer.svg HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 520
Content-Type: image/svg+xml
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "208-5ead18fbac600"
Last-Modified: Wed, 12 Oct 2022 07:44:24 GMT

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5100820067042e41b6a4b92a9ac62981
755d4005599b7e745aa53c4ee949bd07cf775d91
a8af4f3cbf5ffde3e474e669b6308aaad37c11714832fd232bc96b08ddcc7c78

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146788
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Etag: "636ba478-1d7"
Expires: Fri, 11 Nov 2022 13:00:40 GMT
Last-Modified: Wed, 09 Nov 2022 13:00:40 GMT
Server: nginx
Content-Length: 471

ocsp.starfieldtech.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
9e1aa04c6cf6c62eadfd2e41c52e9bd4
1eedfcac8778476955128bf0a1b3fe38f62c2394
f18f3969b49a07d97a9041c8510ee08573368dd64c50a0fb4f5594294115047a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 09 Nov 2022 19:37:24 GMT
Expires: Thu, 10 Nov 2022 19:37:24 GMT
ETag: "1eedfcac8778476955128bf0a1b3fe38f62c2394"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2

104.18.22.52

200 OK

11 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10884, version 331.-31196\012- data
Size
11 kB (10884 bytes)
Hash
b297f9c677379a25dab795e0546e1e07
c0eeb3115545926ad1cb5d9b37a2fe573acf4b03
272922821dedf161cdf3bebb80a3353ae53e530698f4f92606e3f76b5415c158

HTTP Headers

GET /releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 10884
x-amz-id-2: MSUO5SLWXT3wy9ZkeOcfS8o/YDoc6TN1191layOBqbf42KYTRTpfjWgpf2h2TRIdoRB6EHracrc=
x-amz-request-id: 2J07XZNG0BRT89VN
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:39 GMT
etag: "b297f9c677379a25dab795e0546e1e07"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369de968b500-OSL
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2

104.18.22.52

200 OK

2.4 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 2412, version 331.-31196\012- data
Size
2.4 kB (2412 bytes)
Hash
714ee8de820748bab5090d91cd5b7690
07f4d4dfe5e3c9045f41996eb1ac8ecbbcc779bf
322c181b1aab5807cd0a7ed9e249ddbd97fa385ca3d338aa59ef1f610ca24601

HTTP Headers

GET /releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 2412
x-amz-id-2: p3mE6+hyiq+T8ZmIFfOSoez+MYzcSknKPe7lZVuKpABWYZX326yStLSMbXmHVU8gF5gTB5J4How=
x-amz-request-id: 2J08902JTQTTQ2KM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:37 GMT
etag: "714ee8de820748bab5090d91cd5b7690"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369de971b500-OSL
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.1.woff2

104.18.22.52

200 OK

11 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.1.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10860, version 331.-31196\012- data
Size
11 kB (10860 bytes)
Hash
eb7a13166c2efdd5b305c75d341ce222
4f9e18b100b049b74efb8f0084e81756abaadfaa
b2698da8df8781bf12a07d76bab5c6353fbb730a8138fcaa1371c4950ad7c461

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.11.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 10860
x-amz-id-2: me5XWBP3/eg7FOUx0bzil8Rf7/a9wpqw+waOHGjlpdTkXxMdHwPhccz+q5V5jukbr5AsZ0zRG7I=
x-amz-request-id: 2J0DM2T7WWKY0QK1
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "eb7a13166c2efdd5b305c75d341ce222"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369df982b500-OSL
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2

104.18.22.52

200 OK

10 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10412, version 331.-31196\012- data
Size
10 kB (10412 bytes)
Hash
82b2764fcd41e25136e931dd303a29f4
ec11167afa020752f2dcdbeba74c10ee6d9255d6
94db1583c12033a2b06418908eaf13362e9e79e6c4a78e5e8ce608774cf6e512

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 10412
x-amz-id-2: rapPqU7T/opRL5XQF96Wln70x4dzgD1nviiPohuxQ8QWEP1gAeWERmcFf3eJmlFQ55SwJvyhyOM=
x-amz-request-id: 2J0C068FH3VTQAYA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "82b2764fcd41e25136e931dd303a29f4"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369e099cb500-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bd0b29457a55942c4ecc9a0e6d3b3fc4
be16e7a02e8a68495ae7718128f6fe4f9df8b74d
527706e8b967b9138d0bd581b2ac18fa8d489e38649975788c8dbe7f51e93d39

HTTP Headers

POST /s/gts1d4/tKUY0ZCyl9k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd45c8fe14e2312dc1cc1c953caaa62e
7a9b8fea1c9c1034366d40741684a88defe0a122
1024006ee4e8d2fd8bbe03907cf077d33bc2bfd585950629180e96810aba667b

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 246
Cache-Control: max-age=113935
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Etag: "636b232d-1d7"
Expires: Fri, 11 Nov 2022 03:53:07 GMT
Last-Modified: Wed, 09 Nov 2022 03:49:01 GMT
Server: ECS (amb/6BAB)
X-Cache: HIT
Content-Length: 471

media.xmlteam.de/files/nicko-cruises/nicko-cruises-logo-e60f33.png

162.55.39.184

200 OK

5.4 kB

URL HTTP/2
media.xmlteam.de/files/nicko-cruises/nicko-cruises-logo-e60f33.png
IP
162.55.39.184:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 500 x 41, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5377 bytes)
Hash
95e474477b17bb6d387a84aadd73b3aa
e627261d0093b4e2971616f23e075038a2f1057d
0e655b875be105ac8811e04486bd47f9a3c8bccab999b0fe22527c75b26291ff

HTTP Headers

GET /files/nicko-cruises/nicko-cruises-logo-e60f33.png HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 26 Feb 2022 10:57:59 GMT
etag: "1501-5d8e9b0381bc0"
accept-ranges: bytes
content-length: 5377
content-type: image/png
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd45c8fe14e2312dc1cc1c953caaa62e
7a9b8fea1c9c1034366d40741684a88defe0a122
1024006ee4e8d2fd8bbe03907cf077d33bc2bfd585950629180e96810aba667b

