bestes-reisebuero.de/
92.51.134.215301 Moved Permanently 301 B IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 151cbf7d9ef69d5f5de1356289733878
70391b418e6448b71b445fb44d7ac908a4099ea6
774391698cb80a8fbc5031a53ac71274318345fa3f52567466329d74b3475714
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: bestes-reisebuero.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 09 Nov 2022 20:14:09 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 301
Connection: keep-alive
Location: https://www.robertz.de/
X-Powered-By: PleskLin
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15868
Expires: Thu, 10 Nov 2022 00:38:37 GMT
Date: Wed, 09 Nov 2022 20:14:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5127
Cache-Control: max-age=142942
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:09 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:56:31 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5127
Cache-Control: max-age=142942
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:09 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:56:31 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9654
Expires: Wed, 09 Nov 2022 22:55:03 GMT
Date: Wed, 09 Nov 2022 20:14:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lFkHjs7+d1bShixbKwb5w2Me6cC899MmHbeNMlYJ+L4ThDB8V4ZVLvmZpijT/iVWKl+zuSUzS74=
x-amz-request-id: X4MAD4R9R7CQS47M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 19:49:06 GMT
age: 1503
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 20:14:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0d076809aa6750dbbe18dfdd4ca23cf8
bcbe59c5cc5d52bf11255dae74d551178490fb63
fb389088f6ad10857185054ba9f80c1ab8c9a786e8416b8a013601a08f7fe434
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB389088F6AD10857185054BA9F80C1AB8C9A786E8416B8A013601A08F7FE434"
Last-Modified: Wed, 09 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21566
Expires: Thu, 10 Nov 2022 02:13:35 GMT
Date: Wed, 09 Nov 2022 20:14:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5739
Cache-Control: max-age=138499
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:09 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:42:28 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css
104.17.24.14200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (22251)
Hash 4dbf1735a5370350943bce0dbad5843d
3a9d68ea18c3aa70887283c3c36b154ddd31ced8
b7cd289c437127d58b709dc9999390fe68d378d506a8a31252c74c70597e162e
GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
content-type: text/css; charset=utf-8
content-length: 2880
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-580a"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 22963211
expires: Mon, 30 Oct 2023 20:14:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6hgnhz97cuXuapaYv0nH%2Fh8UjeYjSzak4%2B1LZQGRceR0c%2FTZE%2FaKq%2BGA%2BgnOiKKKFaflfBCTU%2FTelccLatm80ln5j0GtWni5Lr0Lzn3Nzcc1%2FGaPT7IAgbn1M9DCM8%2BuZXdgcEG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76793690f80e1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.robertz.de/fonts/flaticon/Flaticon.woff2
5.175.22.217200 OK 37 kB URL HTTP/2 www.robertz.de/fonts/flaticon/Flaticon.woff2
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Hash e97e6acd6d5fae4dfb1b353ddf3dcf0f
186f523c36cdd4d80122ea6daf40106e0ce3e20d
0b56c2c2e69c2334a1881c975f0a1223b73447cd57a13f6b435b239a87de961e
Analyzer Verdict Alert fortinet Phishing
GET /fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 36736
content-type: font/woff2
X-Firefox-Spdy: h2
www.robertz.de/assets/css/colorpalette.min.css
5.175.22.217200 OK 1.9 kB URL HTTP/2 www.robertz.de/assets/css/colorpalette.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with very long lines (8960), with CRLF line terminators
Hash 475de567aa0032280982829dcfc11116
4eceb810b11b830494dc13abff7eb578c42c2f0c
e405a2f80f2edb9470ad0a5184108ea934d9e512a8ed7894e60d9d2388ce219b
GET /assets/css/colorpalette.min.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 08 Jul 2020 05:55:56 GMT
etag: "3e89-5a9e7c2ecfd8b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 1898
content-type: text/css
X-Firefox-Spdy: h2
www.robertz.de/www/fonts/montserrat.css
5.175.22.217404 Not Found 196 B URL HTTP/2 www.robertz.de/www/fonts/montserrat.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /www/fonts/montserrat.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.robertz.de/assets/css/color_scheme/customcolor.css
5.175.22.217200 OK 3.1 kB URL HTTP/2 www.robertz.de/assets/css/color_scheme/customcolor.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with very long lines (582), with CRLF line terminators
Hash 60d56c255a871ae01312cdbdf6ec1e27
8d986fa1d7258c73f1d6d2a043fc0bea80b88ca7
598057d50bdcc975d1742a5b6e8cc49575cb5394cead95b3a4d34aa94ffa97a5
GET /assets/css/color_scheme/customcolor.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Sun, 12 Jul 2020 12:43:45 GMT
etag: "4498-5aa3decc0656d-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 3095
content-type: text/css
X-Firefox-Spdy: h2
www.robertz.de/assets/css/vendor.swiper.min.css
5.175.22.217200 OK 4.2 kB URL HTTP/2 www.robertz.de/assets/css/vendor.swiper.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text, with very long lines (21675), with no line terminators
Hash 21888b586f9fd75d444d25f8e118f5d7
3f92c9c4fe3cb925d4e4f78f5af3b681b3c8c9e5
4151ce7b54bb179dd95e4b52465aeb2e0396d1868207e9ba98f8490cb1b352c0
GET /assets/css/vendor.swiper.min.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 07 Jul 2020 09:54:09 GMT
etag: "54b2-5a9d6f907ba36-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 4187
content-type: text/css
X-Firefox-Spdy: h2
www.robertz.de/assets/css/custom.css
5.175.22.217200 OK 3.0 kB URL HTTP/2 www.robertz.de/assets/css/custom.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with CRLF, LF line terminators
Hash 3f3dcde275d75ccd807e2e5e2f616812
e530d19c468592f6d6b2e217ca8b4b62aa6e5688
476ee261ef6f668eadf94cfffb6d64d227d6ccc1ee23659ab6f29835c61d94ac
GET /assets/css/custom.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 29 Jul 2020 14:42:41 GMT
etag: "3fbb-5ab959162640a-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 2987
content-type: text/css
X-Firefox-Spdy: h2
www.robertz.de/images/Robertz/Team/Nadim.jpg
5.175.22.217200 OK 13 kB URL HTTP/2 www.robertz.de/images/Robertz/Team/Nadim.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "Created with GIMP", progressive, precision 8, 236x236, components 3\012- data
Hash 3852a6818d8136feda41e6124cfc6cc3
ce6549af4a84a1a132941ec06a160e54ff8df933
baf32cf30024c0d847421b4b06190ddb3c2fb1a6144d2781c4bbc6a23df10626
GET /images/Robertz/Team/Nadim.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 28 Jun 2022 16:20:05 GMT
etag: "323b-5e28468cded6b"
accept-ranges: bytes
content-length: 12859
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
www.robertz.de/assets/css/vendor_bundle.min.css
5.175.22.217200 OK 3.8 kB URL HTTP/2 www.robertz.de/assets/css/vendor_bundle.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (39344)
Hash f95b5a6991b49a2d93a49c25b0507269
7ddba3d5c0fec9763dc37659af52ddc9a5fdb9ca
5c88a4b0439697d533ea190a067005a323d0a9e481b871985ebf30f8b854ed58
GET /assets/css/vendor_bundle.min.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:43 GMT
etag: "99c6-5a67923a7b3c0-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 3836
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
IP 142.250.74.35:0
Hash cef82c60c8a0e800cb1abfb2b4043e43
7a538ee8563b6cdfdcc0e08358b0644d78ce5d77
e9ddd19b4750001e4a0a073576243a139ac51b5f95d1f9fe8c7067321cc5c8c1
POST /s/gts1d4/AO43Z6OvIBc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
IP 142.250.74.35:0
Hash cef82c60c8a0e800cb1abfb2b4043e43
7a538ee8563b6cdfdcc0e08358b0644d78ce5d77
e9ddd19b4750001e4a0a073576243a139ac51b5f95d1f9fe8c7067321cc5c8c1
POST /s/gts1d4/AO43Z6OvIBc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js
104.17.24.14200 OK 6.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (27931)
Hash beafb90e7e7cb9afd1931dd1ce3d8a6b
ecb8187bf858a727949be0fffbadd1d018e0c169
eabdef01e87e471436dfac8d11edcd16c85d433aa854cdd695165399980ca818
GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 6422
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-6e3e"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14109162
expires: Mon, 30 Oct 2023 20:14:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYFSo6xDugnsQ5Az1dCGUq10eNTA0sIZMR9DG65Gw%2Btydn5sTfbtDVXbxotWWbrgp1tKOkpqnmL9LdXehjgyQl96uWkMh7f%2BzBA6ahqRPIQ3zvxZPstVEZ3sfw2Hvq5edr5FGTC6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 767936915c1f0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Siegel/DER_Touristik_Partner_4C.png
5.175.22.217200 OK 5.0 kB URL HTTP/2 www.robertz.de/images/BilderPool/Siegel/DER_Touristik_Partner_4C.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 253 x 284, 8-bit colormap, non-interlaced\012- data
Hash 6cfa5757073c810990a30df5a3a5c142
f3929708377b03ea028621abfd7cc33e2cfdf3c0
42508c7e75bbaaf132edb306339680c86694005e71e2ea2c1c8cb0736949c5b8
GET /images/BilderPool/Siegel/DER_Touristik_Partner_4C.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 03 Mar 2022 07:25:15 GMT
etag: "1391-5d94b4ca70b47"
accept-ranges: bytes
content-length: 5009
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png
5.175.22.217200 OK 15 kB URL HTTP/2 www.robertz.de/images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 454 x 156, 8-bit colormap, non-interlaced\012- data
Hash 5e41153831859cf6af64b682b586a248
15597ac62ce2440e6e8972a18542567db2bac39b
52d5ee205bc379b3b4f1559493e543d0b29d90d6ef6b89316b69574b808d56f1
GET /images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Fri, 07 Jan 2022 08:48:44 GMT
etag: "38e4-5d4fa0df3705c"
accept-ranges: bytes
content-length: 14564
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2
privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
35.190.14.188200 OK 42 kB URL HTTP/2 privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
IP 35.190.14.188:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 54b6b898832d24535f03a1eb80f8f84a
40de73f5b117d0ac4ab0ee9ed88e0e295a1cc4b5
16a6b0d3f4aee0f3e43d15ee8571af111cba7424099e9a079bda1dcf02c64689
GET /latest/uc-block.bundle.js HTTP/1.1
Host: privacy-proxy.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycds7BlPkcwi9ewbA-IltrSUs6Au_orL8ze2T1mmJrQBumyfxS9GJUObWyhz2CwZim2VyAa5DVuM8arR_6IwHTr2ln_1mu7j9
x-goog-generation: 1667392245922040
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 41812
x-goog-meta-version: 2.6.27
content-encoding: gzip
x-goog-hash: crc32c=8fwuJA==, md5=VLa4mIMtJFNfA6HrgPj4Sg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 41812
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
server: UploadServer
date: Wed, 09 Nov 2022 19:35:11 GMT
expires: Wed, 09 Nov 2022 20:35:11 GMT
cache-control: public, max-age=3600
age: 2339
last-modified: Wed, 02 Nov 2022 12:30:45 GMT
etag: "54b6b898832d24535f03a1eb80f8f84a"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.robertz.de/images/Robertz/nachhaltigkeit/planet_tree.png
5.175.22.217200 OK 17 kB URL HTTP/2 www.robertz.de/images/Robertz/nachhaltigkeit/planet_tree.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 500 x 314, 8-bit colormap, non-interlaced\012- data
Hash 13565539b4331994ee95a8ec15ed3dd4
e79de348e181301e82ecf381f121146c28df31b1
1a195b360b9e9b30d4f708e0c5a94fcf7d4a538c6e3717576739ab8e2599cd6b
GET /images/Robertz/nachhaltigkeit/planet_tree.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 05 Oct 2022 15:19:13 GMT
etag: "40f4-5ea4b196c287f"
accept-ranges: bytes
content-length: 16628
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.83.91.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.91.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ix1mOra/A8H4D9wqG4/ygw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jymbFP7qtMvyFV40abMSfB3YFbA=
www.robertz.de/images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png
5.175.22.217200 OK 16 kB URL HTTP/2 www.robertz.de/images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 454 x 133, 8-bit colormap, non-interlaced\012- data
Hash 0455fe31c325d7dd343f2850cadf4a94
7c8e5403561010cee48bd0cbd0ca22e9c04be5f1
d1e74da66036dbf70f913bf71757dfb97ad2ce1dc3c974f72306becf8defc349
GET /images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Fri, 07 Jan 2022 08:48:44 GMT
etag: "3f75-5d4fa0df2f661"
accept-ranges: bytes
content-length: 16245
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Thementeaser/time-371226_1920.jpg
5.175.22.217200 OK 38 kB URL HTTP/2 www.robertz.de/images/BilderPool/Thementeaser/time-371226_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash 58731c57d2c4a4705ef2a6cf5494ae00
13b8a27acf646fa51ac89e2ef4ca2d010f27cde3
4c7210d0d25aa8e279de465665cdd06a133e3456a412dd46ba51d50ad548e801
GET /images/BilderPool/Thementeaser/time-371226_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "9555-5cac1e06495a6"
accept-ranges: bytes
content-length: 38229
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
app.usercentrics.eu/latest/bundle.js
35.190.14.188200 OK 230 kB URL HTTP/2 app.usercentrics.eu/latest/bundle.js
IP 35.190.14.188:0
File type Unicode text, UTF-8 text, with very long lines (65470)
Size 230 kB (230157 bytes)
Hash 66cf4a8df76a5634eb0a576bf197b3c9
316e22421f1fdc6387978f20484d4ed2d5662fa5
bafed4c1f3bfb8cf821a0d86370090534d283199f9c665e2e3bed8e29c0bd6bc
GET /latest/bundle.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu9SOJutqsQNSnNOdCyKAIs6ztKXTTWYUKNMj37CjXHqu7hqFYDuFayQWIvVCgpH_LeiGB0OF0LemYemsV196UkKQ
x-goog-generation: 1666097577382615
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 230157
x-goog-meta-version: 2.18.1
content-encoding: gzip
x-goog-hash: crc32c=dNeQCQ==, md5=Zs9KjfdqVjTrCldr8ZezyQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 230157
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Wed, 09 Nov 2022 12:06:05 GMT
expires: Thu, 10 Nov 2022 12:06:05 GMT
cache-control: public, max-age=86400, no-transform
age: 29285
last-modified: Tue, 18 Oct 2022 12:52:57 GMT
etag: "66cf4a8df76a5634eb0a576bf197b3c9"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg
5.175.22.217200 OK 53 kB URL HTTP/2 www.robertz.de/images/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash 2074572132e9f3e6743aa540110cc27c
965ceb90356ad01c37a5d68f032b7e0e99540f9a
193322064111e8baec20884ca8df731e5a3f99bf8fb326a0915694381613eb17
GET /images/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "ceb2-5ca8ae539421c"
accept-ranges: bytes
content-length: 52914
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Thementeaser/woman-4373078_1920.jpg
5.175.22.217200 OK 55 kB URL HTTP/2 www.robertz.de/images/BilderPool/Thementeaser/woman-4373078_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash a9f3532465426567c8c1ac1c8ec1ae61
bc42eb71d1db2559cb0d197a37d2cc6211ad98cd
48e008b189b0bfa0a9df6bc1361338a96a570331770beb2097f364eb46297196
GET /images/BilderPool/Thementeaser/woman-4373078_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "d7f2-5cac1e06512c1"
accept-ranges: bytes
content-length: 55282
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash a3081036dedfddb97754dd48062fb278
b21230f9a16d465cf145c5d9c8e81983b4088702
55405e4ae05b5489109fa6144c6ba34cff586125cb2fa17764bb61ef7a83a03a
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 09 Nov 2022 20:14:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 08 Nov 2022 22:14:08 GMT
Expires: Wed, 09 Nov 2022 22:14:08 GMT
ETag: "b21230f9a16d465cf145c5d9c8e81983b4088702"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.robertz.de/assets/js/core.min.js
5.175.22.217200 OK 64 kB URL HTTP/2 www.robertz.de/assets/js/core.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65512)
Hash 21485a5c91a6e030255faa364281aa40
69e8f4ae330ece58c4c9dc6fa319187d907bc2bd
af79c3c862f29c5011444e6c6a4259961c61f414202b97559225b92339095f84
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/core.min.js HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 09 Jul 2020 18:02:01 GMT
etag: "4432f-5aa0605764a50-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 64543
content-type: application/javascript
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cbdf82a54fa61cac2964664dac91f550
3dcc923cd72c998ae98351d816243668bc5c3dd8
f352ec70e847dd4d4972b148ff2db433dea76190566a7539612088fe8759d670
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F352EC70E847DD4D4972B148FF2DB433DEA76190566A7539612088FE8759D670"
Last-Modified: Wed, 09 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 10 Nov 2022 02:14:10 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03e024f252d171fe178d5d160a2d289f
d3ba0004bc25a072c51e09d140009fb509be9592
5b0bb55852a68c2b5fe96ee5ed099a0d7bd52d8dd24babc10f1b754de2069763
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B0BB55852A68C2B5FE96EE5ED099A0D7BD52D8DD24BABC10F1B754DE2069763"
Last-Modified: Mon, 07 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7324
Expires: Wed, 09 Nov 2022 22:16:14 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03e024f252d171fe178d5d160a2d289f
d3ba0004bc25a072c51e09d140009fb509be9592
5b0bb55852a68c2b5fe96ee5ed099a0d7bd52d8dd24babc10f1b754de2069763
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B0BB55852A68C2B5FE96EE5ED099A0D7BD52D8DD24BABC10F1B754DE2069763"
Last-Modified: Mon, 07 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15810
Expires: Thu, 10 Nov 2022 00:37:40 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03e024f252d171fe178d5d160a2d289f
d3ba0004bc25a072c51e09d140009fb509be9592
5b0bb55852a68c2b5fe96ee5ed099a0d7bd52d8dd24babc10f1b754de2069763
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B0BB55852A68C2B5FE96EE5ED099A0D7BD52D8DD24BABC10F1B754DE2069763"
Last-Modified: Mon, 07 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 10 Nov 2022 02:14:10 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive
www.robertz.de/www/robertz.de/img/logo_WEB.png
5.175.22.217200 OK 75 kB URL HTTP/2 www.robertz.de/www/robertz.de/img/logo_WEB.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 3094 x 1605, 8-bit colormap, non-interlaced\012- data
Hash 13c968b38081445f5d6f272e75372335
23cf26c06c9b28cc80dca32e2cec05399a02c966
1f38b8099b47ae9370ef51927f8b026212c789137fa1dbb5ccf7c0d867984824
GET /www/robertz.de/img/logo_WEB.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 03 Mar 2022 07:58:32 GMT
accept-ranges: bytes
content-length: 74928
cache-control: max-age=2592000, public
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg
5.175.22.217200 OK 79 kB URL HTTP/2 www.robertz.de/images/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash 192a66bef59226d6ab6b3a5097bb2d4d
5d4ef05d8529e310115d7ee15724985469343319
f014df907df2ab80a94cd71c2267a0896ec6c7831308e92a3c726c8592a81eb1
GET /images/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1335f-5cac1e06418a1"
accept-ranges: bytes
content-length: 78687
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
www.robertz.de/assets/js/jquery-3.4.1_plusUI.min.js
5.175.22.217200 OK 85 kB URL HTTP/2 www.robertz.de/assets/js/jquery-3.4.1_plusUI.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash d12f6a571f27f8f789cf30b5b17bfeea
6b61e7dbdb4fe26ca656015704e4e0270f2e3c05
1f278360aad59de34a97aeebd39d19149d60ccacb878ee9ebc3cbb398bd75437
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery-3.4.1_plusUI.min.js HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Sat, 04 Jul 2020 16:32:09 GMT
etag: "53745-5a9a02ed31440-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 85178
content-type: application/javascript
X-Firefox-Spdy: h2
www.robertz.de/images/Robertz/nachhaltigkeit/Zertifikat_Robertz_September-2022_03_PNG.png
5.175.22.217200 OK 92 kB URL HTTP/2 www.robertz.de/images/Robertz/nachhaltigkeit/Zertifikat_Robertz_September-2022_03_PNG.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 1239 x 1754, 8-bit colormap, non-interlaced\012- data
Hash fab49a5b2ee69c36cd5a19bf436acfc6
4cad67a4347f9931746ea1433f8415d24343c823
17dd3c7b5aade4ca96c7864a820ff97c1af95b2f786a0cf738b2f88bda99e697
GET /images/Robertz/nachhaltigkeit/Zertifikat_Robertz_September-2022_03_PNG.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 05 Oct 2022 15:07:14 GMT
etag: "1668c-5ea4aee8f958e"
accept-ranges: bytes
content-length: 91788
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/png
X-Firefox-Spdy: h2
booking.traveltermin.de/button?IpdVpkq9Li
134.119.241.212200 OK 1.8 kB URL HTTP/1.1 booking.traveltermin.de/button?IpdVpkq9Li
IP 134.119.241.212:0
ASN #34011 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (1932)
Hash b2a18eea1fb5589375a73c522fceb48a
c512ce391fae7566a6fed1ceb4d51dd3e9c365a5
dd9601ec2e7dfa466cb09bf94b47b45a5c539a7a5cc002cc56410d887310de5f
GET /button?IpdVpkq9Li HTTP/1.1
Host: booking.traveltermin.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 20:14:10 GMT
Server: Apache
X-Powered-By: PHP/7.3.10
Cache-Control: max-age=604800
Expires: Wed, 16 Nov 2022 20:14:10 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1791
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8;
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Michael.jpg
5.175.22.217200 OK 12 kB URL HTTP/2 backend.tcautor.de/www/_data/1007/files/Robertz/Team/Michael.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 236x236, components 3\012- data
Hash 7366bcfcda634ede8deb3d9c355a8b91
92f9e20b7355c4784e755f8c569ee2a5173d2168
7655969dad71f9c7b976b4e97c83bcaea8230e6cf2a48c17b591fd68362d059a
GET /www/_data/1007/files/Robertz/Team/Michael.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "2e3c-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 11836
content-type: image/jpeg
X-Firefox-Spdy: h2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Julia.jpg
5.175.22.217200 OK 12 kB URL HTTP/2 backend.tcautor.de/www/_data/1007/files/Robertz/Team/Julia.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 236x236, components 3\012- data
Hash a8194c06c8a8d294277daa462319d516
7a506471abff545dc237fd28cecd026b3637698f
b0df99082d55ea503390a5b00e84e450747dc5a4f891fe362481ac2e70a98185
GET /www/_data/1007/files/Robertz/Team/Julia.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "2fe3-5bf4e5b3d1c51"
accept-ranges: bytes
content-length: 12259
content-type: image/jpeg
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Thementeaser/women-3266211_1920.jpg
5.175.22.217200 OK 124 kB URL HTTP/2 www.robertz.de/images/BilderPool/Thementeaser/women-3266211_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 124 kB (123987 bytes)
Hash 4d620151c765ed8bdd1ddd6193f9e244
475c4f9ce545458df2a3c53b3f9767508d2b325d
3629b868912b11d754f948b8f297b7ba056e82256ee83c85fc41e401ea0dc1a6
GET /images/BilderPool/Thementeaser/women-3266211_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1e453-5cac1e06691e6"
accept-ranges: bytes
content-length: 123987
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Thementeaser/vacations-2490266_1920.jpg
5.175.22.217200 OK 114 kB URL HTTP/2 www.robertz.de/images/BilderPool/Thementeaser/vacations-2490266_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 114 kB (114078 bytes)
Hash 7d47e7c0e4644bdb9f6390233fa64b5d
309923c63deee1d97fb8dd2e70a902ee6faf7ac7
653e3553dd08d47e5a964311149365a582a90dfde032adaa54097e17882843f7
GET /images/BilderPool/Thementeaser/vacations-2490266_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1bd9e-5cac1e0664f6e"
accept-ranges: bytes
content-length: 114078
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 576101a5bceb3126ce720a2c5ce64569
54f3093107feb874fb047227701cbb9808078322
69ed56d28da051efa95cc770cc3043ffab0d31fd199e8690fc3c82d27ee90d6e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69ED56D28DA051EFA95CC770CC3043FFAB0D31FD199E8690FC3C82D27EE90D6E"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13217
Expires: Wed, 09 Nov 2022 23:54:27 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Claudia.jpg
5.175.22.217200 OK 44 kB URL HTTP/2 backend.tcautor.de/www/_data/1007/files/Robertz/Team/Claudia.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16], baseline, precision 8, 236x236, components 3\012- data
Hash 56c8f6150d913b65e5aab67b3ba62f84
ae1a6d0a553a211f0cf4fa673dfc6ed342f8cbe8
de7089fd245c1c2896802772b8c72120ecc7d66fcd972df725c9d1569af8ae4f
GET /www/_data/1007/files/Robertz/Team/Claudia.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "ac96-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 44182