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 246
Cache-Control: max-age=113935
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Etag: "636b232d-1d7"
Expires: Fri, 11 Nov 2022 03:53:07 GMT
Last-Modified: Wed, 09 Nov 2022 03:49:01 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd45c8fe14e2312dc1cc1c953caaa62e
7a9b8fea1c9c1034366d40741684a88defe0a122
1024006ee4e8d2fd8bbe03907cf077d33bc2bfd585950629180e96810aba667b

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2038
Cache-Control: max-age=115727
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Etag: "636b232d-1d7"
Expires: Fri, 11 Nov 2022 04:22:59 GMT
Last-Modified: Wed, 09 Nov 2022 03:49:01 GMT
Server: ECS (amb/6B79)
X-Cache: HIT
Content-Length: 471

cdn.smartberatung.com/fonts/roboto-v18-latin-700.woff2

13.107.213.53

200 OK

15 kB

URL HTTP/2
cdn.smartberatung.com/fonts/roboto-v18-latin-700.woff2
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format (Version 2), TrueType, length 15436, version 1.0\012- data
Size
15 kB (15436 bytes)
Hash
037d830416495def72b7881024c14b7b
619389190b3cafafb5db94113990350acc8a0278
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

HTTP Headers

GET /fonts/roboto-v18-latin-700.woff2 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 15436
content-type: application/octet-stream
content-md5: A32DBBZJXe9yt4gQJMFLew==
last-modified: Fri, 30 Apr 2021 09:58:44 GMT
accept-ranges: bytes
etag: "0x8D90BBE8A57F2BB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 0500d5f8-101e-00c0-715c-f4da8a000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0v+VrYwAAAACKL9cKRRGSTbW41rZuftbQQU1TMDRFREdFMTkxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0FApsYwAAAACgNNxT3pNfSZ+q6UPH9sXYU1ZHMjBFREdFMDYxNwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2

104.18.22.52

200 OK

25 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 24800, version 331.-31196\012- data
Size
25 kB (24800 bytes)
Hash
4abe94f1746789f39110d3ebac7ebd96
bdc3b41f3cc3e5e3e87ca020eeddc2b288f0dd91
299dc8e16be2ab2214e279b5536efd387d17fd3d364f397ce9f1fed602384fea

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 24800
x-amz-id-2: 2G/URN2mEaoF1iTABr0ADxZQa7fTFvrNWEHDhb2zfSZ8VbW1nx6s2GuTBNSlWYvVUfVDbJ/t/F0=
x-amz-request-id: 2J06ZXE6JJPT6FZ4
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:40 GMT
etag: "4abe94f1746789f39110d3ebac7ebd96"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369e099ab500-OSL
X-Firefox-Spdy: h2

cdn.smartberatung.com/fonts/roboto-v18-latin-regular.woff2

13.107.213.53

200 OK

15 kB

URL HTTP/2
cdn.smartberatung.com/fonts/roboto-v18-latin-regular.woff2
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /fonts/roboto-v18-latin-regular.woff2 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 15344
content-type: application/octet-stream
content-md5: XUrrTl9e91TjB9f/rvaIvQ==
last-modified: Fri, 30 Apr 2021 09:58:44 GMT
accept-ranges: bytes
etag: "0x8D90BBE8A6F780F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 38e0ad6a-701e-00b6-575c-f45e36000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0v+VrYwAAAABYEPFuHCHXTJSsQiBE26DmQU1TMDRFREdFMTkxMwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0FApsYwAAAABIEzuDNRoGR72+m0FNfKaYU1ZHMjBFREdFMDYxNwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2

cdn.smartberatung.com/fonts/roboto-v18-latin-500.woff2

13.107.213.53

200 OK

16 kB

URL HTTP/2
cdn.smartberatung.com/fonts/roboto-v18-latin-500.woff2
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /fonts/roboto-v18-latin-500.woff2 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 15552
content-type: application/octet-stream
content-md5: KFRnF29/5rtqnGhzs9rSzA==
last-modified: Fri, 30 Apr 2021 09:58:43 GMT
accept-ranges: bytes
etag: "0x8D90BBE8A2F040E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 6fccfbd9-501e-0029-7a05-f4268c000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0v+VrYwAAAACAKkrJnH0yTp5bA7OhKfhQQU1TMDRFREdFMTkxMgBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0FApsYwAAAADhz1fHL07aSaMC2agXJMERU1ZHMjBFREdFMDYxNwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2

104.18.22.52

200 OK

17 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 17168, version 331.-31196\012- data
Size
17 kB (17168 bytes)
Hash
8a43eb7db323b6a82d87a458c34cbe82
968367a39a575ffe38f1cfda07eea12eff885831
2bbaabc785383c5d90abc17e6703ac6a057b9644c6ebdfe9e15709c6ffac9c71

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 17168
x-amz-id-2: biETtmrR4Q7A47OGgjefTnMwZCLjvMs5qZDKDHcWmiKIRu6v2zc51nADyfiDFPhly//KGyNjOO8=
x-amz-request-id: 2J08XYPJKV8S3H83
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "8a43eb7db323b6a82d87a458c34cbe82"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369df991b500-OSL
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Reisethemen/St%C3%A4dtereisen/heidelberg-5360721_1920.jpg

5.175.22.217

200 OK

295 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Reisethemen/St%C3%A4dtereisen/heidelberg-5360721_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1277, components 3\012- data
Size
295 kB (295085 bytes)
Hash
94538df66b1ef89ce0421aca5a3d7686
fe8530ca9b8b16051a5d506a1e4a0001c7a40876
12bbd7295fda70b3d2227ea20c2a0df48ddcff4dae129776410eb93b022f397f

HTTP Headers

GET /images/BilderPool/Reisethemen/St%C3%A4dtereisen/heidelberg-5360721_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 15:13:53 GMT
etag: "480ad-5c50bc58fad9d"
accept-ranges: bytes
content-length: 295085
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:12 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg

5.175.22.217

200 OK

298 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size
298 kB (297622 bytes)
Hash
3b79d15ffab5a3bf79230f1267583e04
d52e852edaafb33ae8685188a9e8cdaae25a3a22
b1b7249a0435d37be3a8b06e71afafe1f56962a9c3fd167b7b5136efdc25cd8d

HTTP Headers

GET /images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
last-modified: Thu, 24 Jun 2021 07:47:06 GMT
etag: "48a96-5c57e3ac51ad4"
accept-ranges: bytes
content-length: 297622
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:12 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

cluster2.images.traveltainment.eu/images/content/va_logos/small/DER.gif

185.64.96.3

200 OK

559 B

URL HTTP/1.1
cluster2.images.traveltainment.eu/images/content/va_logos/small/DER.gif
IP
185.64.96.3:0
ASN
#8469 CANCOM Managed Services GmbH

File type
GIF image data, version 89a, 75 x 21\012- data
Size
559 B (559 bytes)
Hash
62139173ab45d3cc09065e353fa0fa28
a8330272bf0d6f0eb08f1ddb67c3fd5279efb5c6
54aeab4c762baa12f147ba66d3b95bc724c742306bbf3cfc46b0a0f3fef360cb

HTTP Headers

GET /images/content/va_logos/small/DER.gif HTTP/1.1
Host: cluster2.images.traveltainment.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/gif
Content-Length: 559
Last-Modified: Tue, 08 Nov 2016 08:07:39 GMT
Connection: keep-alive
ETag: "582187cb-22f"
Expires: Wed, 09 Nov 2022 21:14:12 GMT
Cache-Control: max-age=3600
X-TT-Cluster: op-image-p107-X_content-https
Vary: Accept-Encoding
Accept-Ranges: bytes

kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css

104.18.22.52

200 OK

17 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
17 kB (17186 bytes)
Hash
b1db1fb4495db915cb3d4a32d57d0f6d
04913285921e0af43da0cb8fde5cda6712f4aab7
39d9010a1cf07b302146e6b578fa757f1a392e8ca8a52328dde57f97e5a3d6cb

HTTP Headers

GET /releases/latest/css/pro-v4-font-face.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: text/css
x-amz-id-2: k3KaRweKXIxA0xKCYeCf5UV9P24XY0pZMfPFsB2YWPmVWFC5XJ7aLVDJGJuyc2Jb0mizxtGvkIM=
x-amz-request-id: 0261H8W942Y6P30A
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"1cb05a2f9541200e1fa0a2cd0abc7663"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1092
expires: Wed, 09 Nov 2022 20:44:12 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7679369d1836b500-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.robertz.de/images/BilderPool/Reisethemen/Str%C3%A4nde/maldives-1993704_1920.jpg

5.175.22.217

200 OK

330 kB

URL HTTP/2
www.robertz.de/images/BilderPool/Reisethemen/Str%C3%A4nde/maldives-1993704_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1078, components 3\012- data
Size
330 kB (329740 bytes)
Hash
40c94a0731f3cb48ce3c6bf8098cc6a2
4fd930156f53715838c95db4d38190dfab988506
fb175ae061cd06909b170af0d84d96d48e1398eb44c2ea0ecca04483fe4f6bde

HTTP Headers

GET /images/BilderPool/Reisethemen/Str%C3%A4nde/maldives-1993704_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 15:14:59 GMT
etag: "5080c-5c50bc97ad6d7"
accept-ranges: bytes
content-length: 329740
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:12 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-solid-900-5.10.2.woff2

104.18.22.52

200 OK

13 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-solid-900-5.10.2.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 13268, version 331.-31196\012- data
Size
13 kB (13268 bytes)
Hash
4a18bee89aa2256ef1c2cc9380552229
ff12ccbac7df0ff36d29ce91b42c43d5fd662cf6
46fa33cc9340603e767415c1829c08b91f3a3680b9800047dbc1bda91b8eb0ac

HTTP Headers

GET /releases/latest/webfonts/pro-fa-solid-900-5.10.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 13268
x-amz-id-2: 0i989zuJ1+G9wWuvfHXThqxSx9lhOO8ToiA20sRVIfRXNb8IctbeKcG3rsvKq57CSLIMVcl0iNI=
x-amz-request-id: 2J0FHSP7WYHTZP7E
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:46 GMT
etag: "4a18bee89aa2256ef1c2cc9380552229"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369e099fb500-OSL
X-Firefox-Spdy: h2

cluster2.images.traveltainment.eu/images/content/va_logos/small/SLR.gif

185.64.96.3

200 OK

1.3 kB

URL HTTP/1.1
cluster2.images.traveltainment.eu/images/content/va_logos/small/SLR.gif
IP
185.64.96.3:0
ASN
#8469 CANCOM Managed Services GmbH

File type
GIF image data, version 89a, 75 x 21\012- data
Size
1.3 kB (1309 bytes)
Hash
5bf01da040a6ccea325bafa8627517cb
f5754f85aed0ff9263280140d2f999b0bcd179a9
8a5ccbfa4aca57b800c440e34c3e47f86cb57d21c4b4b141cb28ca23198139c5

HTTP Headers

GET /images/content/va_logos/small/SLR.gif HTTP/1.1
Host: cluster2.images.traveltainment.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/gif
Content-Length: 1309
Last-Modified: Mon, 09 Nov 2020 08:56:20 GMT
Connection: keep-alive
ETag: "5fa90434-51d"
Expires: Wed, 09 Nov 2022 21:14:12 GMT
Cache-Control: max-age=3600
X-TT-Cluster: op-image-p107-X_content-https
Vary: Accept-Encoding
Accept-Ranges: bytes

cdn.smartberatung.com/portal/413/banner.jpg?ts=20221109_152915&ts=20221109_152915