content-type: image/jpeg
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 576101a5bceb3126ce720a2c5ce64569
54f3093107feb874fb047227701cbb9808078322
69ed56d28da051efa95cc770cc3043ffab0d31fd199e8690fc3c82d27ee90d6e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69ED56D28DA051EFA95CC770CC3043FFAB0D31FD199E8690FC3C82D27EE90D6E"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13158
Expires: Wed, 09 Nov 2022 23:53:28 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Nadine.jpg
5.175.22.217200 OK 48 kB URL HTTP/2 backend.tcautor.de/www/_data/1007/files/Robertz/Team/Nadine.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16], baseline, precision 8, 235x236, components 3\012- data
Hash 431793fe981ba51d3b6281986775045c
6b2ae55ed6162eac106b6149e1774bc7f94bd324
7496b26a859adfd8e480d681110c18d952b79bf7da7ed06e7e28968d9be66aa8
GET /www/_data/1007/files/Robertz/Team/Nadine.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "ba84-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 47748
content-type: image/jpeg
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Thementeaser/road-3114475_1920.jpg
5.175.22.217200 OK 138 kB URL HTTP/2 www.robertz.de/images/BilderPool/Thementeaser/road-3114475_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 138 kB (137929 bytes)
Hash 8808244f83f82cd6238b27cbbe3aee77
be55dca9bc25da62682dfbf202fe44d7a5a06f62
e965149dc4efeb45f020927785ae74b417994f2cea94f6c281776a8409eb4e2c
GET /images/BilderPool/Thementeaser/road-3114475_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "21ac9-5cac1e0668242"
accept-ranges: bytes
content-length: 137929
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 576101a5bceb3126ce720a2c5ce64569
54f3093107feb874fb047227701cbb9808078322
69ed56d28da051efa95cc770cc3043ffab0d31fd199e8690fc3c82d27ee90d6e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69ED56D28DA051EFA95CC770CC3043FFAB0D31FD199E8690FC3C82D27EE90D6E"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21532
Expires: Thu, 10 Nov 2022 02:13:02 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ab7b947ab614098d920a9f2295a3a55
9082f4f86395f10e51cd07b3cb8b228c817ee7d5
8e61e9a11c8196ba4e5cddc9840b912f6f6f33d7acb67f449aaee6508df175d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E61E9A11C8196BA4E5CDDC9840B912F6F6F33D7ACB67F449AAEE6508DF175D3"
Last-Modified: Wed, 09 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Thu, 10 Nov 2022 02:13:18 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 576101a5bceb3126ce720a2c5ce64569
54f3093107feb874fb047227701cbb9808078322
69ed56d28da051efa95cc770cc3043ffab0d31fd199e8690fc3c82d27ee90d6e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69ED56D28DA051EFA95CC770CC3043FFAB0D31FD199E8690FC3C82D27EE90D6E"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 10 Nov 2022 02:14:10 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f61b9f83e9e6674330c72e109f67832c
bb3cc2320539a0aebed558d372272423c61cc7a9
11edc48e342e2998e89a82f4f759168bf95dd1c0faa3063e6179e4f0827aaa54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11EDC48E342E2998E89A82F4F759168BF95DD1C0FAA3063E6179E4F0827AAA54"
Last-Modified: Tue, 08 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1302
Expires: Wed, 09 Nov 2022 20:35:52 GMT
Date: Wed, 09 Nov 2022 20:14:10 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
IP 142.250.74.35:0
Hash cef82c60c8a0e800cb1abfb2b4043e43
7a538ee8563b6cdfdcc0e08358b0644d78ce5d77
e9ddd19b4750001e4a0a073576243a139ac51b5f95d1f9fe8c7067321cc5c8c1
POST /s/gts1d4/AO43Z6OvIBc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
IP 142.250.74.35:0
Hash cef82c60c8a0e800cb1abfb2b4043e43
7a538ee8563b6cdfdcc0e08358b0644d78ce5d77
e9ddd19b4750001e4a0a073576243a139ac51b5f95d1f9fe8c7067321cc5c8c1
POST /s/gts1d4/AO43Z6OvIBc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Sabrina.jpg
5.175.22.217200 OK 44 kB URL HTTP/2 backend.tcautor.de/www/_data/1007/files/Robertz/Team/Sabrina.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=GIMP 2.8.22, datetime=2018:06:08 15:13:15], progressive, precision 8, 236x236, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-25701, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 197.285858, slope 0.000169\012- data
Hash 3f10608c9147bb7f2c6ed6d2d127d7a0
1aeb71c57ac6e2e9ab78ff28d9238bc26b83a67c
9eb3343464fc4fbf0e6e1d554d49f0e7eca0c5b6bf69abd3faf55b352788bce8
GET /www/_data/1007/files/Robertz/Team/Sabrina.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "acce-5bf4e5b3e4d7c"
accept-ranges: bytes
content-length: 44238
content-type: image/jpeg
X-Firefox-Spdy: h2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Melanie.jpg
5.175.22.217200 OK 60 kB URL HTTP/2 backend.tcautor.de/www/_data/1007/files/Robertz/Team/Melanie.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, xresolution=174, yresolution=182, resolutionunit=2, software=GIMP 2.8.22, datetime=2018:06:08 15:18:14], progressive, precision 8, 236x236, components 3\012- data
Hash dc2176c3173039123f7bd12a81306dda
9e4c94c2e2e0ca5fe5a1250294700613660321b6
d91036d1030fc79849ec5ac99b29a6ef2d1769e420fb100074b380a15c1679e8
GET /www/_data/1007/files/Robertz/Team/Melanie.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "eb77-5bf4e5b3ec77a"
accept-ranges: bytes
content-length: 60279
content-type: image/jpeg
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Thementeaser/mountaineers-5649828_1920.jpg
5.175.22.217200 OK 177 kB URL HTTP/2 www.robertz.de/images/BilderPool/Thementeaser/mountaineers-5649828_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 177 kB (176563 bytes)
Hash 8da55968b05019655e9ecf0814bf99fc
017da0fd24e608d42fd9e3ad9686fce2fceab09f
50ed47e128d4c9293417c6f08606c8b4ca05e991790bc83d068ddb077bb7a6f0
GET /images/BilderPool/Thementeaser/mountaineers-5649828_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "2b1b3-5cac1e0667e58"
accept-ranges: bytes
content-length: 176563
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
www.paxconnect.de/js/meinereiseangebote_iframe_v1.1.0.js
83.169.3.220200 OK 653 B URL HTTP/1.1 www.paxconnect.de/js/meinereiseangebote_iframe_v1.1.0.js
IP 83.169.3.220:0
ASN #8972 Host Europe GmbH
Hash f5bf508542930203b6d507c968670502
b2a0ed3ceeb796f0aa21b6efe84bf6d6a710c0f8
6c3a3bb55c78ea17e0b9e1b9e821e509b94d2dc67e20b32515e1f3b9b423211c
GET /js/meinereiseangebote_iframe_v1.1.0.js HTTP/1.1
Host: www.paxconnect.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:10 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 May 2022 09:37:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"628df8db-72b"
X-FRAME-OPTIONS: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' paxconnect.de *.paxconnect.de *.smartberatung.com *.meinereiseangebote.de youtube.com *.youtube.com
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
X-Powered-By: PleskLin
Content-Encoding: br
www.robertz.de/assets/js/vendor_bundle.min.js
5.175.22.217200 OK 101 kB URL HTTP/2 www.robertz.de/assets/js/vendor_bundle.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65514)
Size 101 kB (101220 bytes)
Hash eb1235ec9c4c6300e795fdf0be02224f
d3f8f421bdfc1938f6dbdd41b76b0eb01c3a0bcd
37fe01d6f5a8a0bcf91568940e0202f4728b966b15f2e3141d3729dce8cb2a34
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/vendor_bundle.min.js HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:42:21 GMT
etag: "66b1b-5a67925eb8940-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 101220
content-type: application/javascript
X-Firefox-Spdy: h2
www.robertz.de/images/Robertz/Sonderreisen/2023_douro/Dourotal_2023_Teaser.jpg
5.175.22.217200 OK 245 kB URL HTTP/2 www.robertz.de/images/Robertz/Sonderreisen/2023_douro/Dourotal_2023_Teaser.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1260x860, components 3\012- data
Size 245 kB (245098 bytes)
Hash 5222d6d387662013bd7de8cafb3880b7
100376302444e5e425af578536be126cec89ba9e
982289b28aeb3839fe78a3fd9bac5951971c3b417438dc25510224939b6f5ac5
GET /images/Robertz/Sonderreisen/2023_douro/Dourotal_2023_Teaser.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 07 Sep 2022 14:51:51 GMT
etag: "3bd6a-5e81773f7aa75"
accept-ranges: bytes
content-length: 245098
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
www.robertz.de/images/Robertz/Sonderreisen/2023_ostsee-oder/2023_kultour_kreuzfahrt_teaser.jpg
5.175.22.217200 OK 394 kB URL HTTP/2 www.robertz.de/images/Robertz/Sonderreisen/2023_ostsee-oder/2023_kultour_kreuzfahrt_teaser.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "Created with GIMP", progressive, precision 8, 1260x860, components 3\012- data
Size 394 kB (393584 bytes)
Hash f51e6ae37f5a6725e91f8dfe90751218
401450013faed0a350a16741ec91b7a9cac1d6dd
2ecd15ac2f69b67784e4a621a7f99b16aebf75641d789ab511717b0f6a13f353
GET /images/Robertz/Sonderreisen/2023_ostsee-oder/2023_kultour_kreuzfahrt_teaser.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Wed, 27 Jul 2022 15:35:52 GMT
etag: "60170-5e4cb2c193ac4"
accept-ranges: bytes
content-length: 393584
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:10 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
www.robertz.de/www/fonts/montserrat.css
5.175.22.217404 Not Found 196 B URL HTTP/2 www.robertz.de/www/fonts/montserrat.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /www/fonts/montserrat.css HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/medical-563427_1920.jpg
5.175.22.217200 OK 41 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/medical-563427_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash 1a14e9bc192ef71737e00e2659b943a3
b34da10383fc7cf2f7588d01f7c7f161ecd3de59
609b9a791933979e096a4778fdd0b046a29d58be123a66fe975951a5db751aff
GET /www/_data/1009/files/BilderPool/Thementeaser/medical-563427_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 09:40:48 GMT
etag: "a07b-5e9cdac1b9435"
accept-ranges: bytes
content-length: 41083
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/statue-of-liberty-g91a003ec7_1920.jpg
5.175.22.217200 OK 73 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/statue-of-liberty-g91a003ec7_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash 73991d5ed68858c2a662504dc2183e32
1cedc862bb3824ea216db4591c71d5b3a0b49dc2
21127e3e4b00b57465d7dc43dbbb6bf6adbb931c512aa1b76d7096061556fecc
GET /www/_data/1009/files/BilderPool/Thementeaser/statue-of-liberty-g91a003ec7_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 09:40:48 GMT
etag: "11de2-5e9cdac1c4b5e"
accept-ranges: bytes
content-length: 73186
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/passport-6012618_1920.jpg
5.175.22.217200 OK 135 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/passport-6012618_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 135 kB (135254 bytes)
Hash 6c6cce06a97cb2121796d60972afafaa
3a66e9eb3f93e7a004adbd13405588d7b7cc3ef2
55c47ab26263641d379014113b867e685ab1a3747d8419ad5b07c6834ba25623
GET /www/_data/1009/files/BilderPool/Thementeaser/passport-6012618_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 11 Nov 2021 09:39:05 GMT
etag: "21056-5d0801d0be818"
accept-ranges: bytes
content-length: 135254
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/lake-louise-1761286_1920.jpg
5.175.22.217200 OK 115 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/lake-louise-1761286_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 115 kB (115135 bytes)
Hash ae636582e580e0d24e4fedbc84af6894
02040d1ef25f7ec7678ef64ba984a2236dfb0153
836653e3204500f3598e1bc344205a816584c96b5393cea8b4af40e74e736f7d
GET /www/_data/1009/files/BilderPool/Thementeaser/lake-louise-1761286_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 09:40:48 GMT
etag: "1c1bf-5e9cdac1c8868"
accept-ranges: bytes
content-length: 115135
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif
5.175.22.217200 OK 489 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type GIF image data, version 89a, 2000 x 400\012- data
Size 489 kB (488926 bytes)
Hash 5d4acf5c3a2b71be434b261b76b7e6a9
d9e2645d08cec0a26fe80d30e973de6a4a0b7455
05655f50624596e80672653afde7d5ff99e5efa933bab177057a92812cb659f5
GET /www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 23 Aug 2022 16:09:31 GMT
etag: "775de-5e6eaca279e6a"
accept-ranges: bytes