13.107.213.53

200 OK

52 kB

URL HTTP/2
cdn.smartberatung.com/portal/413/banner.jpg?ts=20221109_152915&ts=20221109_152915
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2015:01:06 12:22:03], progressive, precision 8, 940x142, components 3\012- data
Size
52 kB (52335 bytes)
Hash
732c7d37d72287f0d9d903ddbd54b29b
0ae238aef4a97082121206221f49cb00022bef95
514ca5b12bc18676a4a0f55b14ead30237576aaae143abbf9635fdd493588dc5

HTTP Headers

GET /portal/413/banner.jpg?ts=20221109_152915&ts=20221109_152915 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 52335
content-type: application/octet-stream
content-md5: cyx9N9cih/DZ2QPdvVSymw==
last-modified: Wed, 10 Jun 2020 09:10:14 GMT
accept-ranges: bytes
etag: "0x8D80D1E16707F06"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_REMOTE_HIT
x-ms-request-id: 01193c87-e01e-0056-7f51-f4b8be000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0FApsYwAAAAAiWqd+PJUiRL9EMn4Um0D4QU1TMDRFREdFMTkyMgBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
x-azure-ref: 0FApsYwAAAAB7L6HeaLEkT5+JcFFuiu9wU1ZHMjBFREdFMDYxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2

cluster2.images.traveltainment.eu/images/content/va_logos/small/ITS.gif

185.64.96.3

200 OK

1.2 kB

URL HTTP/1.1
cluster2.images.traveltainment.eu/images/content/va_logos/small/ITS.gif
IP
185.64.96.3:0
ASN
#8469 CANCOM Managed Services GmbH

File type
GIF image data, version 89a, 75 x 21\012- data
Size
1.2 kB (1215 bytes)
Hash
01014293d914570ffdaf6661eb4d72c0
75e634072e2b975042f4905420ef79f4d7bbfe34
7b3294a378e92bae8a939f1a0019b1e7d93f93752f9c46e0081b48890a865da8

HTTP Headers

GET /images/content/va_logos/small/ITS.gif HTTP/1.1
Host: cluster2.images.traveltainment.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/gif
Content-Length: 1215
Last-Modified: Thu, 05 Mar 2015 15:36:12 GMT
Connection: keep-alive
ETag: "54f877ec-4bf"
Expires: Wed, 09 Nov 2022 21:14:12 GMT
Cache-Control: max-age=3600
X-TT-Cluster: op-image-p107-X_content-https
Vary: Accept-Encoding
Accept-Ranges: bytes

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.0.0.woff2

104.18.22.52

200 OK

38 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.0.0.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 37796, version 331.-31196\012- data
Size
38 kB (37796 bytes)
Hash
6cdf281bc8af0068561fe6aa361a6a0b
4b11f830ee1b852b8aa46ea7e4cfe709a327bf58
49fd3e0c64f247cf56cb828bc37b88cf139df6e5c7bb4c3a4507f740e9a52c17

HTTP Headers

GET /releases/latest/webfonts/pro-fa-brands-400-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 37796
x-amz-id-2: 0/2vQNkyBbI66HSoRHrQiNMBCw2G895BW8u2S4VRcvK0w4qomnEO5Bx+tZWVIfxnOaW0EmIKTcc=
x-amz-request-id: 2J02KSX9K9E4VZPY
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:35 GMT
etag: "6cdf281bc8af0068561fe6aa361a6a0b"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369de97bb500-OSL
X-Firefox-Spdy: h2

cdn.smartberatung.com/fonts/paxbooking.ttf?gi1j3r

13.107.213.53

200 OK

4.7 kB

URL HTTP/2
cdn.smartberatung.com/fonts/paxbooking.ttf?gi1j3r
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, paxbooking \012- data
Size
4.7 kB (4676 bytes)
Hash
d597dd375e765299c4abc4c352440575
e16fc220bdbf2a32890ad447d1c9f3e3ec7ef0e2
6a00306b4e545f95146167837a17960b45ef9c155d8548856841dabb9e776b68

HTTP Headers

GET /fonts/paxbooking.ttf?gi1j3r HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 4676
content-type: application/octet-stream
content-md5: 1ZfdN152UpnEq8TDUkQFdQ==
last-modified: Tue, 27 Apr 2021 07:22:53 GMT
accept-ranges: bytes
etag: "0x8D9094D45A20D0E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 6f874cf9-601e-008b-211e-f4eb10000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0z4NrYwAAAADfY/ikbRy0Qp13nsvRjRRoQU1TMDRFREdFMTgxNwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0FApsYwAAAAAkEEK0ed3XTIhOi55nC2fqU1ZHMjBFREdFMDYxNwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2

104.18.22.52

200 OK

16 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 15748, version 331.-31196\012- data
Size
16 kB (15748 bytes)
Hash
1894bebba876a67d0cb7cd7351ab6ae4
0c2e2d2e73311bbd4c429e33e4e4c4036207b4b1
ec540bd82697b5fb43f1584f25446b7d58a0cf0a51e1544b0b278a2aaa5f1e77

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 15748
x-amz-id-2: hlxL4heNj94DMlnetmXAQJvW5gZ3sbPP1EgeJ2LlgXMpe/4vZliJ/N9/lkY0UX04MuxgNSnwOQ0=
x-amz-request-id: 2J07RMB3QHV1Q3ZC
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "1894bebba876a67d0cb7cd7351ab6ae4"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369df98fb500-OSL
X-Firefox-Spdy: h2

cdn.smartberatung.com/agents/2130/small.png?ts=20220711_125448

13.107.213.53

200 OK

28 kB

URL HTTP/2
cdn.smartberatung.com/agents/2130/small.png?ts=20220711_125448
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27872 bytes)
Hash
236c9eb1432d90742dc1f3557b0d5e04
cde728b9155d23eeb8ba9403a99036b7b8fccac2
384acc67a52da858e39f0ecc28387706131ea3c3f88843cc801c3465d0f8ee18

HTTP Headers

GET /agents/2130/small.png?ts=20220711_125448 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 27872
content-type: application/octet-stream
content-md5: I2yesUMtkHQtwfNVew1eBA==
last-modified: Wed, 10 Jun 2020 10:13:08 GMT
accept-ranges: bytes
etag: "0x8D80D26DFB3DAF8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_MISS
x-ms-request-id: c55ed636-101e-000c-2977-f4be3f000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0FApsYwAAAAAa52FFsUkaRIJf/HmZy4cEQU1TMDRFREdFMTgyMgBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
x-azure-ref: 0FApsYwAAAACUma00wxk0QIE5qVXmWq+hU1ZHMjBFREdFMDYxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2

www.chamaeleon-reisen.de/html/img/CHA-Logo-PaxConnect.png

213.187.84.169

200 OK

4.7 kB

URL HTTP/2
www.chamaeleon-reisen.de/html/img/CHA-Logo-PaxConnect.png
IP
213.187.84.169:0
ASN
#16097 HL komm Telekommunikations GmbH

File type
PNG image data, 150 x 65, 8-bit colormap, non-interlaced\012- data
Size
4.7 kB (4713 bytes)
Hash
90c449a6b1b3b210e728299fc4fa898d
e67388591422d72d07c7c16bed70b83eb0bc2fa0
aa7d5c69af3ae47bb7d4d8a1a769c3135e34dc3abb376a5facccc2585a2078a9

HTTP Headers

GET /html/img/CHA-Logo-PaxConnect.png HTTP/1.1
Host: www.chamaeleon-reisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 06 May 2021 14:01:34 GMT
etag: "1269-5c1a9bfbea7e2"
accept-ranges: bytes
content-length: 4713
cache-control: max-age=2592000
expires: Fri, 09 Dec 2022 20:14:12 GMT
content-type: image/png
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2

media.xmlteam.de/files/nicko-cruises/ms-rhein-symphonie/schiff/343.jpeg

162.55.39.184

200 OK

93 kB

URL HTTP/2
media.xmlteam.de/files/nicko-cruises/ms-rhein-symphonie/schiff/343.jpeg
IP
162.55.39.184:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x695, components 3\012- data
Size
93 kB (92559 bytes)
Hash
f391ed9cd201e00ae4fdabc506d0d76d
209b286b16d87f71b3ca6f9762bbc45a54d448a2
4c98e0160c339c888444e66117c063e88fe09ea3c0afe7d87976f973488a2c02

HTTP Headers

GET /files/nicko-cruises/ms-rhein-symphonie/schiff/343.jpeg HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 07 Jul 2020 16:09:56 GMT
etag: "1698f-5a9dc38e53d00"
accept-ranges: bytes
content-length: 92559
content-type: image/jpeg
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2

media.xmlteam.de/files/nicko-cruises/world-voyager/schiff/wvo-aerial-02.jpeg

162.55.39.184

200 OK

128 kB

URL HTTP/2
media.xmlteam.de/files/nicko-cruises/world-voyager/schiff/wvo-aerial-02.jpeg
IP
162.55.39.184:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1000x666, components 3\012- data
Size
128 kB (127479 bytes)
Hash
1218ed777bdbe16a587f62dbc7c49823
5ccac638dbe0c04597a07eeaa58922df14aa20d0
91d09a2ee3f49b939e1e31815fbc0fa215cfd6582b5ce8a474f0433b6665ad3d

HTTP Headers

GET /files/nicko-cruises/world-voyager/schiff/wvo-aerial-02.jpeg HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 06 Feb 2020 16:41:22 GMT
etag: "1f1f7-59deaf16e5080"
accept-ranges: bytes
content-length: 127479
content-type: image/jpeg
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fdcae9f1e28523ada6af4630d92d036b
9c02f771a6b3747913b9c225c34766e8fdd1f18e
9aa93c12987356f84e58459e9f7cd62b016e660c95d3dac3da384b77462c474f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AA93C12987356F84E58459E9F7CD62B016E660C95D3DAC3DA384B77462C474F"
Last-Modified: Tue, 08 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18122
Expires: Thu, 10 Nov 2022 01:16:14 GMT
Date: Wed, 09 Nov 2022 20:14:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fdcae9f1e28523ada6af4630d92d036b
9c02f771a6b3747913b9c225c34766e8fdd1f18e
9aa93c12987356f84e58459e9f7cd62b016e660c95d3dac3da384b77462c474f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AA93C12987356F84E58459E9F7CD62B016E660C95D3DAC3DA384B77462C474F"
Last-Modified: Tue, 08 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2468
Expires: Wed, 09 Nov 2022 20:55:20 GMT
Date: Wed, 09 Nov 2022 20:14:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fdcae9f1e28523ada6af4630d92d036b
9c02f771a6b3747913b9c225c34766e8fdd1f18e
9aa93c12987356f84e58459e9f7cd62b016e660c95d3dac3da384b77462c474f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AA93C12987356F84E58459E9F7CD62B016E660C95D3DAC3DA384B77462C474F"
Last-Modified: Tue, 08 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18144
Expires: Thu, 10 Nov 2022 01:16:36 GMT
Date: Wed, 09 Nov 2022 20:14:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fdcae9f1e28523ada6af4630d92d036b
9c02f771a6b3747913b9c225c34766e8fdd1f18e
9aa93c12987356f84e58459e9f7cd62b016e660c95d3dac3da384b77462c474f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AA93C12987356F84E58459E9F7CD62B016E660C95D3DAC3DA384B77462C474F"
Last-Modified: Tue, 08 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2490
Expires: Wed, 09 Nov 2022 20:55:42 GMT
Date: Wed, 09 Nov 2022 20:14:12 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bd0b29457a55942c4ecc9a0e6d3b3fc4
be16e7a02e8a68495ae7718128f6fe4f9df8b74d
527706e8b967b9138d0bd581b2ac18fa8d489e38649975788c8dbe7f51e93d39