content-length: 488926
content-type: image/gif
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/cGpVLbInt0o
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/cGpVLbInt0o
IP 142.250.74.35:0
Hash 3e7d6fd8a3b554c92dce54bb47ed14d4
de02b7f8d8b8165ee2a5eaef5180ac7c919246b2
71229a8d9de7c87b6e0e6cbffb6ad0e965917efce026eac64fa927c91220451b
POST /s/gts1d4/cGpVLbInt0o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/cGpVLbInt0o
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/cGpVLbInt0o
IP 142.250.74.35:0
Hash 3e7d6fd8a3b554c92dce54bb47ed14d4
de02b7f8d8b8165ee2a5eaef5180ac7c919246b2
71229a8d9de7c87b6e0e6cbffb6ad0e965917efce026eac64fa927c91220451b
POST /s/gts1d4/cGpVLbInt0o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.robertz.de/assets/fonts/flaticon/Flaticon.woff2
5.175.22.217200 OK 37 kB URL HTTP/2 www.robertz.de/assets/fonts/flaticon/Flaticon.woff2
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Hash ae2dd4b29a7c28b5cc6e9364c7a69983
602976fc50a9aa00adc99bc2d93888db7a81d2fc
0ebd2de93302226f320140f8051d5cff7c3752be9700d0d598e498bbe0dde638
Analyzer Verdict Alert fortinet Phishing
GET /assets/fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.robertz.de/assets/css/core.min.css
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800"
accept-ranges: bytes
content-length: 36732
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:11 GMT
vary: Accept-Encoding
x-cache: MISS from www.robertz.de
content-type: font/woff2
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Reisethemen/Wandern-Alpen/mountaineers-5649828_1920.jpg
5.175.22.217200 OK 495 kB URL HTTP/2 www.robertz.de/images/BilderPool/Reisethemen/Wandern-Alpen/mountaineers-5649828_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 495 kB (495184 bytes)
Hash d708b49b7c25267812f6899e2acf19b4
ec6ef0b325f9da1332ee56dec7599f93d793a758
cae3622c5e0a149cfeb6a634b0b19e833523997774f153d394e689b99f52c694
GET /images/BilderPool/Reisethemen/Wandern-Alpen/mountaineers-5649828_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 15:12:49 GMT
etag: "78e50-5c50bc1bd7f5c"
accept-ranges: bytes
content-length: 495184
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:11 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
privacy-proxy-server.usercentrics.eu/googleMaps?center=NaN,6.342&size=1000x500&zoom=12
34.149.163.237200 OK 9.4 kB URL HTTP/2 privacy-proxy-server.usercentrics.eu/googleMaps?center=NaN,6.342&size=1000x500&zoom=12
IP 34.149.163.237:0
File type PNG image data, 1280 x 1000, 8-bit colormap, non-interlaced\012- data
Hash 54fd6e96885c88070add8a1c693dd342
27bfae7fa82cc11de8f58165c4b8d1c6f757654f
c7754a82e1f13d5c3282796111a227df7afdd9c4b6fc26466baa566654545865
GET /googleMaps?center=NaN,6.342&size=1000x500&zoom=12 HTTP/1.1
Host: privacy-proxy-server.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-type: image/png
expires: Thu, 10 Nov 2022 20:14:11 GMT
cache-control: public, max-age=2592000
x-staticmap-api-warning: Error geocoding: center
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=82
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cloud-trace-context: a730ba2d29a69ebc49564135fd38ab87
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Google Frontend
content-length: 9353
via: 1.1 google
X-Firefox-Spdy: h2
www.robertz.de/assets/js/scripts.min.js?_=1668024847227
5.175.22.217200 OK 3.2 kB URL HTTP/2 www.robertz.de/assets/js/scripts.min.js?_=1668024847227
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (5449), with CRLF line terminators
Hash 1d16ebc0b3c66d6a10a2f844da041250
0bfc5df3e06ecc3af5ea0e5e4ec0c277d887c58f
7ddfb4f8b171063568c5f9d506d3777cfc061d6eff3deff43fcb5af2b6e38f11
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/scripts.min.js?_=1668024847227 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
last-modified: Sun, 05 Jul 2020 10:17:52 GMT
etag: "2541-5a9af1222b05b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:11 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 3166
content-type: application/javascript
X-Firefox-Spdy: h2
www.robertz.de/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1668024847228
5.175.22.217200 OK 2.8 kB URL HTTP/2 www.robertz.de/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1668024847228
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text
Hash ff02a0dc373adfb3ebe39af4c7eef961
dac0bdc76620735d11975d970215c5d70207334c
7cdb80f8f5dea5cabf2936d0241e5d8a4b07f1cddaa5123a0c83b764c8f2c798
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1668024847228 HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
last-modified: Sat, 18 Jul 2020 18:48:04 GMT
etag: "2936-5aabbb6b6819b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:11 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-length: 2824
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/cGpVLbInt0o
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/cGpVLbInt0o
IP 142.250.74.35:0
Hash 3e7d6fd8a3b554c92dce54bb47ed14d4
de02b7f8d8b8165ee2a5eaef5180ac7c919246b2
71229a8d9de7c87b6e0e6cbffb6ad0e965917efce026eac64fa927c91220451b
POST /s/gts1d4/cGpVLbInt0o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
privacy-proxy-server.usercentrics.eu/googleMaps?center=50.705,6.178&size=1000x500&zoom=12
34.149.163.237200 OK 159 kB URL HTTP/2 privacy-proxy-server.usercentrics.eu/googleMaps?center=50.705,6.178&size=1000x500&zoom=12
IP 34.149.163.237:0
File type PNG image data, 1280 x 1000, 8-bit colormap, non-interlaced\012- data
Size 159 kB (159032 bytes)
Hash 72ea0883ee7d17e4ac26e0957d2025b4
ec59bdad0d54dd2f4581697d10b1d6962285cc5a
61a2d460c0bd77a757f6bb5bc1b79fcc61765b32039258902cb9b622247daf52
GET /googleMaps?center=50.705,6.178&size=1000x500&zoom=12 HTTP/1.1
Host: privacy-proxy-server.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-type: image/png
expires: Thu, 10 Nov 2022 20:14:11 GMT
cache-control: public, max-age=2592000
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cloud-trace-context: 6aebbfd62caec3947e1f75bcdfbbc022
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Google Frontend
content-length: 159032
via: 1.1 google
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9529
Expires: Wed, 09 Nov 2022 22:53:00 GMT
Date: Wed, 09 Nov 2022 20:14:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9529
Expires: Wed, 09 Nov 2022 22:53:00 GMT
Date: Wed, 09 Nov 2022 20:14:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9529
Expires: Wed, 09 Nov 2022 22:53:00 GMT
Date: Wed, 09 Nov 2022 20:14:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg
34.120.237.76200 OK 2.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 547f07effeda1f7041b06fa3f10f90bf
d453f8017ebbbb8362f745a15c95acbddf55ac26
c4c4063cae55e4e2192ab2ac98543f4495a81879b8001fd2efb7989ca6eddba9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2808
x-amzn-requestid: 7360c882-e191-456f-a3bd-a60b9521fa1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTvFUXIAMFXHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-76c6b1c251a2bf7e56fd9ba2;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YjFB1BpcpATyMj0aZldTHb6xWSeTIzklGyc1WWT09DsrnYQ1bUiTkg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 18:54:44 GMT
age: 4767
etag: "d453f8017ebbbb8362f745a15c95acbddf55ac26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c69b19d2273c3ade32fd0797921c0459
8cafda5659f5b36c855a2bbcaeb03aa715ddeebd
d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5sq7XRYInS334VVDEtCJNlf_O9FTHn2G4u-WAIygFZ-SALN0flMwew==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:14 GMT
age: 79917
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQBFkEhLIAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:49:16 GMT
age: 80695
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 06:24:20 GMT
age: 49791
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86ec3f22045de1a100eccf27d91593ae
e26769d82108f89057b05096061f1276d34e223a
b863d19ab12945922b4d014c517f5ffe349cefe2bbe1c2f16661371f22378cbd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 730ec36d-2d1d-4a0f-90c8-dd819811bdd1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bM39VEZkIAMF7lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636839ee-6e75e34c64d489ca25765e67;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 22:49:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: R2JUiJdMAsIbCHDmMMHyN0sKaVBZMDRh2WOfBPUWZpnMBVOcI40Y3w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 11:14:53 GMT
age: 32358
etag: "e26769d82108f89057b05096061f1276d34e223a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 81040
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f8a52741b0ee3af3c68c41aef452d17
cacb0ae9576b236cc69c8b5242023e0d74286315
7db9821452de393101757931023b2ddb1dcbc2f5b423bd74418c01ae8c7ddd4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1911
Cache-Control: max-age=129645
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Etag: "636b5a09-1d7"
Expires: Fri, 11 Nov 2022 08:14:56 GMT
Last-Modified: Wed, 09 Nov 2022 07:43:05 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f8a52741b0ee3af3c68c41aef452d17
cacb0ae9576b236cc69c8b5242023e0d74286315
7db9821452de393101757931023b2ddb1dcbc2f5b423bd74418c01ae8c7ddd4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1911
Cache-Control: max-age=129645
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Etag: "636b5a09-1d7"
Expires: Fri, 11 Nov 2022 08:14:56 GMT
Last-Modified: Wed, 09 Nov 2022 07:43:05 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f8a52741b0ee3af3c68c41aef452d17
cacb0ae9576b236cc69c8b5242023e0d74286315
7db9821452de393101757931023b2ddb1dcbc2f5b423bd74418c01ae8c7ddd4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3473
Cache-Control: max-age=131207
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:11 GMT
Etag: "636b5a09-1d7"
Expires: Fri, 11 Nov 2022 08:40:58 GMT
Last-Modified: Wed, 09 Nov 2022 07:43:05 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ
IP 142.250.74.35:0
Hash 2bf7b638b101c892bd1a137dbd10595f
3a596d93e08dfd3222b54a540604c7c999594b7a
6797dbb4b423a259959bdfb27a0f3102f7a222d2521250f3ebd9f445c555179f
POST /s/gts1d4/qXJ6BhT-uwQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.meinereiseangebote.de/VRVR-5820?supressCookieConsent&output_content=iframe
13.69.68.38200 OK 10 kB URL HTTP/1.1 www.meinereiseangebote.de/VRVR-5820?supressCookieConsent&output_content=iframe
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1611), with CRLF, LF line terminators
Hash b5c2e5770b5b9bc0ff4624ab25d4b580
95cf4d50454479603688b77d015c865b72e01f1c
29d4e74b83d5bb62eee983fe7f16e64e36af3367ffd206feb17ef26be1961001
GET /VRVR-5820?supressCookieConsent&output_content=iframe HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 10012
Content-Type: text/html; charset=utf-8
Date: Wed, 09 Nov 2022 20:14:11 GMT
Server: Apache
Cache-Control: no-store, must-revalidate, no-cache
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=ee84f27a16cd686ed435f2d2e3a9eef5; path=/; secure; HttpOnly; SameSite=Strict
ARRAffinity=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51;Path=/;HttpOnly;Secure;Domain=www.meinereiseangebote.de
ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.meinereiseangebote.de
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Security-Policy: default-src 'none';frame-src 'self' *.trustyou.com *.youtube.com *.google.com review.holidaycheck.com;media-src 'self' static.gebeco.de *.studiosus.com;font-src 'self' https://fonts.gstatic.com *.smartberatung.com;img-src * 'self' data:;object-src 'none';script-src 'strict-dynamic' 'nonce-8iUXN7UCGoQauIEdfce74NBc9yA=' *.smartberatung.com ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.core.windows.net cdn.smartberatung.com;frame-ancestors *;base-uri 'self';form-action 'self';connect-src *;
www.meinereiseangebote.de/dist/main-db9ddf5617.min.css
13.69.68.38200 OK 22 kB URL HTTP/1.1 www.meinereiseangebote.de/dist/main-db9ddf5617.min.css
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash b70cafcc617fbbce13bdab78b616c169
a501a5dc9a740c30a61c371d6e9cacf553f1e7ce
dd7540f7d2624662af87ab440ced5035b6a072706bd77034f21740d52bf1ff81
GET /dist/main-db9ddf5617.min.css HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 22471
Content-Type: text/css