HTTP Headers

POST /s/gts1d4/tKUY0ZCyl9k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.38,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,BJz7qNsdj-7@15.7.12,abGHajF1@6.0.1,S1pcEj_jZX@21.9.4,8eIqa_sKr@8.1.0

34.120.28.121

200 OK

6.5 kB

URL HTTP/2
aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.38,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,BJz7qNsdj-7@15.7.12,abGHajF1@6.0.1,S1pcEj_jZX@21.9.4,8eIqa_sKr@8.1.0
IP
34.120.28.121:0
ASN
#15169 GOOGLE

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (39783), with no line terminators
Size
6.5 kB (6521 bytes)
Hash
f5f7964627cd7af66502a21818f03e82
91843850489914f06b5d904671e64acfb4ceb3fc
a0e2fbcd90c29808729771e57ff54b16fafd9551e789dd6206ebe2e1de578740

HTTP Headers

GET /aggregate/de?templates=H1Vl5NidjWX@40.17.38,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,BJz7qNsdj-7@15.7.12,abGHajF1@6.0.1,S1pcEj_jZX@21.9.4,8eIqa_sKr@8.1.0 HTTP/1.1
Host: aggregator.service.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.robertz.de/
Origin: https://www.robertz.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding, accept-encoding
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: public,max-age=604800
etag: "7rizwt"
content-encoding: br
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
08238d88a1bba92f037bf9c4302f8d53
09dd0327c84aa7f3adea231e57eaecc69bf90d5f
f9ab5ea9914090c5de33f1fe2c2807c0de98aebe19676f2ae754bdafa50e5093

HTTP Headers

POST /s/gts1d4/kHRXVe39NZ4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.chamaeleon-reisen.de/data/pic/img20/Reisen/Afrika/NASOS/Namibia-Sossusvlei_011_Penduka.jpg

213.187.84.169

200 OK

116 kB

URL HTTP/2
www.chamaeleon-reisen.de/data/pic/img20/Reisen/Afrika/NASOS/Namibia-Sossusvlei_011_Penduka.jpg
IP
213.187.84.169:0
ASN
#16097 HL komm Telekommunikations GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1200x550, components 3\012- data
Size
116 kB (115655 bytes)
Hash
792cc962918e2e831eb9c2d217cfcc7e
08dda31b1e7823e27d37d77bed8a1d8c4e73683c
0e43e3a7316b371e581c5d72b9965b7d688a62d92d8849c5f586429e1e5fde39

HTTP Headers

GET /data/pic/img20/Reisen/Afrika/NASOS/Namibia-Sossusvlei_011_Penduka.jpg HTTP/1.1
Host: www.chamaeleon-reisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Feb 2021 07:44:40 GMT
etag: "1c3c7-5baf6935cd630"
accept-ranges: bytes
content-length: 115655
cache-control: max-age=2592000
expires: Fri, 09 Dec 2022 20:14:12 GMT
content-type: image/jpeg
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2

i27.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=3959&iid=92644500

136.243.0.17

200 OK

88 kB

URL HTTP/1.1
i27.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=3959&iid=92644500
IP
136.243.0.17:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 800x533, components 3\012- data
Size
88 kB (87910 bytes)
Hash
85d13cc57064998fe741a16789aa5e3c
c3322b95c4354dbd1eda60c455ae329b6c789715
759afb999c0d3f2f1a399c824b6a2872f76ddf9afed8548e2c770b12e1b07220

HTTP Headers

GET /s.php?uid=180322&source=xml&size=800&cid=3959&iid=92644500 HTTP/1.1
Host: i27.giatamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com

i30.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22841&iid=58094427

78.46.86.14

200 OK

157 kB

URL HTTP/1.1
i30.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22841&iid=58094427
IP
78.46.86.14:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x532, components 3\012- data
Size
157 kB (157168 bytes)
Hash
be568b0cfd6c9642d602146d5f97e5b0
c2d0485c89e2c9e776fd2dc82b21896fec467dfa
27171f033435d054a27cf3d1a863422929d26c400d0c9c545fd6b7ca939354be

HTTP Headers

GET /s.php?uid=180322&source=xml&size=800&cid=22841&iid=58094427 HTTP/1.1
Host: i30.giatamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com

i26.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22821&iid=84496230

148.251.18.66

200 OK

160 kB

URL HTTP/1.1
i26.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22821&iid=84496230
IP
148.251.18.66:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Size
160 kB (159792 bytes)
Hash
6facd1ec17a75ea3c84af1e0c7eb6752
929c7e60c89bab48f56997abacc311fabb4d720c
0616010caaf2d9ee1ae244840e39159a7a0a8cb0b4379fbfe6efb3c2d2dc3e2a

HTTP Headers

GET /s.php?uid=180322&source=xml&size=800&cid=22821&iid=84496230 HTTP/1.1
Host: i26.giatamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com

www.robertz.de/images/Robertz/B%C3%BCro/IMG_20210402_111030.jpg

5.175.22.217

200 OK

115 kB

URL HTTP/2
www.robertz.de/images/Robertz/B%C3%BCro/IMG_20210402_111030.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x313, components 3\012- data
Size
115 kB (115236 bytes)
Hash
6840d9274a1fafa987ac399d0e2d9c08
ed941f56452b01b8bde2b1f1913c4e99df8625f8
14a78bc2d4e676aefc5b0a9536315a1fac795440406dce264d0dd23f835203da