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1df4b-5ead190906580-gzip"
Last-Modified: Wed, 12 Oct 2022 07:44:38 GMT
Vary: Accept-Encoding
api.usercentrics.eu/settings/8EV1oBWbt/latest/de.json
35.241.3.184200 OK 8.2 kB URL HTTP/2 api.usercentrics.eu/settings/8EV1oBWbt/latest/de.json
IP 35.241.3.184:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (26196), with no line terminators
Hash c62ae3f23a1b9db989b30786d7623166
c5fa759c2f95c4bcab5393391838ce826948babf
e96186ea046c8600f2cd9200a2298bdb42a9b26bc89a7bcc62f80933d903be7d
GET /settings/8EV1oBWbt/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.robertz.de/
Origin: https://www.robertz.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdufXpGapI-9QNj-sdqaVfRFqlnALlQnfFd3KHXTcas-CgtkcjS3i5OxCXGoLb38w5KnqE36PygxmYM0En_JHzatHg
date: Wed, 09 Nov 2022 20:14:12 GMT
cache-control: public, max-age=1800, s-maxage=10
expires: Wed, 09 Nov 2022 20:14:22 GMT
last-modified: Fri, 04 Nov 2022 16:59:00 GMT
etag: "c62ae3f23a1b9db989b30786d7623166"
x-goog-generation: 1667581140461575
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8174
content-type: application/json
content-encoding: gzip
x-goog-hash: crc32c=R4cBkQ==, md5=xirj8jobnbmJsweG12IxZg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8174
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.meinereiseangebote.de/js/signalr.min.js
13.69.68.38200 OK 20 kB URL HTTP/1.1 www.meinereiseangebote.de/js/signalr.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (59658)
Hash a489a138f3892c6cd7e480f3434cb0f0
833fb6efed094733f67c9f1ea199857d6d8e648b
36ccf5a6da80777f525f90110963dfed1323c6518ba2d1b9efb4f409ce617371
GET /js/signalr.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 20395
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1c662-58abf392a1880-gzip"
Last-Modified: Fri, 07 Jun 2019 17:33:06 GMT
Vary: Accept-Encoding
ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ
IP 142.250.74.35:0
Hash 2bf7b638b101c892bd1a137dbd10595f
3a596d93e08dfd3222b54a540604c7c999594b7a
6797dbb4b423a259959bdfb27a0f3102f7a222d2521250f3ebd9f445c555179f
POST /s/gts1d4/qXJ6BhT-uwQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.meinereiseangebote.de/css/customer.css.php?c=e9e2d6&c_text=000&cback=ffffff&cback_text=000&cbutton=ec6328&cbutton_text=fff&cattr=ff0000&cattr_text=fff
13.69.68.38200 OK 843 B URL HTTP/1.1 www.meinereiseangebote.de/css/customer.css.php?c=e9e2d6&c_text=000&cback=ffffff&cback_text=000&cbutton=ec6328&cbutton_text=fff&cattr=ff0000&cattr_text=fff
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 402d16529c960b4b420de44987f3f6a4
cadf55654c2f1a0bcc6ffa5c916e120d7df052ef
6b73063b356a21320999f666ca5501937ea3cbb311b1e3c10242a2b88ced768e
GET /css/customer.css.php?c=e9e2d6&c_text=000&cback=ffffff&cback_text=000&cbutton=ec6328&cbutton_text=fff&cattr=ff0000&cattr_text=fff HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 843
Content-Type: text/css; charset=UTF-8
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28
www.meinereiseangebote.de/dist/list.67a1409927b5371fffa8.bundle.js
13.69.68.38200 OK 29 kB URL HTTP/1.1 www.meinereiseangebote.de/dist/list.67a1409927b5371fffa8.bundle.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65411)
Hash 964547c7340dc77600503e74e18ef665
3f22284d414830ecf0d407c7317e2b0e4ae21cc0
2cfab7ab81d9e5157bbd3daa813d162829be775588391d5cb8e5ecd31a1c5b7a
GET /dist/list.67a1409927b5371fffa8.bundle.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 28921
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1606f-5ead191c19280-gzip"
Last-Modified: Wed, 12 Oct 2022 07:44:58 GMT
Vary: Accept-Encoding
www.meinereiseangebote.de/js/jquery.validate.min.js
13.69.68.38200 OK 7.9 kB URL HTTP/1.1 www.meinereiseangebote.de/js/jquery.validate.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (24463)
Hash 98dd0eff9bec7b5449b1a875a095efe8
601c8f3cd6fbf7f62599872cff4c19045718428c
16d1d1da78f61d81e9657708cdc110eec288a5f8613a6a50d4a10ed6de3c522b
GET /js/jquery.validate.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 7917
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "6019-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding
www.meinereiseangebote.de/js/iframeResizer.contentWindow.min.js
13.69.68.38200 OK 5.1 kB URL HTTP/1.1 www.meinereiseangebote.de/js/iframeResizer.contentWindow.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (13224)
Hash acf6ed4a5a0367bf4192578cd9d14af2
6cbf60125c288e9ee11cb114ef6146f433213189
16869f60747c1ed316dbf077789e13a43f9de6ea4d5319c7bb101d32b6070c74
GET /js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5062
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "34fb-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding
www.meinereiseangebote.de/js/iframeResizer.min.js
13.69.68.38200 OK 5.6 kB URL HTTP/1.1 www.meinereiseangebote.de/js/iframeResizer.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (13786)
Hash 2dbe7ca3eeeecd201e821ae3e8615fd1
6082808fe38faf7d285a4e0da66f2d23200109da
b8d2a53b285cca535708451e516647e02dfbcc2f7f45164919fb2b2408b1c38a
GET /js/iframeResizer.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5586
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "36fc-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding
www.meinereiseangebote.de/js/jquery.min.js
13.69.68.38200 OK 31 kB URL HTTP/1.1 www.meinereiseangebote.de/js/jquery.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65447)
Hash 31d53c8cdce8012a24abc8e84aa972e5
7287b1ec5d88304ba44fc1958b8de9596274c4e3
1b72bc7f54bc9170e605f6c4bb5529668c4ee3efeee602fdb63036b45b49f41c
GET /js/jquery.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 30902
Content-Type: application/javascript
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "15d9d-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding
www.meinereiseangebote.de/images/map-pointer.svg
13.69.68.38200 OK 520 B URL HTTP/1.1 www.meinereiseangebote.de/images/map-pointer.svg
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash ac3b43d0d75a0c358464b8c81b168ba0
a8de09edc55ab38a335e7c883b480c0602089e8a
128a253d55271bb538fa48869e9ccb3374f64267e0f7559fa749d37fa83e8abf
GET /images/map-pointer.svg HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=47e899d5dc0547d5646e3c2c0081ae2cb7fddd55609bf4af48732c4283928a51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 520
Content-Type: image/svg+xml
Date: Wed, 09 Nov 2022 20:14:12 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "208-5ead18fbac600"
Last-Modified: Wed, 12 Oct 2022 07:44:24 GMT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5100820067042e41b6a4b92a9ac62981
755d4005599b7e745aa53c4ee949bd07cf775d91
a8af4f3cbf5ffde3e474e669b6308aaad37c11714832fd232bc96b08ddcc7c78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146788
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Etag: "636ba478-1d7"
Expires: Fri, 11 Nov 2022 13:00:40 GMT
Last-Modified: Wed, 09 Nov 2022 13:00:40 GMT
Server: nginx
Content-Length: 471
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 9e1aa04c6cf6c62eadfd2e41c52e9bd4
1eedfcac8778476955128bf0a1b3fe38f62c2394
f18f3969b49a07d97a9041c8510ee08573368dd64c50a0fb4f5594294115047a
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 09 Nov 2022 19:37:24 GMT
Expires: Thu, 10 Nov 2022 19:37:24 GMT
ETag: "1eedfcac8778476955128bf0a1b3fe38f62c2394"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2
104.18.22.52200 OK 11 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 10884, version 331.-31196\012- data
Hash b297f9c677379a25dab795e0546e1e07
c0eeb3115545926ad1cb5d9b37a2fe573acf4b03
272922821dedf161cdf3bebb80a3353ae53e530698f4f92606e3f76b5415c158
GET /releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 10884
x-amz-id-2: MSUO5SLWXT3wy9ZkeOcfS8o/YDoc6TN1191layOBqbf42KYTRTpfjWgpf2h2TRIdoRB6EHracrc=
x-amz-request-id: 2J07XZNG0BRT89VN
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:39 GMT
etag: "b297f9c677379a25dab795e0546e1e07"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369de968b500-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2
104.18.22.52200 OK 2.4 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 2412, version 331.-31196\012- data
Hash 714ee8de820748bab5090d91cd5b7690
07f4d4dfe5e3c9045f41996eb1ac8ecbbcc779bf
322c181b1aab5807cd0a7ed9e249ddbd97fa385ca3d338aa59ef1f610ca24601
GET /releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 2412
x-amz-id-2: p3mE6+hyiq+T8ZmIFfOSoez+MYzcSknKPe7lZVuKpABWYZX326yStLSMbXmHVU8gF5gTB5J4How=
x-amz-request-id: 2J08902JTQTTQ2KM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:37 GMT
etag: "714ee8de820748bab5090d91cd5b7690"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369de971b500-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.1.woff2
104.18.22.52200 OK 11 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.1.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 10860, version 331.-31196\012- data
Hash eb7a13166c2efdd5b305c75d341ce222
4f9e18b100b049b74efb8f0084e81756abaadfaa
b2698da8df8781bf12a07d76bab5c6353fbb730a8138fcaa1371c4950ad7c461
GET /releases/latest/webfonts/pro-fa-light-300-5.11.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 10860
x-amz-id-2: me5XWBP3/eg7FOUx0bzil8Rf7/a9wpqw+waOHGjlpdTkXxMdHwPhccz+q5V5jukbr5AsZ0zRG7I=
x-amz-request-id: 2J0DM2T7WWKY0QK1
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "eb7a13166c2efdd5b305c75d341ce222"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369df982b500-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2
104.18.22.52200 OK 10 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 10412, version 331.-31196\012- data
Hash 82b2764fcd41e25136e931dd303a29f4
ec11167afa020752f2dcdbeba74c10ee6d9255d6
94db1583c12033a2b06418908eaf13362e9e79e6c4a78e5e8ce608774cf6e512
GET /releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 10412
x-amz-id-2: rapPqU7T/opRL5XQF96Wln70x4dzgD1nviiPohuxQ8QWEP1gAeWERmcFf3eJmlFQ55SwJvyhyOM=
x-amz-request-id: 2J0C068FH3VTQAYA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "82b2764fcd41e25136e931dd303a29f4"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369e099cb500-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k
IP 142.250.74.35:0
Hash bd0b29457a55942c4ecc9a0e6d3b3fc4
be16e7a02e8a68495ae7718128f6fe4f9df8b74d
527706e8b967b9138d0bd581b2ac18fa8d489e38649975788c8dbe7f51e93d39
POST /s/gts1d4/tKUY0ZCyl9k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd45c8fe14e2312dc1cc1c953caaa62e
7a9b8fea1c9c1034366d40741684a88defe0a122
1024006ee4e8d2fd8bbe03907cf077d33bc2bfd585950629180e96810aba667b
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 246
Cache-Control: max-age=113935
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Etag: "636b232d-1d7"
Expires: Fri, 11 Nov 2022 03:53:07 GMT
Last-Modified: Wed, 09 Nov 2022 03:49:01 GMT
Server: ECS (amb/6BAB)
X-Cache: HIT
Content-Length: 471
media.xmlteam.de/files/nicko-cruises/nicko-cruises-logo-e60f33.png
162.55.39.184200 OK 5.4 kB URL HTTP/2 media.xmlteam.de/files/nicko-cruises/nicko-cruises-logo-e60f33.png
IP 162.55.39.184:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 500 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 95e474477b17bb6d387a84aadd73b3aa
e627261d0093b4e2971616f23e075038a2f1057d
0e655b875be105ac8811e04486bd47f9a3c8bccab999b0fe22527c75b26291ff
GET /files/nicko-cruises/nicko-cruises-logo-e60f33.png HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 26 Feb 2022 10:57:59 GMT
etag: "1501-5d8e9b0381bc0"
accept-ranges: bytes
content-length: 5377
content-type: image/png
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd45c8fe14e2312dc1cc1c953caaa62e
7a9b8fea1c9c1034366d40741684a88defe0a122
1024006ee4e8d2fd8bbe03907cf077d33bc2bfd585950629180e96810aba667b
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 246
Cache-Control: max-age=113935
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Etag: "636b232d-1d7"
Expires: Fri, 11 Nov 2022 03:53:07 GMT
Last-Modified: Wed, 09 Nov 2022 03:49:01 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd45c8fe14e2312dc1cc1c953caaa62e
7a9b8fea1c9c1034366d40741684a88defe0a122
1024006ee4e8d2fd8bbe03907cf077d33bc2bfd585950629180e96810aba667b
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2038
Cache-Control: max-age=115727
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Etag: "636b232d-1d7"
Expires: Fri, 11 Nov 2022 04:22:59 GMT
Last-Modified: Wed, 09 Nov 2022 03:49:01 GMT
Server: ECS (amb/6B79)
X-Cache: HIT
Content-Length: 471
cdn.smartberatung.com/fonts/roboto-v18-latin-700.woff2
13.107.213.53200 OK 15 kB URL HTTP/2 cdn.smartberatung.com/fonts/roboto-v18-latin-700.woff2
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 15436, version 1.0\012- data
Hash 037d830416495def72b7881024c14b7b
619389190b3cafafb5db94113990350acc8a0278
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
GET /fonts/roboto-v18-latin-700.woff2 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 15436
content-type: application/octet-stream
content-md5: A32DBBZJXe9yt4gQJMFLew==
last-modified: Fri, 30 Apr 2021 09:58:44 GMT
accept-ranges: bytes
etag: "0x8D90BBE8A57F2BB"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 0500d5f8-101e-00c0-715c-f4da8a000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0v+VrYwAAAACKL9cKRRGSTbW41rZuftbQQU1TMDRFREdFMTkxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0FApsYwAAAACgNNxT3pNfSZ+q6UPH9sXYU1ZHMjBFREdFMDYxNwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2
104.18.22.52200 OK 25 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 24800, version 331.-31196\012- data
Hash 4abe94f1746789f39110d3ebac7ebd96
bdc3b41f3cc3e5e3e87ca020eeddc2b288f0dd91
299dc8e16be2ab2214e279b5536efd387d17fd3d364f397ce9f1fed602384fea
GET /releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 24800
x-amz-id-2: 2G/URN2mEaoF1iTABr0ADxZQa7fTFvrNWEHDhb2zfSZ8VbW1nx6s2GuTBNSlWYvVUfVDbJ/t/F0=
x-amz-request-id: 2J06ZXE6JJPT6FZ4
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:40 GMT
etag: "4abe94f1746789f39110d3ebac7ebd96"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369e099ab500-OSL
X-Firefox-Spdy: h2
cdn.smartberatung.com/fonts/roboto-v18-latin-regular.woff2
13.107.213.53200 OK 15 kB URL HTTP/2 cdn.smartberatung.com/fonts/roboto-v18-latin-regular.woff2
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /fonts/roboto-v18-latin-regular.woff2 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 15344
content-type: application/octet-stream
content-md5: XUrrTl9e91TjB9f/rvaIvQ==
last-modified: Fri, 30 Apr 2021 09:58:44 GMT
accept-ranges: bytes
etag: "0x8D90BBE8A6F780F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 38e0ad6a-701e-00b6-575c-f45e36000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0v+VrYwAAAABYEPFuHCHXTJSsQiBE26DmQU1TMDRFREdFMTkxMwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0FApsYwAAAABIEzuDNRoGR72+m0FNfKaYU1ZHMjBFREdFMDYxNwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2
cdn.smartberatung.com/fonts/roboto-v18-latin-500.woff2
13.107.213.53200 OK 16 kB URL HTTP/2 cdn.smartberatung.com/fonts/roboto-v18-latin-500.woff2
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /fonts/roboto-v18-latin-500.woff2 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 15552
content-type: application/octet-stream
content-md5: KFRnF29/5rtqnGhzs9rSzA==
last-modified: Fri, 30 Apr 2021 09:58:43 GMT
accept-ranges: bytes
etag: "0x8D90BBE8A2F040E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 6fccfbd9-501e-0029-7a05-f4268c000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0v+VrYwAAAACAKkrJnH0yTp5bA7OhKfhQQU1TMDRFREdFMTkxMgBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0FApsYwAAAADhz1fHL07aSaMC2agXJMERU1ZHMjBFREdFMDYxNwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2
104.18.22.52200 OK 17 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 17168, version 331.-31196\012- data
Hash 8a43eb7db323b6a82d87a458c34cbe82
968367a39a575ffe38f1cfda07eea12eff885831
2bbaabc785383c5d90abc17e6703ac6a057b9644c6ebdfe9e15709c6ffac9c71
GET /releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 17168
x-amz-id-2: biETtmrR4Q7A47OGgjefTnMwZCLjvMs5qZDKDHcWmiKIRu6v2zc51nADyfiDFPhly//KGyNjOO8=
x-amz-request-id: 2J08XYPJKV8S3H83
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "8a43eb7db323b6a82d87a458c34cbe82"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369df991b500-OSL
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Reisethemen/St%C3%A4dtereisen/heidelberg-5360721_1920.jpg
5.175.22.217200 OK 295 kB URL HTTP/2 www.robertz.de/images/BilderPool/Reisethemen/St%C3%A4dtereisen/heidelberg-5360721_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1277, components 3\012- data
Size 295 kB (295085 bytes)
Hash 94538df66b1ef89ce0421aca5a3d7686
fe8530ca9b8b16051a5d506a1e4a0001c7a40876
12bbd7295fda70b3d2227ea20c2a0df48ddcff4dae129776410eb93b022f397f
GET /images/BilderPool/Reisethemen/St%C3%A4dtereisen/heidelberg-5360721_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 15:13:53 GMT
etag: "480ad-5c50bc58fad9d"
accept-ranges: bytes
content-length: 295085
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:12 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg
5.175.22.217200 OK 298 kB URL HTTP/2 www.robertz.de/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 298 kB (297622 bytes)
Hash 3b79d15ffab5a3bf79230f1267583e04
d52e852edaafb33ae8685188a9e8cdaae25a3a22
b1b7249a0435d37be3a8b06e71afafe1f56962a9c3fd167b7b5136efdc25cd8d
GET /images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
last-modified: Thu, 24 Jun 2021 07:47:06 GMT
etag: "48a96-5c57e3ac51ad4"
accept-ranges: bytes
content-length: 297622
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:12 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
cluster2.images.traveltainment.eu/images/content/va_logos/small/DER.gif
185.64.96.3200 OK 559 B URL HTTP/1.1 cluster2.images.traveltainment.eu/images/content/va_logos/small/DER.gif
IP 185.64.96.3:0
ASN #8469 CANCOM Managed Services GmbH
File type GIF image data, version 89a, 75 x 21\012- data
Hash 62139173ab45d3cc09065e353fa0fa28
a8330272bf0d6f0eb08f1ddb67c3fd5279efb5c6
54aeab4c762baa12f147ba66d3b95bc724c742306bbf3cfc46b0a0f3fef360cb
GET /images/content/va_logos/small/DER.gif HTTP/1.1
Host: cluster2.images.traveltainment.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/gif
Content-Length: 559
Last-Modified: Tue, 08 Nov 2016 08:07:39 GMT
Connection: keep-alive
ETag: "582187cb-22f"
Expires: Wed, 09 Nov 2022 21:14:12 GMT
Cache-Control: max-age=3600
X-TT-Cluster: op-image-p107-X_content-https
Vary: Accept-Encoding
Accept-Ranges: bytes
kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
104.18.22.52200 OK 17 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
IP 104.18.22.52:0
Hash b1db1fb4495db915cb3d4a32d57d0f6d
04913285921e0af43da0cb8fde5cda6712f4aab7
39d9010a1cf07b302146e6b578fa757f1a392e8ca8a52328dde57f97e5a3d6cb
GET /releases/latest/css/pro-v4-font-face.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: text/css
x-amz-id-2: k3KaRweKXIxA0xKCYeCf5UV9P24XY0pZMfPFsB2YWPmVWFC5XJ7aLVDJGJuyc2Jb0mizxtGvkIM=
x-amz-request-id: 0261H8W942Y6P30A
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"1cb05a2f9541200e1fa0a2cd0abc7663"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1092
expires: Wed, 09 Nov 2022 20:44:12 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7679369d1836b500-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.robertz.de/images/BilderPool/Reisethemen/Str%C3%A4nde/maldives-1993704_1920.jpg
5.175.22.217200 OK 330 kB URL HTTP/2 www.robertz.de/images/BilderPool/Reisethemen/Str%C3%A4nde/maldives-1993704_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1078, components 3\012- data
Size 330 kB (329740 bytes)
Hash 40c94a0731f3cb48ce3c6bf8098cc6a2
4fd930156f53715838c95db4d38190dfab988506
fb175ae061cd06909b170af0d84d96d48e1398eb44c2ea0ecca04483fe4f6bde
GET /images/BilderPool/Reisethemen/Str%C3%A4nde/maldives-1993704_1920.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 15:14:59 GMT
etag: "5080c-5c50bc97ad6d7"
accept-ranges: bytes
content-length: 329740
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:12 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-solid-900-5.10.2.woff2
104.18.22.52200 OK 13 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-solid-900-5.10.2.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 13268, version 331.-31196\012- data
Hash 4a18bee89aa2256ef1c2cc9380552229
ff12ccbac7df0ff36d29ce91b42c43d5fd662cf6
46fa33cc9340603e767415c1829c08b91f3a3680b9800047dbc1bda91b8eb0ac
GET /releases/latest/webfonts/pro-fa-solid-900-5.10.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 13268
x-amz-id-2: 0i989zuJ1+G9wWuvfHXThqxSx9lhOO8ToiA20sRVIfRXNb8IctbeKcG3rsvKq57CSLIMVcl0iNI=
x-amz-request-id: 2J0FHSP7WYHTZP7E
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:46 GMT
etag: "4a18bee89aa2256ef1c2cc9380552229"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369e099fb500-OSL
X-Firefox-Spdy: h2
cluster2.images.traveltainment.eu/images/content/va_logos/small/SLR.gif
185.64.96.3200 OK 1.3 kB URL HTTP/1.1 cluster2.images.traveltainment.eu/images/content/va_logos/small/SLR.gif
IP 185.64.96.3:0
ASN #8469 CANCOM Managed Services GmbH
File type GIF image data, version 89a, 75 x 21\012- data
Hash 5bf01da040a6ccea325bafa8627517cb
f5754f85aed0ff9263280140d2f999b0bcd179a9
8a5ccbfa4aca57b800c440e34c3e47f86cb57d21c4b4b141cb28ca23198139c5
GET /images/content/va_logos/small/SLR.gif HTTP/1.1
Host: cluster2.images.traveltainment.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/gif
Content-Length: 1309
Last-Modified: Mon, 09 Nov 2020 08:56:20 GMT
Connection: keep-alive
ETag: "5fa90434-51d"
Expires: Wed, 09 Nov 2022 21:14:12 GMT
Cache-Control: max-age=3600
X-TT-Cluster: op-image-p107-X_content-https
Vary: Accept-Encoding
Accept-Ranges: bytes
cdn.smartberatung.com/portal/413/banner.jpg?ts=20221109_152915&ts=20221109_152915
13.107.213.53200 OK 52 kB URL HTTP/2 cdn.smartberatung.com/portal/413/banner.jpg?ts=20221109_152915&ts=20221109_152915
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2015:01:06 12:22:03], progressive, precision 8, 940x142, components 3\012- data
Hash 732c7d37d72287f0d9d903ddbd54b29b
0ae238aef4a97082121206221f49cb00022bef95
514ca5b12bc18676a4a0f55b14ead30237576aaae143abbf9635fdd493588dc5
GET /portal/413/banner.jpg?ts=20221109_152915&ts=20221109_152915 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 52335
content-type: application/octet-stream
content-md5: cyx9N9cih/DZ2QPdvVSymw==
last-modified: Wed, 10 Jun 2020 09:10:14 GMT
accept-ranges: bytes
etag: "0x8D80D1E16707F06"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_REMOTE_HIT
x-ms-request-id: 01193c87-e01e-0056-7f51-f4b8be000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0FApsYwAAAAAiWqd+PJUiRL9EMn4Um0D4QU1TMDRFREdFMTkyMgBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
x-azure-ref: 0FApsYwAAAAB7L6HeaLEkT5+JcFFuiu9wU1ZHMjBFREdFMDYxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2
cluster2.images.traveltainment.eu/images/content/va_logos/small/ITS.gif
185.64.96.3200 OK 1.2 kB URL HTTP/1.1 cluster2.images.traveltainment.eu/images/content/va_logos/small/ITS.gif
IP 185.64.96.3:0
ASN #8469 CANCOM Managed Services GmbH
File type GIF image data, version 89a, 75 x 21\012- data
Hash 01014293d914570ffdaf6661eb4d72c0
75e634072e2b975042f4905420ef79f4d7bbfe34
7b3294a378e92bae8a939f1a0019b1e7d93f93752f9c46e0081b48890a865da8
GET /images/content/va_logos/small/ITS.gif HTTP/1.1
Host: cluster2.images.traveltainment.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/gif
Content-Length: 1215
Last-Modified: Thu, 05 Mar 2015 15:36:12 GMT
Connection: keep-alive
ETag: "54f877ec-4bf"
Expires: Wed, 09 Nov 2022 21:14:12 GMT
Cache-Control: max-age=3600
X-TT-Cluster: op-image-p107-X_content-https
Vary: Accept-Encoding
Accept-Ranges: bytes
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.0.0.woff2
104.18.22.52200 OK 38 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.0.0.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 37796, version 331.-31196\012- data
Hash 6cdf281bc8af0068561fe6aa361a6a0b
4b11f830ee1b852b8aa46ea7e4cfe709a327bf58
49fd3e0c64f247cf56cb828bc37b88cf139df6e5c7bb4c3a4507f740e9a52c17
GET /releases/latest/webfonts/pro-fa-brands-400-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 37796
x-amz-id-2: 0/2vQNkyBbI66HSoRHrQiNMBCw2G895BW8u2S4VRcvK0w4qomnEO5Bx+tZWVIfxnOaW0EmIKTcc=
x-amz-request-id: 2J02KSX9K9E4VZPY