HTTP Headers

GET /images/Robertz/B%C3%BCro/IMG_20210402_111030.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 14:27:31 GMT
etag: "61e82-5c50b1fbffd85"
accept-ranges: bytes
content-length: 401026
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:12 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2

graphql.usercentrics.eu/graphql

34.120.238.166

204 No Content

0 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Referer: https://www.robertz.de/
Origin: https://www.robertz.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 09 Nov 2022 20:14:12 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.chamaeleon-reisen.de/data/pic/img20/Reisen/Europa/ESALH/Spanien-Alhambra-001-Ausblick-Granada_1920x600.jpg

213.187.84.169

200 OK

402 kB

URL HTTP/2
www.chamaeleon-reisen.de/data/pic/img20/Reisen/Europa/ESALH/Spanien-Alhambra-001-Ausblick-Granada_1920x600.jpg
IP
213.187.84.169:0
ASN
#16097 HL komm Telekommunikations GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, manufacturer=SONY, model=SLT-A77V, orientation=upper-left, xresolution=162, yresolution=170, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 10.1 (Macintosh), datetime=2021:01:18 17:01:07], progressive, precision 8, 1920x600, components 3\012- data
Size
402 kB (402174 bytes)
Hash
f96269b6199000176f6f62b55bfeafb1
ef748265c54e840cef7ed622bfc6caba3730baad
a2ce51c9807bfb6c7ca0276d1811e9b81690be985d91e95254d0269ff22b8d6e

HTTP Headers

GET /data/pic/img20/Reisen/Europa/ESALH/Spanien-Alhambra-001-Ausblick-Granada_1920x600.jpg HTTP/1.1
Host: www.chamaeleon-reisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 18 Jan 2021 16:39:58 GMT
etag: "622fe-5b92f5f69bc39"
accept-ranges: bytes
content-length: 402174
cache-control: max-age=2592000
expires: Fri, 09 Dec 2022 20:14:12 GMT
content-type: image/jpeg
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ca89efbf8d86b2a950bc183f57cda2c1
918b64f7acf947ec124d93ddba7afb33ef5d126c
283460a97ae8803c112acad0d0a147f6e907096b83368c5689a53d631a5e2650

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "283460A97AE8803C112ACAD0D0A147F6E907096B83368C5689A53D631A5E2650"
Last-Modified: Wed, 09 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12256
Expires: Wed, 09 Nov 2022 23:38:29 GMT
Date: Wed, 09 Nov 2022 20:14:13 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
08238d88a1bba92f037bf9c4302f8d53
09dd0327c84aa7f3adea231e57eaecc69bf90d5f
f9ab5ea9914090c5de33f1fe2c2807c0de98aebe19676f2ae754bdafa50e5093

HTTP Headers

POST /s/gts1d4/kHRXVe39NZ4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

uc.e-recht24.de/erecht24_logo_white.png

159.69.24.179

200

2.9 kB

URL HTTP/1.1
uc.e-recht24.de/erecht24_logo_white.png
IP
159.69.24.179:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 98 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2889 bytes)
Hash
6ce60860fb4697564e38580a4709ec5c
9806460f6b62a69a9652f8d17afaef69c3e8c287
933400df86c19613e2f9e127e098a0a8eb9e3d9870c8bbcbb8f234629cee5b74

HTTP Headers

GET /erecht24_logo_white.png HTTP/1.1
Host: uc.e-recht24.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 09 Nov 2022 20:14:13 GMT
Content-Type: image/png
Content-Length: 2889
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Fri, 29 Jul 2022 06:46:14 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Nov 2023 20:14:13 GMT
X-Frame-Options: DENY
Pragma: no-cache, public
Cache-Control: max-age=31622400, public

pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate

20.50.2.10

204 No Content

0 B

URL HTTP/1.1
pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
IP
20.50.2.10:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /ContentServer/negotiate HTTP/1.1
Host: pax-smartberatung-signalr.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Date: Wed, 09 Nov 2022 20:14:13 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.meinereiseangebote.de
Vary: Origin
Request-Context: appId=cid-v1:331e6aed-06ec-49ad-ad4b-0e18e6e4cfd1
X-Powered-By: ASP.NET

pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate

20.50.2.10

200 OK

571 B

URL HTTP/1.1
pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
IP
20.50.2.10:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with very long lines (476), with no line terminators
Size
571 B (571 bytes)
Hash
c6938e6504351ca3449191c59563fdeb
166f659f9d1e1840121dad79dffa4c6513f20c37
fc8497dab5e3869a2c94997d94821bb340e6276a8edce1e2ed86e79201b2d3b6

HTTP Headers

POST /ContentServer/negotiate HTTP/1.1
Host: pax-smartberatung-signalr.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Date: Wed, 09 Nov 2022 20:14:13 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.meinereiseangebote.de
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Origin,Accept-Encoding
Request-Context: appId=cid-v1:331e6aed-06ec-49ad-ad4b-0e18e6e4cfd1
X-Powered-By: ASP.NET

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
96feb907f9f61842cffc22fab038a605
4e75c544a494d251d776695ff9c150f73e011962
bc2aa6e7988e7c46a8a9f2ea7f68c45a566d331bc6fdd510ab4c31d2dfb16024

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Mon, 14 Nov 2022 15:50:11 GMT
Last-Modified: Tue, 08 Nov 2022 21:09:34 GMT
ETag: "bc2aa6e7988e7c46a8a9f2ea7f68c45a566d331bc6fdd510ab4c31d2dfb16024"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 108ED20E66414A7BA96793A1B66885BB Ref B: OSL30EDGE0217 Ref C: 2022-11-09T20:14:14Z
Date: Wed, 09 Nov 2022 20:14:14 GMT

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.8 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.8 kB (1777 bytes)
Hash
4df95717fded641b4594898f47d8f3cf
7a1a4c224f773d746235fffb6043f9d54171aa2b
4de89ad3356e6156b3868644b6871a444d70d53d0cc58c541b7b747b20c43f31