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:35 GMT
etag: "6cdf281bc8af0068561fe6aa361a6a0b"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369de97bb500-OSL
X-Firefox-Spdy: h2
cdn.smartberatung.com/fonts/paxbooking.ttf?gi1j3r
13.107.213.53200 OK 4.7 kB URL HTTP/2 cdn.smartberatung.com/fonts/paxbooking.ttf?gi1j3r
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, paxbooking \012- data
Hash d597dd375e765299c4abc4c352440575
e16fc220bdbf2a32890ad447d1c9f3e3ec7ef0e2
6a00306b4e545f95146167837a17960b45ef9c155d8548856841dabb9e776b68
GET /fonts/paxbooking.ttf?gi1j3r HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 4676
content-type: application/octet-stream
content-md5: 1ZfdN152UpnEq8TDUkQFdQ==
last-modified: Tue, 27 Apr 2021 07:22:53 GMT
accept-ranges: bytes
etag: "0x8D9094D45A20D0E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 6f874cf9-601e-008b-211e-f4eb10000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0z4NrYwAAAADfY/ikbRy0Qp13nsvRjRRoQU1TMDRFREdFMTgxNwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0FApsYwAAAAAkEEK0ed3XTIhOi55nC2fqU1ZHMjBFREdFMDYxNwBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2
104.18.22.52200 OK 16 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 15748, version 331.-31196\012- data
Hash 1894bebba876a67d0cb7cd7351ab6ae4
0c2e2d2e73311bbd4c429e33e4e4c4036207b4b1
ec540bd82697b5fb43f1584f25446b7d58a0cf0a51e1544b0b278a2aaa5f1e77
GET /releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.robertz.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: font/woff2
content-length: 15748
x-amz-id-2: hlxL4heNj94DMlnetmXAQJvW5gZ3sbPP1EgeJ2LlgXMpe/4vZliJ/N9/lkY0UX04MuxgNSnwOQ0=
x-amz-request-id: 2J07RMB3QHV1Q3ZC
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "1894bebba876a67d0cb7cd7351ab6ae4"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Wed, 09 Nov 2022 20:44:12 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7679369df98fb500-OSL
X-Firefox-Spdy: h2
cdn.smartberatung.com/agents/2130/small.png?ts=20220711_125448
13.107.213.53200 OK 28 kB URL HTTP/2 cdn.smartberatung.com/agents/2130/small.png?ts=20220711_125448
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash 236c9eb1432d90742dc1f3557b0d5e04
cde728b9155d23eeb8ba9403a99036b7b8fccac2
384acc67a52da858e39f0ecc28387706131ea3c3f88843cc801c3465d0f8ee18
GET /agents/2130/small.png?ts=20220711_125448 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 27872
content-type: application/octet-stream
content-md5: I2yesUMtkHQtwfNVew1eBA==
last-modified: Wed, 10 Jun 2020 10:13:08 GMT
accept-ranges: bytes
etag: "0x8D80D26DFB3DAF8"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_MISS
x-ms-request-id: c55ed636-101e-000c-2977-f4be3f000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0FApsYwAAAAAa52FFsUkaRIJf/HmZy4cEQU1TMDRFREdFMTgyMgBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
x-azure-ref: 0FApsYwAAAACUma00wxk0QIE5qVXmWq+hU1ZHMjBFREdFMDYxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Wed, 09 Nov 2022 20:14:11 GMT
X-Firefox-Spdy: h2
www.chamaeleon-reisen.de/html/img/CHA-Logo-PaxConnect.png
213.187.84.169200 OK 4.7 kB URL HTTP/2 www.chamaeleon-reisen.de/html/img/CHA-Logo-PaxConnect.png
IP 213.187.84.169:0
ASN #16097 HL komm Telekommunikations GmbH
File type PNG image data, 150 x 65, 8-bit colormap, non-interlaced\012- data
Hash 90c449a6b1b3b210e728299fc4fa898d
e67388591422d72d07c7c16bed70b83eb0bc2fa0
aa7d5c69af3ae47bb7d4d8a1a769c3135e34dc3abb376a5facccc2585a2078a9
GET /html/img/CHA-Logo-PaxConnect.png HTTP/1.1
Host: www.chamaeleon-reisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 06 May 2021 14:01:34 GMT
etag: "1269-5c1a9bfbea7e2"
accept-ranges: bytes
content-length: 4713
cache-control: max-age=2592000
expires: Fri, 09 Dec 2022 20:14:12 GMT
content-type: image/png
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2
media.xmlteam.de/files/nicko-cruises/ms-rhein-symphonie/schiff/343.jpeg
162.55.39.184200 OK 93 kB URL HTTP/2 media.xmlteam.de/files/nicko-cruises/ms-rhein-symphonie/schiff/343.jpeg
IP 162.55.39.184:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x695, components 3\012- data
Hash f391ed9cd201e00ae4fdabc506d0d76d
209b286b16d87f71b3ca6f9762bbc45a54d448a2
4c98e0160c339c888444e66117c063e88fe09ea3c0afe7d87976f973488a2c02
GET /files/nicko-cruises/ms-rhein-symphonie/schiff/343.jpeg HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jul 2020 16:09:56 GMT
etag: "1698f-5a9dc38e53d00"
accept-ranges: bytes
content-length: 92559
content-type: image/jpeg
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2
media.xmlteam.de/files/nicko-cruises/world-voyager/schiff/wvo-aerial-02.jpeg
162.55.39.184200 OK 128 kB URL HTTP/2 media.xmlteam.de/files/nicko-cruises/world-voyager/schiff/wvo-aerial-02.jpeg
IP 162.55.39.184:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1000x666, components 3\012- data
Size 128 kB (127479 bytes)
Hash 1218ed777bdbe16a587f62dbc7c49823
5ccac638dbe0c04597a07eeaa58922df14aa20d0
91d09a2ee3f49b939e1e31815fbc0fa215cfd6582b5ce8a474f0433b6665ad3d
GET /files/nicko-cruises/world-voyager/schiff/wvo-aerial-02.jpeg HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 06 Feb 2020 16:41:22 GMT
etag: "1f1f7-59deaf16e5080"
accept-ranges: bytes
content-length: 127479
content-type: image/jpeg
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdcae9f1e28523ada6af4630d92d036b
9c02f771a6b3747913b9c225c34766e8fdd1f18e
9aa93c12987356f84e58459e9f7cd62b016e660c95d3dac3da384b77462c474f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AA93C12987356F84E58459E9F7CD62B016E660C95D3DAC3DA384B77462C474F"
Last-Modified: Tue, 08 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18122
Expires: Thu, 10 Nov 2022 01:16:14 GMT
Date: Wed, 09 Nov 2022 20:14:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdcae9f1e28523ada6af4630d92d036b
9c02f771a6b3747913b9c225c34766e8fdd1f18e
9aa93c12987356f84e58459e9f7cd62b016e660c95d3dac3da384b77462c474f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AA93C12987356F84E58459E9F7CD62B016E660C95D3DAC3DA384B77462C474F"
Last-Modified: Tue, 08 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2468
Expires: Wed, 09 Nov 2022 20:55:20 GMT
Date: Wed, 09 Nov 2022 20:14:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdcae9f1e28523ada6af4630d92d036b
9c02f771a6b3747913b9c225c34766e8fdd1f18e
9aa93c12987356f84e58459e9f7cd62b016e660c95d3dac3da384b77462c474f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AA93C12987356F84E58459E9F7CD62B016E660C95D3DAC3DA384B77462C474F"
Last-Modified: Tue, 08 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18144
Expires: Thu, 10 Nov 2022 01:16:36 GMT
Date: Wed, 09 Nov 2022 20:14:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fdcae9f1e28523ada6af4630d92d036b
9c02f771a6b3747913b9c225c34766e8fdd1f18e
9aa93c12987356f84e58459e9f7cd62b016e660c95d3dac3da384b77462c474f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AA93C12987356F84E58459E9F7CD62B016E660C95D3DAC3DA384B77462C474F"
Last-Modified: Tue, 08 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2490
Expires: Wed, 09 Nov 2022 20:55:42 GMT
Date: Wed, 09 Nov 2022 20:14:12 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k
IP 142.250.74.35:0
Hash bd0b29457a55942c4ecc9a0e6d3b3fc4
be16e7a02e8a68495ae7718128f6fe4f9df8b74d
527706e8b967b9138d0bd581b2ac18fa8d489e38649975788c8dbe7f51e93d39
POST /s/gts1d4/tKUY0ZCyl9k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.38,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,BJz7qNsdj-7@15.7.12,abGHajF1@6.0.1,S1pcEj_jZX@21.9.4,8eIqa_sKr@8.1.0
34.120.28.121200 OK 6.5 kB URL HTTP/2 aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.38,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,BJz7qNsdj-7@15.7.12,abGHajF1@6.0.1,S1pcEj_jZX@21.9.4,8eIqa_sKr@8.1.0
IP 34.120.28.121:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (39783), with no line terminators
Hash f5f7964627cd7af66502a21818f03e82
91843850489914f06b5d904671e64acfb4ceb3fc
a0e2fbcd90c29808729771e57ff54b16fafd9551e789dd6206ebe2e1de578740
GET /aggregate/de?templates=H1Vl5NidjWX@40.17.38,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,BJz7qNsdj-7@15.7.12,abGHajF1@6.0.1,S1pcEj_jZX@21.9.4,8eIqa_sKr@8.1.0 HTTP/1.1
Host: aggregator.service.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.robertz.de/
Origin: https://www.robertz.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding, accept-encoding
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: public,max-age=604800
etag: "7rizwt"
content-encoding: br
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4
IP 142.250.74.35:0
Hash 08238d88a1bba92f037bf9c4302f8d53
09dd0327c84aa7f3adea231e57eaecc69bf90d5f
f9ab5ea9914090c5de33f1fe2c2807c0de98aebe19676f2ae754bdafa50e5093
POST /s/gts1d4/kHRXVe39NZ4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.chamaeleon-reisen.de/data/pic/img20/Reisen/Afrika/NASOS/Namibia-Sossusvlei_011_Penduka.jpg
213.187.84.169200 OK 116 kB URL HTTP/2 www.chamaeleon-reisen.de/data/pic/img20/Reisen/Afrika/NASOS/Namibia-Sossusvlei_011_Penduka.jpg
IP 213.187.84.169:0
ASN #16097 HL komm Telekommunikations GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1200x550, components 3\012- data
Size 116 kB (115655 bytes)
Hash 792cc962918e2e831eb9c2d217cfcc7e
08dda31b1e7823e27d37d77bed8a1d8c4e73683c
0e43e3a7316b371e581c5d72b9965b7d688a62d92d8849c5f586429e1e5fde39
GET /data/pic/img20/Reisen/Afrika/NASOS/Namibia-Sossusvlei_011_Penduka.jpg HTTP/1.1
Host: www.chamaeleon-reisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Feb 2021 07:44:40 GMT
etag: "1c3c7-5baf6935cd630"
accept-ranges: bytes
content-length: 115655
cache-control: max-age=2592000
expires: Fri, 09 Dec 2022 20:14:12 GMT
content-type: image/jpeg
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2
i27.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=3959&iid=92644500
136.243.0.17200 OK 88 kB URL HTTP/1.1 i27.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=3959&iid=92644500
IP 136.243.0.17:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 800x533, components 3\012- data
Hash 85d13cc57064998fe741a16789aa5e3c
c3322b95c4354dbd1eda60c455ae329b6c789715
759afb999c0d3f2f1a399c824b6a2872f76ddf9afed8548e2c770b12e1b07220
GET /s.php?uid=180322&source=xml&size=800&cid=3959&iid=92644500 HTTP/1.1
Host: i27.giatamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com
i30.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22841&iid=58094427
78.46.86.14200 OK 157 kB URL HTTP/1.1 i30.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22841&iid=58094427
IP 78.46.86.14:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x532, components 3\012- data
Size 157 kB (157168 bytes)
Hash be568b0cfd6c9642d602146d5f97e5b0
c2d0485c89e2c9e776fd2dc82b21896fec467dfa
27171f033435d054a27cf3d1a863422929d26c400d0c9c545fd6b7ca939354be
GET /s.php?uid=180322&source=xml&size=800&cid=22841&iid=58094427 HTTP/1.1
Host: i30.giatamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com
i26.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22821&iid=84496230
148.251.18.66200 OK 160 kB URL HTTP/1.1 i26.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22821&iid=84496230
IP 148.251.18.66:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Size 160 kB (159792 bytes)
Hash 6facd1ec17a75ea3c84af1e0c7eb6752
929c7e60c89bab48f56997abacc311fabb4d720c
0616010caaf2d9ee1ae244840e39159a7a0a8cb0b4379fbfe6efb3c2d2dc3e2a
GET /s.php?uid=180322&source=xml&size=800&cid=22821&iid=84496230 HTTP/1.1
Host: i26.giatamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 20:14:12 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com
www.robertz.de/images/Robertz/B%C3%BCro/IMG_20210402_111030.jpg
5.175.22.217200 OK 115 kB URL HTTP/2 www.robertz.de/images/Robertz/B%C3%BCro/IMG_20210402_111030.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x313, components 3\012- data
Size 115 kB (115236 bytes)
Hash 6840d9274a1fafa987ac399d0e2d9c08
ed941f56452b01b8bde2b1f1913c4e99df8625f8
14a78bc2d4e676aefc5b0a9536315a1fac795440406dce264d0dd23f835203da
GET /images/Robertz/B%C3%BCro/IMG_20210402_111030.jpg HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
last-modified: Fri, 18 Jun 2021 14:27:31 GMT
etag: "61e82-5c50b1fbffd85"
accept-ranges: bytes
content-length: 401026
cache-control: max-age=86400
expires: Thu, 10 Nov 2022 20:14:12 GMT
x-cache: MISS from www.robertz.de
content-type: image/jpeg
X-Firefox-Spdy: h2
graphql.usercentrics.eu/graphql
34.120.238.166204 No Content 0 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP 34.120.238.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Referer: https://www.robertz.de/
Origin: https://www.robertz.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 09 Nov 2022 20:14:12 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.chamaeleon-reisen.de/data/pic/img20/Reisen/Europa/ESALH/Spanien-Alhambra-001-Ausblick-Granada_1920x600.jpg
213.187.84.169200 OK 402 kB URL HTTP/2 www.chamaeleon-reisen.de/data/pic/img20/Reisen/Europa/ESALH/Spanien-Alhambra-001-Ausblick-Granada_1920x600.jpg
IP 213.187.84.169:0
ASN #16097 HL komm Telekommunikations GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, manufacturer=SONY, model=SLT-A77V, orientation=upper-left, xresolution=162, yresolution=170, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 10.1 (Macintosh), datetime=2021:01:18 17:01:07], progressive, precision 8, 1920x600, components 3\012- data
Size 402 kB (402174 bytes)
Hash f96269b6199000176f6f62b55bfeafb1
ef748265c54e840cef7ed622bfc6caba3730baad
a2ce51c9807bfb6c7ca0276d1811e9b81690be985d91e95254d0269ff22b8d6e
GET /data/pic/img20/Reisen/Europa/ESALH/Spanien-Alhambra-001-Ausblick-Granada_1920x600.jpg HTTP/1.1
Host: www.chamaeleon-reisen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 Jan 2021 16:39:58 GMT
etag: "622fe-5b92f5f69bc39"
accept-ranges: bytes
content-length: 402174
cache-control: max-age=2592000
expires: Fri, 09 Dec 2022 20:14:12 GMT
content-type: image/jpeg
date: Wed, 09 Nov 2022 20:14:12 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ca89efbf8d86b2a950bc183f57cda2c1
918b64f7acf947ec124d93ddba7afb33ef5d126c
283460a97ae8803c112acad0d0a147f6e907096b83368c5689a53d631a5e2650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "283460A97AE8803C112ACAD0D0A147F6E907096B83368C5689A53D631A5E2650"
Last-Modified: Wed, 09 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12256
Expires: Wed, 09 Nov 2022 23:38:29 GMT
Date: Wed, 09 Nov 2022 20:14:13 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4
IP 142.250.74.35:0
Hash 08238d88a1bba92f037bf9c4302f8d53
09dd0327c84aa7f3adea231e57eaecc69bf90d5f
f9ab5ea9914090c5de33f1fe2c2807c0de98aebe19676f2ae754bdafa50e5093
POST /s/gts1d4/kHRXVe39NZ4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 20:14:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uc.e-recht24.de/erecht24_logo_white.png
159.69.24.179200 2.9 kB URL HTTP/1.1 uc.e-recht24.de/erecht24_logo_white.png
IP 159.69.24.179:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 98 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ce60860fb4697564e38580a4709ec5c
9806460f6b62a69a9652f8d17afaef69c3e8c287
933400df86c19613e2f9e127e098a0a8eb9e3d9870c8bbcbb8f234629cee5b74
GET /erecht24_logo_white.png HTTP/1.1
Host: uc.e-recht24.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 09 Nov 2022 20:14:13 GMT
Content-Type: image/png
Content-Length: 2889
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Fri, 29 Jul 2022 06:46:14 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Fri, 10 Nov 2023 20:14:13 GMT
X-Frame-Options: DENY
Pragma: no-cache, public
Cache-Control: max-age=31622400, public
pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
20.50.2.10204 No Content 0 B URL HTTP/1.1 pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
IP 20.50.2.10:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /ContentServer/negotiate HTTP/1.1
Host: pax-smartberatung-signalr.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 09 Nov 2022 20:14:13 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.meinereiseangebote.de
Vary: Origin
Request-Context: appId=cid-v1:331e6aed-06ec-49ad-ad4b-0e18e6e4cfd1
X-Powered-By: ASP.NET
pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
20.50.2.10200 OK 571 B URL HTTP/1.1 pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
IP 20.50.2.10:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (476), with no line terminators
Hash c6938e6504351ca3449191c59563fdeb
166f659f9d1e1840121dad79dffa4c6513f20c37
fc8497dab5e3869a2c94997d94821bb340e6276a8edce1e2ed86e79201b2d3b6
POST /ContentServer/negotiate HTTP/1.1
Host: pax-smartberatung-signalr.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Date: Wed, 09 Nov 2022 20:14:13 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.meinereiseangebote.de
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Origin,Accept-Encoding
Request-Context: appId=cid-v1:331e6aed-06ec-49ad-ad4b-0e18e6e4cfd1
X-Powered-By: ASP.NET
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 96feb907f9f61842cffc22fab038a605
4e75c544a494d251d776695ff9c150f73e011962
bc2aa6e7988e7c46a8a9f2ea7f68c45a566d331bc6fdd510ab4c31d2dfb16024
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Mon, 14 Nov 2022 15:50:11 GMT
Last-Modified: Tue, 08 Nov 2022 21:09:34 GMT
ETag: "bc2aa6e7988e7c46a8a9f2ea7f68c45a566d331bc6fdd510ab4c31d2dfb16024"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 108ED20E66414A7BA96793A1B66885BB Ref B: OSL30EDGE0217 Ref C: 2022-11-09T20:14:14Z
Date: Wed, 09 Nov 2022 20:14:14 GMT
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 4df95717fded641b4594898f47d8f3cf
7a1a4c224f773d746235fffb6043f9d54171aa2b
4de89ad3356e6156b3868644b6871a444d70d53d0cc58c541b7b747b20c43f31
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Mon, 14 Nov 2022 15:50:11 GMT
Last-Modified: Tue, 08 Nov 2022 21:09:34 GMT
ETag: "4de89ad3356e6156b3868644b6871a444d70d53d0cc58c541b7b747b20c43f31"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 6040BD84D02D45F58BDD43DB9069BF09 Ref B: OSL30EDGE0118 Ref C: 2022-11-09T20:14:14Z
Date: Wed, 09 Nov 2022 20:14:14 GMT
pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D
20.86.94.141204 No Content 0 B URL HTTP/2 pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D
IP 20.86.94.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,x-requested-with
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 09 Nov 2022 20:14:14 GMT
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://www.meinereiseangebote.de
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D
20.86.94.141200 OK 282 B URL HTTP/2 pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D
IP 20.86.94.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash ecbe68c61a51a9c5a94b834def79de7b
0d388a95ce323a8ad6f6f9cd9330f29b92562086
5258608ddffa203ded510ca9bffcbd4c59f6ff1fd409f2dae085036f5421a020
POST /client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: text/plain;charset=UTF-8
Authorization: Bearer eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2Mzc0NzEwMzciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NjgwMjQ4NTQsImV4cCI6MTY2ODAyODQ1NCwiaWF0IjoxNjY4MDI0ODU0LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.yVe3mnZT5-1z-dhv2uS0LnN76XLIBqXRiNSSdSIo5GU
Content-Length: 0
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:14 GMT
content-type: application/json
content-length: 282
access-control-allow-credentials: true
access-control-allow-origin: https://www.meinereiseangebote.de
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
pax-signalr.service.signalr.net/client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D&id=SA8Zmr5gyYGBSqLOVt_zPg8f08eb371&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2Mzc0NzEwMzciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NjgwMjQ4NTQsImV4cCI6MTY2ODAyODQ1NCwiaWF0IjoxNjY4MDI0ODU0LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.yVe3mnZT5-1z-dhv2uS0LnN76XLIBqXRiNSSdSIo5GU
20.86.94.141101 Switching Protocols 0 B URL HTTP/1.1 pax-signalr.service.signalr.net/client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D&id=SA8Zmr5gyYGBSqLOVt_zPg8f08eb371&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2Mzc0NzEwMzciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NjgwMjQ4NTQsImV4cCI6MTY2ODAyODQ1NCwiaWF0IjoxNjY4MDI0ODU0LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.yVe3mnZT5-1z-dhv2uS0LnN76XLIBqXRiNSSdSIo5GU
IP 20.86.94.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=cHpKmg0eAAA%3D&id=SA8Zmr5gyYGBSqLOVt_zPg8f08eb371&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2Mzc0NzEwMzciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NjgwMjQ4NTQsImV4cCI6MTY2ODAyODQ1NCwiaWF0IjoxNjY4MDI0ODU0LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.yVe3mnZT5-1z-dhv2uS0LnN76XLIBqXRiNSSdSIo5GU HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.meinereiseangebote.de
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qj0qA7Aqql6tJwiVggVBHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 09 Nov 2022 20:14:14 GMT
Connection: upgrade
access-control-allow-credentials: true
access-control-allow-origin: https://www.meinereiseangebote.de
upgrade: websocket
vary: Origin
sec-websocket-accept: YATrvfVrKI3Pcx/EOn56q3nrIkQ=
Strict-Transport-Security: max-age=15724800; includeSubDomains
kit-pro.fontawesome.com/releases/latest/css/pro.min.css
104.18.22.52200 OK 0 B URL HTTP/2 kit-pro.fontawesome.com/releases/latest/css/pro.min.css
IP 104.18.22.52:0
GET /releases/latest/css/pro.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:12 GMT
content-type: text/css
x-amz-id-2: AMRPnx/gGPWzkxpEroVSLO8Pi8J0vSGXWBOtNi24DEDy+QaEMCfu0MKQ1eDa2E4MPiKMDx3QOVg=
x-amz-request-id: Q09J8QG0HPK0XNQC
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"486b13730aafe2a39cdaf1666679fa5b"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1092
expires: Wed, 09 Nov 2022 20:44:12 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7679369d1838b500-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.robertz.de/img/favicon-16x16.png
5.175.22.217200 OK 0 B URL HTTP/2 www.robertz.de/img/favicon-16x16.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
GET /img/favicon-16x16.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Thu, 10 Nov 2022 20:14:11 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2
www.robertz.de/
5.175.22.217200 OK 0 B IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:09 GMT
server: Apache
set-cookie: CFID=36493981; Expires=Thu, 10-Nov-2022 20:14:09 GMT; Path=/; HttpOnly
CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; Expires=Thu, 10-Nov-2022 20:14:09 GMT; Path=/; HttpOnly
cache-control: max-age=420, private, must-revalidate
expires: Thu, 10 Nov 2022 20:14:09 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2
backend.tcautor.de/www/_data/1007/files/Robertz/Team/Britta.jpg
5.175.22.217200 OK 0 B URL HTTP/2 backend.tcautor.de/www/_data/1007/files/Robertz/Team/Britta.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
GET /www/_data/1007/files/Robertz/Team/Britta.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:10 GMT
server: Apache
last-modified: Tue, 06 Apr 2021 14:09:02 GMT
etag: "ca76-5bf4e5b3ec77a"
accept-ranges: bytes
content-length: 51830
content-type: image/jpeg
X-Firefox-Spdy: h2
graphql.usercentrics.eu/graphql
34.120.238.166200 OK 0 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP 34.120.238.166:0
POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.robertz.de/
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 6d44f252-49c0-41d4-a115-6e21068b4c69
Origin: https://www.robertz.de
Content-Length: 5763
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:13 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"442-KeYUYBsoIWNAuor3BHoJ39x+YCc"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.robertz.de/img/android-icon-192x192.png
5.175.22.217200 OK 0 B URL HTTP/2 www.robertz.de/img/android-icon-192x192.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
GET /img/android-icon-192x192.png HTTP/1.1
Host: www.robertz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.robertz.de/
Cookie: CFID=36493981; CFTOKEN=71ab64e5add80849-AC4605C3-9A50-DA54-5207A55015E1EB89; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 20:14:11 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Thu, 10 Nov 2022 20:14:11 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.robertz.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2