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Mon, 14 Nov 2022 15:50:11 GMT
Last-Modified: Tue, 08 Nov 2022 21:09:34 GMT
ETag: "4de89ad3356e6156b3868644b6871a444d70d53d0cc58c541b7b747b20c43f31"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 6040BD84D02D45F58BDD43DB9069BF09 Ref B: OSL30EDGE0118 Ref C: 2022-11-09T20:14:14Z
Date: Wed, 09 Nov 2022 20:14:14 GMT

pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D

20.86.94.141

204 No Content

0 B

URL HTTP/2
pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D
IP
20.86.94.141:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,x-requested-with
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 09 Nov 2022 20:14:14 GMT
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://www.meinereiseangebote.de
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D

20.86.94.141

200 OK

282 B

URL HTTP/2
pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D
IP
20.86.94.141:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with no line terminators
Size
282 B (282 bytes)
Hash
ecbe68c61a51a9c5a94b834def79de7b
0d388a95ce323a8ad6f6f9cd9330f29b92562086
5258608ddffa203ded510ca9bffcbd4c59f6ff1fd409f2dae085036f5421a020

HTTP Headers

POST /client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: text/plain;charset=UTF-8
Authorization: Bearer eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2Mzc0NzEwMzciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NjgwMjQ4NTQsImV4cCI6MTY2ODAyODQ1NCwiaWF0IjoxNjY4MDI0ODU0LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.yVe3mnZT5-1z-dhv2uS0LnN76XLIBqXRiNSSdSIo5GU
Content-Length: 0
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:14 GMT
content-type: application/json
content-length: 282
access-control-allow-credentials: true
access-control-allow-origin: https://www.meinereiseangebote.de
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

pax-signalr.service.signalr.net/client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D&id=SA8Zmr5gyYGBSqLOVt_zPg8f08eb371&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2Mzc0NzEwMzciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NjgwMjQ4NTQsImV4cCI6MTY2ODAyODQ1NCwiaWF0IjoxNjY4MDI0ODU0LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.yVe3mnZT5-1z-dhv2uS0LnN76XLIBqXRiNSSdSIo5GU

20.86.94.141

101 Switching Protocols

0 B

URL HTTP/1.1
pax-signalr.service.signalr.net/client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D&id=SA8Zmr5gyYGBSqLOVt_zPg8f08eb371&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2Mzc0NzEwMzciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NjgwMjQ4NTQsImV4cCI6MTY2ODAyODQ1NCwiaWF0IjoxNjY4MDI0ODU0LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.yVe3mnZT5-1z-dhv2uS0LnN76XLIBqXRiNSSdSIo5GU
IP
20.86.94.141:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D&id=SA8Zmr5gyYGBSqLOVt_zPg8f08eb371&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2Mzc0NzEwMzciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NjgwMjQ4NTQsImV4cCI6MTY2ODAyODQ1NCwiaWF0IjoxNjY4MDI0ODU0LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.yVe3mnZT5-1z-dhv2uS0LnN76XLIBqXRiNSSdSIo5GU HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.meinereiseangebote.de
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qj0qA7Aqql6tJwiVggVBHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Wed, 09 Nov 2022 20:14:14 GMT
Connection: upgrade
access-control-allow-credentials: true
access-control-allow-origin: https://www.meinereiseangebote.de
upgrade: websocket
vary: Origin
sec-websocket-accept: YATrvfVrKI3Pcx/EOn56q3nrIkQ=
Strict-Transport-Security: max-age=15724800; includeSubDomains

kit-pro.fontawesome.com/releases/latest/css/pro.min.css

104.18.22.52

200 OK

0 B

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/css/pro.min.css
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/latest/css/pro.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: text/css
x-amz-id-2: AMRPnx/gGPWzkxpEroVSLO8Pi8J0vSGXWBOtNi24DEDy+QaEMCfu0MKQ1eDa2E4MPiKMDx3QOVg=
x-amz-request-id: Q09J8QG0HPK0XNQC
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"486b13730aafe2a39cdaf1666679fa5b"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1092
expires: Wed, 09 Nov 2022 20:44:12 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7679369d1838b500-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.robertz.de/img/favicon-16x16.png

5.175.22.217

200 OK

0 B

URL HTTP/2
www.robertz.de/img/favicon-16x16.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/favicon-16x16.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Thu, 10 Nov 2022 20:14:11 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2

www.robertz.de/

5.175.22.217

200 OK

0 B

URL HTTP/2
www.robertz.de/
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:09 GMT
server: Apache
set-cookie: CFID=36493981; Expires=Thu, 10-Nov-2022 20:14:09 GMT; Path=/; HttpOnly
CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; Expires=Thu, 10-Nov-2022 20:14:09 GMT; Path=/; HttpOnly
cache-control: max-age=420, private, must-revalidate
expires: Thu, 10 Nov 2022 20:14:09 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2

backend.tcautor.de/www/_data/1007/files/Robertz/Team/Britta.jpg

5.175.22.217

200 OK

0 B

URL HTTP/2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Britta.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /www/_data/1007/files/Robertz/Team/Britta.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "ca76-5bf4e5b3ec77a"
accept-ranges: bytes
content-length: 51830
content-type: image/jpeg
X-Firefox-Spdy: h2

graphql.usercentrics.eu/graphql

34.120.238.166

200 OK

0 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.robertz.de/
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 6d44f252-49c0-41d4-a115-6e21068b4c69
Origin: https://www.robertz.de
Content-Length: 5763
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:13 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"442-KeYUYBsoIWNAuor3BHoJ39x+YCc"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.robertz.de/img/android-icon-192x192.png

5.175.22.217

200 OK

0 B

URL HTTP/2
www.robertz.de/img/android-icon-192x192.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/android-icon-192x192.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Thu, 10 Nov 2022 20:14:11 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations