gdp.reise/
92.51.134.215301 Moved Permanently 290 B IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dd6f456bf1b59ea70b28cb6706dfcb4b
1046f5303cf31136b18fbe29382106de2518b735
35e6482f42dcf19fabef43babe1e6a94f56a879fa3ddb866ece788fc41123e7e
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: gdp.reise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 01:35:50 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 290
Connection: keep-alive
Location: https://www.gdp.reisen/
X-Powered-By: PleskLin
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4489
Expires: Mon, 23 Jan 2023 02:50:40 GMT
Date: Mon, 23 Jan 2023 01:35:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3407
Expires: Mon, 23 Jan 2023 02:32:38 GMT
Date: Mon, 23 Jan 2023 01:35:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 01:34:55 GMT
content-type: application/json
age: 56
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16423
Expires: Mon, 23 Jan 2023 06:09:34 GMT
Date: Mon, 23 Jan 2023 01:35:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X7K+ODTu3BN884m7zpdJoBJ+vNdB9G1cFxUV3Zp1IvpjWv035fFK/bb79fL4WuGz7G1o7D/LhME=
x-amz-request-id: RJ3KZB58DDF2PRJH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 00:47:30 GMT
age: 2901
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 01:35:51 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash abe2f67aea86a7a8673fecd02d5a224c
f55bb42847f424dde9a60e64b5ce3d5c9ed8c451
d1bf1de4e4f0cb14faeb8103b8d5ca4632b330c9d142f73264101fdf44832467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1BF1DE4E4F0CB14FAEB8103B8D5CA4632B330C9D142F73264101FDF44832467"
Last-Modified: Sat, 21 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Mon, 23 Jan 2023 07:34:52 GMT
Date: Mon, 23 Jan 2023 01:35:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 00:48:58 GMT
age: 2813
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css
104.17.25.14200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (22251)
Hash 4dbf1735a5370350943bce0dbad5843d
3a9d68ea18c3aa70887283c3c36b154ddd31ced8
b7cd289c437127d58b709dc9999390fe68d378d506a8a31252c74c70597e162e
GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
content-type: text/css; charset=utf-8
content-length: 2880
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-580a"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 334151
expires: Sat, 13 Jan 2024 01:35:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLluznc%2FDV8cNBJd6uJvIk9d4WXaaJ4LJDDhNai2jqorVtvsxrz3Y4wVw15hL7nTO2Xkl5M%2ByPqnLQ4HECiz%2FvPHT5hbaR6DhQvqwdIbDjl0DG2ez0UBp1D2HjI3GXLB52bPdZnf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78dccb8e9c55fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gdp.reisen/fonts/flaticon/Flaticon.woff2
5.175.22.217200 OK 37 kB URL HTTP/2 www.gdp.reisen/fonts/flaticon/Flaticon.woff2
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Hash e97e6acd6d5fae4dfb1b353ddf3dcf0f
186f523c36cdd4d80122ea6daf40106e0ce3e20d
0b56c2c2e69c2334a1881c975f0a1223b73447cd57a13f6b435b239a87de961e
Analyzer Verdict Alert fortinet Phishing
GET /fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 36736
content-type: font/woff2
X-Firefox-Spdy: h2
www.gdp.reisen/www/fonts/montserrat.css
5.175.22.217404 Not Found 196 B URL HTTP/2 www.gdp.reisen/www/fonts/montserrat.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /www/fonts/montserrat.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2441
Cache-Control: max-age=115896
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:52 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 09:47:28 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.gdp.reisen/assets/css/vendor.swiper.min.css
5.175.22.217200 OK 4.2 kB URL HTTP/2 www.gdp.reisen/assets/css/vendor.swiper.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text, with very long lines (21675), with no line terminators
Hash 21888b586f9fd75d444d25f8e118f5d7
3f92c9c4fe3cb925d4e4f78f5af3b681b3c8c9e5
4151ce7b54bb179dd95e4b52465aeb2e0396d1868207e9ba98f8490cb1b352c0
GET /assets/css/vendor.swiper.min.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Tue, 07 Jul 2020 09:54:09 GMT
etag: "54b2-5a9d6f907ba36-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 4187
content-type: text/css
X-Firefox-Spdy: h2
www.gdp.reisen/assets/css/colorpalette.min.css
5.175.22.217200 OK 1.9 kB URL HTTP/2 www.gdp.reisen/assets/css/colorpalette.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with very long lines (8960), with CRLF line terminators
Hash 475de567aa0032280982829dcfc11116
4eceb810b11b830494dc13abff7eb578c42c2f0c
e405a2f80f2edb9470ad0a5184108ea934d9e512a8ed7894e60d9d2388ce219b
GET /assets/css/colorpalette.min.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Wed, 08 Jul 2020 05:55:56 GMT
etag: "3e89-5a9e7c2ecfd8b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 1898
content-type: text/css
X-Firefox-Spdy: h2
www.gdp.reisen/assets/css/color_scheme/customcolor.css
5.175.22.217200 OK 3.1 kB URL HTTP/2 www.gdp.reisen/assets/css/color_scheme/customcolor.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with very long lines (582), with CRLF line terminators
Hash 60d56c255a871ae01312cdbdf6ec1e27
8d986fa1d7258c73f1d6d2a043fc0bea80b88ca7
598057d50bdcc975d1742a5b6e8cc49575cb5394cead95b3a4d34aa94ffa97a5
GET /assets/css/color_scheme/customcolor.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Sun, 12 Jul 2020 12:43:45 GMT
etag: "4498-5aa3decc0656d-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 3095
content-type: text/css
X-Firefox-Spdy: h2
www.gdp.reisen/assets/css/custom.css
5.175.22.217200 OK 3.0 kB URL HTTP/2 www.gdp.reisen/assets/css/custom.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with CRLF, LF line terminators
Hash 3f3dcde275d75ccd807e2e5e2f616812
e530d19c468592f6d6b2e217ca8b4b62aa6e5688
476ee261ef6f668eadf94cfffb6d64d227d6ccc1ee23659ab6f29835c61d94ac
GET /assets/css/custom.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Wed, 29 Jul 2020 14:42:41 GMT
etag: "3fbb-5ab959162640a-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 2987
content-type: text/css
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js
104.17.25.14200 OK 6.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (27931)
Hash beafb90e7e7cb9afd1931dd1ce3d8a6b
ecb8187bf858a727949be0fffbadd1d018e0c169
eabdef01e87e471436dfac8d11edcd16c85d433aa854cdd695165399980ca818
GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gdp.reisen
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 6422
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-6e3e"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 20522064
expires: Sat, 13 Jan 2024 01:35:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tH1j%2BKXFF0bsfoRbihtW4qKRMjXTAqgH%2Bjo8lV3HMRNFUXD2ZnOIxRn%2BLntFGWrv8WwWyS4YoK0KCO9mthhxh5CzGAnrFq78PvqcDC3o01J6lVrWug%2Fi7VHoUab6o4ARyYH4nFhJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78dccb8eefb31c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gdp.reisen/assets/css/vendor_bundle.min.css
5.175.22.217200 OK 3.8 kB URL HTTP/2 www.gdp.reisen/assets/css/vendor_bundle.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (39344)
Hash f95b5a6991b49a2d93a49c25b0507269
7ddba3d5c0fec9763dc37659af52ddc9a5fdb9ca
5c88a4b0439697d533ea190a067005a323d0a9e481b871985ebf30f8b854ed58
GET /assets/css/vendor_bundle.min.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:43 GMT
etag: "99c6-5a67923a7b3c0-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 3836
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9f9788e381983082a10350bba3234afb
dc16e103c5174374433d4432b8d6171a3960dbbc
961980c0a8fa08aca4b97e793686994e2d85e5272cebeb48229611a88ecabc83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/jEa5WN7607o
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jEa5WN7607o
IP 142.250.74.131:0
Hash 4bc6be2a7a0dcc65307c774071d34bed
015bd50c56d48ceac13549bff7fbc23103ff52c8
8bec4f3726ae0128576bbc1cef7ac22c47ed3ec259c2db8269350b330a13d8e7
POST /s/gts1d4/jEa5WN7607o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/jEa5WN7607o
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jEa5WN7607o
IP 142.250.74.131:0
Hash 4bc6be2a7a0dcc65307c774071d34bed
015bd50c56d48ceac13549bff7fbc23103ff52c8
8bec4f3726ae0128576bbc1cef7ac22c47ed3ec259c2db8269350b330a13d8e7
POST /s/gts1d4/jEa5WN7607o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.132200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 4fcc8cffc198bb1436d5e909506b0b2a
a6269c7bf1d3614a78b9ba99cfec2b29e0b6ab7e
33b2950d981dcb3af46004be957506985ea0c185b5436fc6435efcdea7699d89
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 23 Jan 2023 01:35:52 GMT
date: Mon, 23 Jan 2023 01:35:52 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
35.190.14.188200 OK 30 kB URL HTTP/2 privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
IP 35.190.14.188:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4d6ca159156ec9a003a5e743f308666f
c4d5e1232cc62dcc623368a16fda836feafec6b8
0e8e44a8dc215f0ae40cdd28e63510d59d5a99b051f901062814534c054d4d0f
GET /latest/uc-block.bundle.js HTTP/1.1
Host: privacy-proxy.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduGcIdB5MUZnzia5OPon80IeRM62qe9ALcfMEJZB1n9aXhdhWVwit3bqor6pQbVVtAZ30OgGNe0QFkXd0AimwLYnpbSf1v0
vary: Accept-Encoding
x-goog-generation: 1674127852712707
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 30121
x-goog-meta-version: 3.0.3
content-encoding: gzip
x-goog-hash: crc32c=QgNVzQ==, md5=TWyhWRVuyaADpedD8whmbw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 30121
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
server: UploadServer
date: Mon, 23 Jan 2023 00:46:01 GMT
expires: Mon, 23 Jan 2023 01:46:01 GMT
cache-control: public, max-age=3600
last-modified: Thu, 19 Jan 2023 11:30:52 GMT
etag: "4d6ca159156ec9a003a5e743f308666f"
content-type: application/javascript
age: 2991
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Logos/GEW_NRW_v01.png
5.175.22.217200 OK 4.7 kB URL HTTP/2 www.gdp.reisen/images/GdP/Logos/GEW_NRW_v01.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 254 x 198, 8-bit colormap, non-interlaced\012- data
Hash ce331eba307acc78d99bb8c837550c8c
d0ee40c6dff28c10bc0721ccfcdfcfb5012064b8
fa676afd8327c32ab6134d6343628b8e3661dfc70423bb618e58f1aa2e63fd01
GET /images/GdP/Logos/GEW_NRW_v01.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 04 Apr 2022 09:20:24 GMT
etag: "124c-5dbd0a3667290"
accept-ranges: bytes
content-length: 4684
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
app.usercentrics.eu/latest/bundle.js
35.190.14.188200 OK 230 kB URL HTTP/2 app.usercentrics.eu/latest/bundle.js
IP 35.190.14.188:0
File type Unicode text, UTF-8 text, with very long lines (65470)
Size 230 kB (230157 bytes)
Hash 66cf4a8df76a5634eb0a576bf197b3c9
316e22421f1fdc6387978f20484d4ed2d5662fa5
bafed4c1f3bfb8cf821a0d86370090534d283199f9c665e2e3bed8e29c0bd6bc
GET /latest/bundle.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsl1ICpuVV3qZH3t7KYCCs9kj5IYxHH0cBsNKKXGORTp2iSqAKjSa4KDylP_Ao1Q1SocFA8HytAKI0Ww1l-fULtCxajwnVX
x-goog-generation: 1666097577382615
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 230157
x-goog-meta-version: 2.18.1
content-encoding: gzip
x-goog-hash: crc32c=dNeQCQ==, md5=Zs9KjfdqVjTrCldr8ZezyQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 230157
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Mon, 23 Jan 2023 01:30:32 GMT
expires: Tue, 24 Jan 2023 01:30:32 GMT
cache-control: public, max-age=86400, no-transform
age: 320
last-modified: Tue, 18 Oct 2022 12:52:57 GMT
etag: "66cf4a8df76a5634eb0a576bf197b3c9"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Apps/google-play-badge.png
5.175.22.217200 OK 13 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Apps/google-play-badge.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 646 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 235818b9a5bf7810fc4cc1b20c81338a
45ae2af8287200f57ccded1fbc912876d4e582a3
f3db90e9aba4971877831a6e6904915e031423cb728a2b67cc3019b893e3fe9a
GET /images/BilderPool/Apps/google-play-badge.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 27 Jun 2022 15:44:05 GMT
etag: "3333-5e26fca3647f6"
accept-ranges: bytes
content-length: 13107
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Logos/Signal-iduna.png
5.175.22.217200 OK 5.3 kB URL HTTP/2 www.gdp.reisen/images/GdP/Logos/Signal-iduna.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 320 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash c774de9a641e4b7e78779107fd5caf06
3927ac5cb5811d8465d90c16259576d72be44221
8fc719f7eebb81793f78c38a6bd3d93e1c41e0f4be88eefdc741b7e942b2f616
GET /images/GdP/Logos/Signal-iduna.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Wed, 13 Jul 2022 09:15:24 GMT
etag: "14a5-5e3ac39ab1b15"
accept-ranges: bytes
content-length: 5285
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Apps/App_Store_Badge_DE_wht_092917.png
5.175.22.217200 OK 9.1 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Apps/App_Store_Badge_DE_wht_092917.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash dbdfbd1591c519a46bbc08a719af0de1
7fb96e4c45469d412e9676935d9b23cc2e718fae
06a953240c823a22fd7a254a53f9d5317c0883455d7da346e847dc26bc2339c2
GET /images/BilderPool/Apps/App_Store_Badge_DE_wht_092917.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 27 Jun 2022 15:44:05 GMT
etag: "23b6-5e26fca3647f6"
accept-ranges: bytes
content-length: 9142
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b5e6622d7b9e1070d708709b241b5c71
de545f7912726a21880336935dfcbad58d8e3ca7
5bbb3671e6a434a0dd706d0e3a7a3bd4d097a2fca8a918a9b62989bac218bb11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5BBB3671E6A434A0DD706D0E3A7A3BD4D097A2FCA8A918A9B62989BAC218BB11"
Last-Modified: Sat, 21 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 23 Jan 2023 07:35:52 GMT
Date: Mon, 23 Jan 2023 01:35:52 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/jEa5WN7607o
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jEa5WN7607o
IP 142.250.74.131:0
Hash 4bc6be2a7a0dcc65307c774071d34bed
015bd50c56d48ceac13549bff7fbc23103ff52c8
8bec4f3726ae0128576bbc1cef7ac22c47ed3ec259c2db8269350b330a13d8e7
POST /s/gts1d4/jEa5WN7607o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gdp.reisen/www/gdp.reisen/img/logo_WEB.png
5.175.22.217200 OK 10 kB URL HTTP/2 www.gdp.reisen/www/gdp.reisen/img/logo_WEB.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 1000 x 150, 8-bit colormap, non-interlaced\012- data
Hash 702571f78cc153444926ed6c38180cfc
03fff1abb61414e7d9f454667bc8691388ab8813
8b1436316d04aba8bed6450776a4ec3f956f94d2b6f1675a58c1e0ba311b155b
GET /www/gdp.reisen/img/logo_WEB.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Fri, 07 Jan 2022 10:12:14 GMT
accept-ranges: bytes
content-length: 10399
cache-control: max-age=2592000, public
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 63f9cd3f8de6f73327256b8252c9dbde
403d8be7a8ac1a8a0d55ad0fb162b6099ee853ec
884a6496abc2e700dbafcc189801db56e0298b04209a7ed8a5a16c4e643830d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "884A6496ABC2E700DBAFCC189801DB56E0298B04209A7ED8A5A16C4E643830D6"
Last-Modified: Sun, 22 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Mon, 23 Jan 2023 07:35:25 GMT
Date: Mon, 23 Jan 2023 01:35:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3a1f7d24c5b234222c137d8c13b34a32
dc6884793b658be3640afdc2b474823fb9119320
30d1fa86ce01187b387be873a616b995f329bbb38b4dd7463d3ca1f2f4c67439
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "30D1FA86CE01187B387BE873A616B995F329BBB38B4DD7463D3CA1F2F4C67439"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21588
Expires: Mon, 23 Jan 2023 07:35:40 GMT
Date: Mon, 23 Jan 2023 01:35:52 GMT
Connection: keep-alive
push.services.mozilla.com/
52.34.149.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.149.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dKFoJ1v3EVGyWizkTnbHog==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iUk3rhu5ktJLje2DO2bIw2lNN5U=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bb5fac1f289cb91381d3d1a07094b179
df6f8fe7a21efb35290d24f2b8b0fe809cae8d33
34472778a647b2db33e669d8582b510d94d9e0d355d77c73d643b7495b0f6997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 63f9cd3f8de6f73327256b8252c9dbde
403d8be7a8ac1a8a0d55ad0fb162b6099ee853ec
884a6496abc2e700dbafcc189801db56e0298b04209a7ed8a5a16c4e643830d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "884A6496ABC2E700DBAFCC189801DB56E0298B04209A7ED8A5A16C4E643830D6"
Last-Modified: Sun, 22 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 23 Jan 2023 07:35:52 GMT
Date: Mon, 23 Jan 2023 01:35:52 GMT
Connection: keep-alive
www.paxconnect.de/js/meinereiseangebote_iframe_v1.1.0.js
83.169.3.220200 OK 653 B URL HTTP/1.1 www.paxconnect.de/js/meinereiseangebote_iframe_v1.1.0.js
IP 83.169.3.220:0
ASN #8972 Host Europe GmbH
Hash f5bf508542930203b6d507c968670502
b2a0ed3ceeb796f0aa21b6efe84bf6d6a710c0f8
6c3a3bb55c78ea17e0b9e1b9e821e509b94d2dc67e20b32515e1f3b9b423211c
GET /js/meinereiseangebote_iframe_v1.1.0.js HTTP/1.1
Host: www.paxconnect.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 01:35:52 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 May 2022 09:37:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"628df8db-72b"
X-FRAME-OPTIONS: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' paxconnect.de *.paxconnect.de *.smartberatung.com *.meinereiseangebote.de youtube.com *.youtube.com
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
X-Powered-By: PleskLin
Content-Encoding: br
www.gdp.reisen/assets/js/core.min.js
5.175.22.217200 OK 64 kB URL HTTP/2 www.gdp.reisen/assets/js/core.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65512)
Hash 21485a5c91a6e030255faa364281aa40
69e8f4ae330ece58c4c9dc6fa319187d907bc2bd
af79c3c862f29c5011444e6c6a4259961c61f414202b97559225b92339095f84
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/core.min.js HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Thu, 09 Jul 2020 18:02:01 GMT
etag: "4432f-5aa0605764a50-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 64543
content-type: application/javascript
X-Firefox-Spdy: h2
www.gdp.reisen/assets/css/core.min.css
5.175.22.217200 OK 41 kB URL HTTP/2 www.gdp.reisen/assets/css/core.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (65516)
Hash 06249bcfa64e75d0dd5d3e77f960cdd9
078839991c838dd732613ae7a8b4d1201aca8017
99fae1a53fa84932d6a5c938f27b7e776b99c7b27e3709a51f28d84ca65b9306
GET /assets/css/core.min.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:44 GMT
etag: "50315-5a67923b6f600-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 41057
content-type: text/css
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg
5.175.22.217200 OK 54 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash a62681ce6032d22369be9e6edcd304b4
9cc14704c06f89d69474ab17d94ac43ef8f11888
6c425443ec0cbf396b7b07fdcea74c95702cef69f15f7305c3eeebf115afe762
GET /www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "d4e5-5ca8ae5390525"
accept-ranges: bytes
content-length: 54501
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/assets/js/jquery-3.4.1_plusUI.min.js
5.175.22.217200 OK 85 kB URL HTTP/2 www.gdp.reisen/assets/js/jquery-3.4.1_plusUI.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash d12f6a571f27f8f789cf30b5b17bfeea
6b61e7dbdb4fe26ca656015704e4e0270f2e3c05
1f278360aad59de34a97aeebd39d19149d60ccacb878ee9ebc3cbb398bd75437
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery-3.4.1_plusUI.min.js HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Sat, 04 Jul 2020 16:32:09 GMT
etag: "53745-5a9a02ed31440-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 85178
content-type: application/javascript
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d70e5f10b0487595ff0582ca51393b06
9a13f459d61d868ac0e2669c3c1f4cbb2c9c4f63
747484a86bc875af4201d1408f7aec46ff0f96302e41995c620742044897b380
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "747484A86BC875AF4201D1408F7AEC46FF0F96302E41995C620742044897B380"
Last-Modified: Sat, 21 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 23 Jan 2023 07:35:52 GMT
Date: Mon, 23 Jan 2023 01:35:52 GMT
Connection: keep-alive
backend.tcautor.de/www/_data/1008/files/BilderPool/Siegel/DER_Touristik_Partner_4C.png
5.175.22.217200 OK 5.0 kB URL HTTP/2 backend.tcautor.de/www/_data/1008/files/BilderPool/Siegel/DER_Touristik_Partner_4C.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 253 x 284, 8-bit colormap, non-interlaced\012- data
Hash 6cfa5757073c810990a30df5a3a5c142
f3929708377b03ea028621abfd7cc33e2cfdf3c0
42508c7e75bbaaf132edb306339680c86694005e71e2ea2c1c8cb0736949c5b8
GET /www/_data/1008/files/BilderPool/Siegel/DER_Touristik_Partner_4C.png HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Thu, 03 Mar 2022 07:25:15 GMT
etag: "1391-5d94b4ca70b47"
accept-ranges: bytes
content-length: 5009
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Team/Hesse.jpg
5.175.22.217200 OK 27 kB URL HTTP/2 www.gdp.reisen/images/GdP/Team/Hesse.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash 741d21c12cc7a7b46e1dfa4c4853a9c3
898204c4d85919b1dcb4fe3c7a0190d48a103392
685d520df55383ee642e512e62292cc4360c2d23bff0e290670f48516eb1fd21
GET /images/GdP/Team/Hesse.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Thu, 24 Mar 2022 17:25:22 GMT
etag: "6b23-5dafa218308a0"
accept-ranges: bytes
content-length: 27427
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Logos/bundeswehrverband_v01.png
5.175.22.217200 OK 31 kB URL HTTP/2 www.gdp.reisen/images/GdP/Logos/bundeswehrverband_v01.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 649bb6a67a51eb61a86ce1e46b1b2bd9
aaad88fc546326ff79d5a120f7c8800ea940b216
8e11d803995660d39afbd2f06745c9631e731e973853947ae19d21dc3e933de9
GET /images/GdP/Logos/bundeswehrverband_v01.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 04 Apr 2022 09:20:24 GMT
etag: "7863-5dbd0a365f978"
accept-ranges: bytes
content-length: 30819
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Logos/GdP_v01.png
5.175.22.217200 OK 31 kB URL HTTP/2 www.gdp.reisen/images/GdP/Logos/GdP_v01.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 280 x 280, 8-bit colormap, non-interlaced\012- data
Hash a04176d65dce9e8195fee491b56aa388
78437b264b94a6e095f06a7287ad5832bf9bb767
1a2c50bf47f031a6d37770257f8275be3632c885f0e1c1cc180b0ddc778c655f
GET /images/GdP/Logos/GdP_v01.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 04 Apr 2022 09:20:24 GMT
etag: "79ef-5dbd0a3667290"
accept-ranges: bytes
content-length: 31215
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Team/Humberg.jpg
5.175.22.217200 OK 41 kB URL HTTP/2 www.gdp.reisen/images/GdP/Team/Humberg.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash a28b0ee95e9d4f82f3c2d7ff8d2def0e
08ac2472ca0f9fe8d152022d2f82fd770447f9c5
5b742806f3dbb3b2b28250b2f44f410a9acd5df52e27b340af006e7b867bac9d
GET /images/GdP/Team/Humberg.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Thu, 24 Mar 2022 17:25:22 GMT
etag: "9f85-5dafa218381b8"
accept-ranges: bytes
content-length: 40837
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/www/fonts/montserrat.css
5.175.22.217404 Not Found 196 B URL HTTP/2 www.gdp.reisen/www/fonts/montserrat.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /www/fonts/montserrat.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Team/Hamann.jpg
5.175.22.217200 OK 39 kB URL HTTP/2 www.gdp.reisen/images/GdP/Team/Hamann.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash cae8752ea30b514bdc915abfda1009ca
d74173c7f299044de55d588a5db9cca4580a5998
d4cd5493b078c05bf3473ccc74c04b75992e07282585aafea8624e26beaf2c6c
GET /images/GdP/Team/Hamann.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Thu, 24 Mar 2022 17:25:22 GMT
etag: "9818-5dafa21828ba0"
accept-ranges: bytes
content-length: 38936
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Team/Schachler.jpg
5.175.22.217200 OK 50 kB URL HTTP/2 www.gdp.reisen/images/GdP/Team/Schachler.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash 4647a907a00b8b370958a1c5b9e8e596
42dbd011f06cef98c8c5ff019511a09e8aa1fbc1
13fdc8e82a2d705eccfd783b4d615aca7a27de99da0cb83265982c2ae57bdb9c
GET /images/GdP/Team/Schachler.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Thu, 24 Mar 2022 17:25:22 GMT
etag: "c25d-5dafa2183fad0"
accept-ranges: bytes
content-length: 49757
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Thementeaser/summer-3571092_1920.jpg
5.175.22.217200 OK 57 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Thementeaser/summer-3571092_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash ea8e354ec38f641f0c31dd5986e272bc
e08fe4bc4c51a91bb5b91f1825307254ede6e8dd
25dc8af8cd8236c721853d1fc67d2314f41ed19f467ffd5bb6279a9b2e8f2653
GET /images/BilderPool/Thementeaser/summer-3571092_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Tue, 19 Oct 2021 14:18:23 GMT
etag: "dd68-5ceb555905a14"
accept-ranges: bytes
content-length: 56680
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/zoll_reise_passport-3127934_1920.jpg
5.175.22.217200 OK 57 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/zoll_reise_passport-3127934_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 600x300, components 3\012- data
Hash d588a2d2f1b2bc526deb785966b59e79
f71a3d3cbb55fb1a0e1b9c436adf566bba5e96d4
978941952311e019f83e410641bee96b74dfa6ec80fdf65463493e526b9e1512
GET /images/BilderPool/zoll_reise_passport-3127934_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 27 Jun 2022 16:02:32 GMT
etag: "ddf8-5e2700c382955"
accept-ranges: bytes
content-length: 56824
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/auswaertiges_amt_passport-3127934_1920.jpg
5.175.22.217200 OK 87 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/auswaertiges_amt_passport-3127934_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 600x300, components 3\012- data
Hash 223454d684cc91e73ff53c423449273b
9dc213694402c850a220c20bac41ed77addfad19
5c78da96df1dc34d3d0a4e773dcad3943ed9a941845997a641ee77202917c466
GET /images/BilderPool/auswaertiges_amt_passport-3127934_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 27 Jun 2022 16:02:32 GMT
etag: "15461-5e2700c395a89"
accept-ranges: bytes
content-length: 87137
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Thementeaser/cruise-3991937_1920.jpg
5.175.22.217200 OK 103 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Thementeaser/cruise-3991937_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 103 kB (103225 bytes)
Hash 16c8eb759f00e9acd23e1fcab1c4c7cc
3bf5667d76b4f0c69a51ba4e0191ba04145a2732
306b20114671d7e0d693c20cf76cef96dcaa4351bc53cee88aa9a91c3d2f46ec
GET /images/BilderPool/Thementeaser/cruise-3991937_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "19339-5cac1e06541ab"
accept-ranges: bytes
content-length: 103225
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9685011d19bcc62609caecd0cfb50b23
8d387bece22139ca690191deeda1a10016a0d44d
f2eb6c9f4544e8451313683b6f5f10b7b22de8b04b5d547cca23b2f434019213
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5436
Cache-Control: max-age=99826
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:53 GMT
Etag: "63ccb22f-1d7"
Expires: Tue, 24 Jan 2023 05:19:39 GMT
Last-Modified: Sun, 22 Jan 2023 03:49:03 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 471
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg
5.175.22.217200 OK 79 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash 192a66bef59226d6ab6b3a5097bb2d4d
5d4ef05d8529e310115d7ee15724985469343319
f014df907df2ab80a94cd71c2267a0896ec6c7831308e92a3c726c8592a81eb1
GET /www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1335f-5cac1e06418a1"
accept-ranges: bytes
content-length: 78687
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Reisethemen/Kreuzfahrt/two-2413470_1920.jpg
5.175.22.217200 OK 338 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Reisethemen/Kreuzfahrt/two-2413470_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1440, components 3\012- data
Size 338 kB (338400 bytes)
Hash 90bf8f98930e3869ad8938842b24d550
1f682dd5dbfb9ea7c5a8608a5bd4d859c891cc4c
0dd99222cb68f835d5757dd9b66e97fc4ea19905dab5bf6b747d8b5785617407
GET /images/BilderPool/Reisethemen/Kreuzfahrt/two-2413470_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Thu, 24 Jun 2021 07:48:28 GMT
etag: "529e0-5c57e3fafff00"
accept-ranges: bytes
content-length: 338400
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/assets/fonts/flaticon/Flaticon.woff2
5.175.22.217200 OK 37 kB URL HTTP/2 www.gdp.reisen/assets/fonts/flaticon/Flaticon.woff2
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Hash ae2dd4b29a7c28b5cc6e9364c7a69983
602976fc50a9aa00adc99bc2d93888db7a81d2fc
0ebd2de93302226f320140f8051d5cff7c3752be9700d0d598e498bbe0dde638
Analyzer Verdict Alert fortinet Phishing
GET /assets/fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.gdp.reisen/assets/css/core.min.css
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:53 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800"
accept-ranges: bytes
content-length: 36732
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:53 GMT
vary: Accept-Encoding
x-cache: MISS from www.gdp.reisen
content-type: font/woff2
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Wandern_adventure-1850912_1920.jpg
5.175.22.217200 OK 90 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Wandern_adventure-1850912_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash ac44101d561116730371c1343172071d
afdff97118095955176579f7794b71138c19309a
109ad27c67d19b6f67e163da947235fa0694b36a094de075dc25c966264bce13
GET /www/_data/1009/files/BilderPool/Thementeaser/Wandern_adventure-1850912_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "15f64-5ca8ae539421c"
accept-ranges: bytes
content-length: 89956
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg
5.175.22.217200 OK 114 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 114 kB (114078 bytes)
Hash 7d47e7c0e4644bdb9f6390233fa64b5d
309923c63deee1d97fb8dd2e70a902ee6faf7ac7
653e3553dd08d47e5a964311149365a582a90dfde032adaa54097e17882843f7
GET /www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1bd9e-5cac1e0664f6e"
accept-ranges: bytes
content-length: 114078
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg
5.175.22.217200 OK 124 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 124 kB (123987 bytes)
Hash 4d620151c765ed8bdd1ddd6193f9e244
475c4f9ce545458df2a3c53b3f9767508d2b325d
3629b868912b11d754f948b8f297b7ba056e82256ee83c85fc41e401ea0dc1a6
GET /www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1e453-5cac1e06691e6"
accept-ranges: bytes
content-length: 123987
content-type: image/jpeg
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/3qFsio-GaQM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/3qFsio-GaQM
IP 142.250.74.131:0
Hash f3291ab64b99e6b00d6ea6ba1ccd3382
97f3b8c0c70d8da33e9d416003e0a50347cb3efe
a48295db55aa5399f38f9f7d1ee80f3d97a04cd3cf31c3e9d185b5b4d4816045
POST /s/gts1d4/3qFsio-GaQM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
80.87.174.128200 OK 63 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text
Hash 2520d130cb6d3166fbc11ba9fea20b96
8573c0c87b1a32bbede2f770cb3a3214c18c0ebc
35ccedf378b2234414b398f646ef03ce33436b6894966760855afcc797570277
GET /search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-UA-Compatible: ie=edge
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
privacy-proxy-server.usercentrics.eu/googleMaps?center=51.232,6.859&size=1000x500&zoom=12
34.149.163.237200 OK 224 kB URL HTTP/2 privacy-proxy-server.usercentrics.eu/googleMaps?center=51.232,6.859&size=1000x500&zoom=12
IP 34.149.163.237:0
File type PNG image data, 1280 x 1000, 8-bit colormap, non-interlaced\012- data
Size 224 kB (223461 bytes)
Hash f2509416c890fa59c35f391eafd61796
a1adf6739c04fb3846c38b8268f80ad31a222f70
55c4cd5ba4040c484cc3540f7c948fe30985488c33ea27b754281a4f7e7b3b4f
GET /googleMaps?center=51.232,6.859&size=1000x500&zoom=12 HTTP/1.1
Host: privacy-proxy-server.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cloud-trace-context: 567cdf0022da0eea7950d9b18fa5005d
server: Google Frontend
content-length: 223461
via: 1.1 google
date: Sun, 22 Jan 2023 15:23:52 GMT
expires: Mon, 23 Jan 2023 15:23:52 GMT
cache-control: public, max-age=2592000
content-type: image/png
age: 36721
X-Firefox-Spdy: h2
www.gdp.reisen/assets/js/scripts.min.js?_=1674437751554
5.175.22.217200 OK 3.2 kB URL HTTP/2 www.gdp.reisen/assets/js/scripts.min.js?_=1674437751554
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (5449), with CRLF line terminators
Hash 1d16ebc0b3c66d6a10a2f844da041250
0bfc5df3e06ecc3af5ea0e5e4ec0c277d887c58f
7ddfb4f8b171063568c5f9d506d3777cfc061d6eff3deff43fcb5af2b6e38f11
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/scripts.min.js?_=1674437751554 HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:53 GMT
server: Apache
last-modified: Sun, 05 Jul 2020 10:17:52 GMT
etag: "2541-5a9af1222b05b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:53 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 3166
content-type: application/javascript
X-Firefox-Spdy: h2
www.gdp.reisen/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1674437751555
5.175.22.217200 OK 2.8 kB URL HTTP/2 www.gdp.reisen/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1674437751555
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text
Hash ff02a0dc373adfb3ebe39af4c7eef961
dac0bdc76620735d11975d970215c5d70207334c
7cdb80f8f5dea5cabf2936d0241e5d8a4b07f1cddaa5123a0c83b764c8f2c798
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1674437751555 HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:53 GMT
server: Apache
last-modified: Sat, 18 Jul 2020 18:48:04 GMT
etag: "2936-5aabbb6b6819b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:53 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 2824
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/3qFsio-GaQM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/3qFsio-GaQM
IP 142.250.74.131:0
Hash f3291ab64b99e6b00d6ea6ba1ccd3382
97f3b8c0c70d8da33e9d416003e0a50347cb3efe
a48295db55aa5399f38f9f7d1ee80f3d97a04cd3cf31c3e9d185b5b4d4816045
POST /s/gts1d4/3qFsio-GaQM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
basic-light-ibe.traveltainment.de/ibeclient/dist/css/package.min.css?v=36131a89beeb
80.87.174.128200 OK 1.1 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibeclient/dist/css/package.min.css?v=36131a89beeb
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type Unicode text, UTF-8 text, with very long lines (1075), with no line terminators
Hash ad786596a9f61e81adcabbdb9c2c7f53
538049ce424ac71fe56f80629f345c7ebc73dafa
7b3d9d24a858d95708ea3f33e3fa958998d4692fa3fd3c2a30430bd18e3d2418
GET /ibeclient/dist/css/package.min.css?v=36131a89beeb HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:53 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 1077
Connection: keep-alive
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Jan 2023 09:24:47 GMT
Accept-Ranges: bytes
basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/css/package.min.css?v=36131a89beeb
80.87.174.128200 OK 11 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/css/package.min.css?v=36131a89beeb
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type ASCII text, with very long lines (27527)
Hash 9bb21ee200cb5240e1613033dd900fd2
7863aea688f742c1e20435e61ec0db36ca8cece3
fedc08478fa2ffc5288728f7b13ce4d8c57482a7c432f11007b9f5d71fdf94f5
GET /ibecustomer/whitelabel/dist/css/package.min.css?v=36131a89beeb HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:53 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2022 10:59:35 GMT
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
basic-light-ibe.traveltainment.de/lang/de-DE?v=36131a89beeb
80.87.174.128200 OK 45 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/lang/de-DE?v=36131a89beeb
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type Unicode text, UTF-8 text, with very long lines (64888)
Hash 15d640f6d792b888ed85f283841b1817
68930bdebdc677a453cc345f6563d258d66f31db
9fbad6c68e31fe56ec18ac23372da1904119488bf02c5fb26acd4acf04714389
GET /lang/de-DE?v=36131a89beeb HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:53 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Cache-Control: public, max-age=604800
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (636)
Size 164 kB (163892 bytes)
Hash f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gdp.reisen
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:41:18 GMT
expires: Wed, 17 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
age: 467675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/css/package.min.css?v=36131a89beeb
80.87.174.128200 OK 0 B URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/css/package.min.css?v=36131a89beeb
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibecustomer/customers/basic-light/dist/css/package.min.css?v=36131a89beeb HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:53 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2022 10:59:17 GMT
Accept-Ranges: bytes
basic-light-ibe.traveltainment.de/config?v=36131a89beeb&lang=de-DE&ibe=package¤cy=EUR&sc=DE
80.87.174.128200 OK 16 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/config?v=36131a89beeb&lang=de-DE&ibe=package¤cy=EUR&sc=DE
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type Unicode text, UTF-8 text, with very long lines (34135)
Hash a639d5aec60bf0c460d80e1b16c5bf18
076852ba97b1b4b9c318d968552828d01f74df79
00e758c0d7a9f9fadf5595e1012823f30dca86e7c49cc3516156040e6b711f50
GET /config?v=36131a89beeb&lang=de-DE&ibe=package¤cy=EUR&sc=DE HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:53 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Content-Encoding: gzip
basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/js/package.min.js?v=36131a89beeb
80.87.174.128200 OK 40 B URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/js/package.min.js?v=36131a89beeb
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
Hash 491aed06dbee03ddf8135636df8180ca
92a8873b5953f0153efa5768039b608d063c2595
567ea8eeb189a630a0863732f86a0884f7f4fb0a139427540c372d01bf831997
GET /ibecustomer/customers/basic-light/dist/js/package.min.js?v=36131a89beeb HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:53 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 40
Connection: keep-alive
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2022 10:59:35 GMT
Accept-Ranges: bytes
www.gdp.reisen/assets/js/vendor.swiper.min.js
5.175.22.217200 OK 32 kB URL HTTP/2 www.gdp.reisen/assets/js/vendor.swiper.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash ed605729945876db2c8be9bb08804fe7
afc15092fc62fe09bbca09167410dac0f69f4b2e
a635d2fe17bba098e4d878bb51bd01c7e04655d1ace2b4164b65c9b209b14f2a
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/vendor.swiper.min.js HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:53 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:50 GMT
etag: "22538-5a67924128380-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:53 GMT
vary: Accept-Encoding
content-encoding: br
content-length: 31466
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6607
Expires: Mon, 23 Jan 2023 03:26:01 GMT
Date: Mon, 23 Jan 2023 01:35:54 GMT
Connection: keep-alive
www.gdp.reisen/img/favicon-16x16.png
5.175.22.217200 OK 8.0 kB URL HTTP/2 www.gdp.reisen/img/favicon-16x16.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26898), with no line terminators
Hash f1fbff37b5bac64e49d86a8b142a7432
20b733ba3fa5738efcb5ccaddcec7db9f3b96296
7bc1f3ae8982a5cdc2c174a54ac59e456f07615d193077cf952ebc408ac0d014
GET /img/favicon-16x16.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:53 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Tue, 24 Jan 2023 01:35:53 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6607
Expires: Mon, 23 Jan 2023 03:26:01 GMT
Date: Mon, 23 Jan 2023 01:35:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6607
Expires: Mon, 23 Jan 2023 03:26:01 GMT
Date: Mon, 23 Jan 2023 01:35:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a0bad57-b7ca-4aa8-85b4-3ac127cb7346.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a0bad57-b7ca-4aa8-85b4-3ac127cb7346.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eac67b57277f6a61589ef5f6a4daccbb
654c00ad053213758c5946123f49cb157f751570
9271b578346c4e1c2192c5d64222af2874fc86e25e886c76a5d70e34d308f694
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a0bad57-b7ca-4aa8-85b4-3ac127cb7346.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7244
x-amzn-requestid: a9dfb0b3-2f43-49c0-8341-d242de8f6fe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbl8HHyIAMFS3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a625-06ec97e4419248a777ed9e77;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:07:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uosIDE2c24c8qkJbUBjBliFv_Vweey99QzcN80MmHK-jS29voofwLA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 05:26:38 GMT
age: 72556
etag: "654c00ad053213758c5946123f49cb157f751570"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: ff47dd24-004f-4cc7-acfb-283b2e751f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqxwEyWoAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb580b-1e95f74b0846080f75a757f6;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OsitP8LhrabAIbfq-ZTMmpJfnfvttYGad42iE3obktcRneUqbBHlpw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 03:59:27 GMT
age: 77787
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 257cf33430d0e588ce0df41deb9c49d2
c988799bc70b567422821f64bb95ecab4b117e3a
290eec9c2d3874a3951c161174d7fcc297f79d4f547bb9aa741ee85306cd7a90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10481
x-amzn-requestid: a9d3763c-d10b-4918-a54d-67215346ba1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFHEVFxUoAMFaCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb854e-1d7dec1810076c6c27f5a44f;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:25:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XABOTraN3uT05OLykQNO_cG8YdMyJsc0We-vLtr8XKVRe3cHuFtmBA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 16:16:58 GMT
age: 33536
etag: "c988799bc70b567422821f64bb95ecab4b117e3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ecf206cacc8cdeeba5f730d98e0570b7
fe131d1a8686593034547d3a465903912abb4cc7
d85a51760a2d0a3587d5e3a876aaf689d7a2efedb3e98a408bd8b88711dc7690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6579
x-amzn-requestid: 41de2a77-b735-4ee7-9dba-743be856ec5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFLFwGQ4oAMFu8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb8bbe-3419ffe67988decf6da025ed;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: T0_2xjAEStWvc5m-PJM4w3pr9pQuPprYOnx5LlS66Pt3d5WmA31tHQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 22:02:39 GMT
etag: "fe131d1a8686593034547d3a465903912abb4cc7"
content-type: image/jpeg
age: 12795
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e42f475b1e14cb9d0939ef39db8e1f91
dda57d67c7b5f32123d3c9956dec8f805138b3bf
ace1e5843457dc5493432ea113059e67827e6c95d6998a7465dea1eb0e723a1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11818
x-amzn-requestid: e80dab53-5137-4776-a105-b1933e9bda6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqu6GhZIAMFWSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f8-696c3a7f103b96a23ed4abec;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5bEvPaVPmareEYTNHUoTIEtCn0EKpBBafR11mjrvwPFVS_DLFKgm3w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 05:42:33 GMT
age: 71601
etag: "dda57d67c7b5f32123d3c9956dec8f805138b3bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd306d72a-970f-418b-a611-d3fd05043123.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd306d72a-970f-418b-a611-d3fd05043123.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 008bdbc8d07694aa05dd561e14e5c8e7
2c4727cd94e60fb6c4f8f09361a479f723e86fc2
f92c2af227f065fdae6976dd2dd23545a3211d79037bbf184b46cb976a2758de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd306d72a-970f-418b-a611-d3fd05043123.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9297
x-amzn-requestid: bd94feb6-b9fe-4893-aa09-d5841a111e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9KRKE85oAMFldA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8573a-08f0f4717d20f7311a32ba52;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 20:31:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EnG1aHTi5HUYUOI6SIm6Rl_-rP1OxoM7iIqyMgg8Lh1-amNhbNGUHA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:21 GMT
age: 13713
etag: "2c4727cd94e60fb6c4f8f09361a479f723e86fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
app.usercentrics.eu/latest/main.js
35.190.14.188200 OK 7.8 kB URL HTTP/2 app.usercentrics.eu/latest/main.js
IP 35.190.14.188:0
File type ASCII text, with very long lines (25232)
Hash e9448356bda96e25ac34fd6ed11b738a
5b18cc1021b78ae09c40348b248842aa3a0bca28
c62ab9c774fa99b2dd8c81c76c492d6eea48c2355dd16529250e2974bd1fa261
GET /latest/main.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdttq1_Y2NKtfMHIksroqZhGVybDONxXjapMltO4jSg2QbEQSYs12A_ca10sW5xuwPwnEI_hBmtMiAjTyRCpB388jA
x-goog-generation: 1666097577450067
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7809
x-goog-meta-version: 2.18.1
content-encoding: gzip
x-goog-hash: crc32c=VY37eA==, md5=6USDVr2pbiWsNP1u0Rtzig==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7809
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Mon, 23 Jan 2023 00:57:21 GMT
expires: Tue, 24 Jan 2023 00:57:21 GMT
cache-control: public, max-age=86400, no-transform
age: 2313
last-modified: Tue, 18 Oct 2022 12:52:57 GMT
etag: "e9448356bda96e25ac34fd6ed11b738a"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8ffcf85106eb83249a86318cba6086de
c979cbe6aa25ab6e16b7323877da6b3643afe475
d993dc492572792b5020f7cec566c968dde9c74b2b9687303bc7ffc56189de97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5771
Cache-Control: max-age=130030
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:54 GMT
Etag: "63cd26dd-1d7"
Expires: Tue, 24 Jan 2023 13:43:04 GMT
Last-Modified: Sun, 22 Jan 2023 12:06:53 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
basic-light-ibe.traveltainment.de/ibeclient/dist/js/package.min.js?v=36131a89beeb
80.87.174.128200 OK 627 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibeclient/dist/js/package.min.js?v=36131a89beeb
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 627 kB (627374 bytes)
Hash 197fe5356994d7f0c9dd2d25ce12be08
1f4ceef4b24ce26a59dece5a99c2ed0982ee14f7
42643a1a3214e1fa2f564dda46009bb52f0314ad595eab3337e62710b5014dc6
GET /ibeclient/dist/js/package.min.js?v=36131a89beeb HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:53 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Jan 2023 09:23:51 GMT
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 98f6495d777124206062545d54c4788f
c1f0f146135b94bc1adaa3cc581bdae53c3f10fc
d663765ce02587f5bac19f97ab3882ad85b718800338a1822b0472d75fbee954
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D663765CE02587F5BAC19F97AB3882AD85B718800338A1822B0472D75FBEE954"
Last-Modified: Sun, 22 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 23 Jan 2023 07:35:54 GMT
Date: Mon, 23 Jan 2023 01:35:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8ffcf85106eb83249a86318cba6086de
c979cbe6aa25ab6e16b7323877da6b3643afe475
d993dc492572792b5020f7cec566c968dde9c74b2b9687303bc7ffc56189de97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5771
Cache-Control: max-age=130030
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:54 GMT
Etag: "63cd26dd-1d7"
Expires: Tue, 24 Jan 2023 13:43:04 GMT
Last-Modified: Sun, 22 Jan 2023 12:06:53 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8ffcf85106eb83249a86318cba6086de
c979cbe6aa25ab6e16b7323877da6b3643afe475
d993dc492572792b5020f7cec566c968dde9c74b2b9687303bc7ffc56189de97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5999
Cache-Control: max-age=130258
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:54 GMT
Etag: "63cd26dd-1d7"
Expires: Tue, 24 Jan 2023 13:46:52 GMT
Last-Modified: Sun, 22 Jan 2023 12:06:53 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
kit-pro.fontawesome.com/releases/latest/css/pro.min.css
104.18.22.52200 OK 54 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/css/pro.min.css
IP 104.18.22.52:0
File type ASCII text, with very long lines (65397)
Hash 92fb99bc967cb8a1f8fb8da6cc70f569
78d70d340b593fefea102a3593010ecd8e1b3820
f5cf268dfec0a26ededda83f912444ea79da55cf9cbeba567ad7271edca478bd
GET /releases/latest/css/pro.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:54 GMT
content-type: text/css
x-amz-id-2: AMRPnx/gGPWzkxpEroVSLO8Pi8J0vSGXWBOtNi24DEDy+QaEMCfu0MKQ1eDa2E4MPiKMDx3QOVg=
x-amz-request-id: Q09J8QG0HPK0XNQC
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"486b13730aafe2a39cdaf1666679fa5b"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 89
expires: Mon, 23 Jan 2023 02:05:54 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dccb9bbbd3b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css
104.18.22.52200 OK 4.5 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css
IP 104.18.22.52:0
Hash e0318f468d32abfca022308d82e06030
d472df0825672d3df95f760a01cddaff42411917
7ee6f59c74d1c1e0ed12c2874f293e4d63f62771dfd93355ef214781641002ec
GET /releases/latest/css/pro-v4-shims.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:54 GMT
content-type: text/css
x-amz-id-2: iT8ZupnOxWpWMAKwfkDwtp9P1xcr8oXnn2QOTNUaLIoyQ5jAD2cANg1mJrCWG1nyuIiPehlhVh0=
x-amz-request-id: V9KX785VYZEKCMK4
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"715826d7cea0f100c00238e5e5dc92b4"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1133
expires: Mon, 23 Jan 2023 02:05:54 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dccb9bcbdab524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
104.18.22.52200 OK 10 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
IP 104.18.22.52:0
File type Unicode text, UTF-8 text, with very long lines (51344)
Hash 0507c38e125e26711113f5588a6869b2
7ee6e6359ab8c3876f0ecd59290a31e7e47af3b5
813e75ad427e452a5935fa2a71aadc7405ddfcba5a450923bf8dabd5bfb02526
GET /releases/latest/css/pro-v4-font-face.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:54 GMT
content-type: text/css
x-amz-id-2: k3KaRweKXIxA0xKCYeCf5UV9P24XY0pZMfPFsB2YWPmVWFC5XJ7aLVDJGJuyc2Jb0mizxtGvkIM=
x-amz-request-id: 0261H8W942Y6P30A
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"1cb05a2f9541200e1fa0a2cd0abc7663"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1466
expires: Mon, 23 Jan 2023 02:05:54 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dccb9bdbdeb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
basic-light-ibe.traveltainment.de/meta/fields?v=36131a89beeb
80.87.174.128200 OK 7.7 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/meta/fields?v=36131a89beeb
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (30306), with no line terminators
Hash e36c14724e91d3744e8469329baf826d
229e9f7737e73a1dd96cff8e8425b9a49f6261f3
b011670c2d4a589d83681dd94fed0b5a2722a2f991938de682da9e4247c13a8c
GET /meta/fields?v=36131a89beeb HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
If-Modified-Since: Mon, 26 Jul 1997 06:06:06 GMT
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=604800
Content-Encoding: gzip
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP 142.250.74.131:0
Hash 717cad3197f994b15970af8cd5188a6a
8838aae22fea6cd7b5753965d1a51e30ecc50ff8
a15029046a05229337ff10be08cb9e63f2c3a9720c84c7126508e2cb7c4b4ea0
POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gdp.reisen/img/android-icon-192x192.png
5.175.22.217200 OK 76 kB URL HTTP/2 www.gdp.reisen/img/android-icon-192x192.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26898), with no line terminators
Hash d3e487de9599c209b7494a06aad9a5f4
433983587c8b525410ab3a360cd01f09b84a8c99
156ec503c39cdf9d7861606272a9a4c7126356ad188766d7f4fe3878430a1630
GET /img/android-icon-192x192.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:53 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Tue, 24 Jan 2023 01:35:53 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2
104.18.22.52200 OK 17 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 17168, version 331.-31196\012- data
Hash 8a43eb7db323b6a82d87a458c34cbe82
968367a39a575ffe38f1cfda07eea12eff885831
2bbaabc785383c5d90abc17e6703ac6a057b9644c6ebdfe9e15709c6ffac9c71
GET /releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gdp.reisen
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:55 GMT
content-type: font/woff2
content-length: 17168
x-amz-id-2: C/Bzj9cwaA/jtv2fu5R50bmdwirbi2Bxy390S7NREaBLeNxebKn9pJbcFnIC1UmGgjDOnmbHNdw=
x-amz-request-id: 6H5BWH00GVMCRSQM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "8a43eb7db323b6a82d87a458c34cbe82"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Mon, 23 Jan 2023 02:05:55 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 78dccb9e3cf5b524-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2
104.18.22.52200 OK 16 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 15748, version 331.-31196\012- data
Hash 1894bebba876a67d0cb7cd7351ab6ae4
0c2e2d2e73311bbd4c429e33e4e4c4036207b4b1
ec540bd82697b5fb43f1584f25446b7d58a0cf0a51e1544b0b278a2aaa5f1e77
GET /releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gdp.reisen
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:55 GMT
content-type: font/woff2
content-length: 15748
x-amz-id-2: 2nc3tNZ1n0PBE+gGJMnVy0nlnC5BKZQi3ZmbIf2EpfsOxO7DjZ5geS6RsjyXn/CtnuW6rsc/vew=
x-amz-request-id: 6H5C5WT3R42F6TBV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "1894bebba876a67d0cb7cd7351ab6ae4"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Mon, 23 Jan 2023 02:05:55 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 78dccb9e3cf3b524-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2
104.18.22.52200 OK 25 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 24800, version 331.-31196\012- data
Hash 4abe94f1746789f39110d3ebac7ebd96
bdc3b41f3cc3e5e3e87ca020eeddc2b288f0dd91
299dc8e16be2ab2214e279b5536efd387d17fd3d364f397ce9f1fed602384fea
GET /releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gdp.reisen
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:55 GMT
content-type: font/woff2
content-length: 24800
x-amz-id-2: iZOzuKPMt8bYdtZabWAdcl5lPa4zKw11Upp9LJ2iXrlMTdtNz3QrQX8JXK49owRqH5cDMgAAUqA=
x-amz-request-id: 6H5595BJQ0WZWE91
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:40 GMT
etag: "4abe94f1746789f39110d3ebac7ebd96"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Mon, 23 Jan 2023 02:05:55 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 78dccb9e3cf7b524-OSL
X-Firefox-Spdy: h2
basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/fonts/font-awesome-4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
80.87.174.128200 OK 57 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/fonts/font-awesome-4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /ibecustomer/whitelabel/dist/fonts/font-awesome-4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/css/package.min.css?v=36131a89beeb
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:55 GMT
Content-Type: font/woff2
Content-Length: 56780
Connection: keep-alive
Cache-Control: public, max-age=0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
ETag: W/"689685252480"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Last-Modified: Tue, 20 Dec 2022 10:59:35 GMT
www.gdp.reisen/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg
5.175.22.217200 OK 298 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 298 kB (297622 bytes)
Hash 3b79d15ffab5a3bf79230f1267583e04
d52e852edaafb33ae8685188a9e8cdaae25a3a22
b1b7249a0435d37be3a8b06e71afafe1f56962a9c3fd167b7b5136efdc25cd8d
GET /images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:54 GMT
server: Apache
last-modified: Thu, 24 Jun 2021 07:47:06 GMT
etag: "48a96-5c57e3ac51ad4"
accept-ranges: bytes
content-length: 297622
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Destinationen/Bora-Bora/bora-bora-680114_1920.jpg
5.175.22.217200 OK 408 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Destinationen/Bora-Bora/bora-bora-680114_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1159, components 3\012- data
Size 408 kB (408035 bytes)
Hash f5d4b4dbe8a3b5e639fa70f141fe1627
489fcf4827c67cf414b536f6ef7d0bd5abd1c20c
2a2e55625bc401c202e297465b5f83afa80a0cc9e15c20d9928be4b8d12022ad
GET /images/BilderPool/Destinationen/Bora-Bora/bora-bora-680114_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:54 GMT
server: Apache
last-modified: Mon, 18 Oct 2021 11:45:32 GMT
etag: "639e3-5ce9f151a5a8c"
accept-ranges: bytes
content-length: 408035
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 272872
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
basic-light-ibe.traveltainment.de/api/gettravelagencies?v=36131a89beeb&accol=168207&adult=2&bgcol=t&ddate=2023-01-25&ibe=package&prcl=294888&rdate=2023-03-11&taid=gdpreiseservice
80.87.174.128200 OK 19 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/api/gettravelagencies?v=36131a89beeb&accol=168207&adult=2&bgcol=t&ddate=2023-01-25&ibe=package&prcl=294888&rdate=2023-03-11&taid=gdpreiseservice
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65282), with no line terminators
Hash aec52753dc403edc945c74655ac047cf
adf3730cf9aeee3a0b49ef96d4a3a36ab2d3d1dc
81478e6e719597f974625eff4cacebc05f0f3b52a7246be50a61ea11b02f5959
GET /api/gettravelagencies?v=36131a89beeb&accol=168207&adult=2&bgcol=t&ddate=2023-01-25&ibe=package&prcl=294888&rdate=2023-03-11&taid=gdpreiseservice HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
If-Modified-Since: Mon, 26 Jul 1997 06:06:06 GMT
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:55 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:40:43 GMT
expires: Fri, 19 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 291312
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Reisethemen/Relax/blue-2705642_1920.jpg
5.175.22.217200 OK 488 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Reisethemen/Relax/blue-2705642_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 488 kB (487802 bytes)
Hash 886544d893ff2ff8f7cded8eb0256d9a
8d848f51813b293f66fd3aefc51dfd3784e54e12
9675959a3e3aec30120c6ce6a74e3dc033f66b5a863de9347fab80ec90f17cec
GET /images/BilderPool/Reisethemen/Relax/blue-2705642_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:54 GMT
server: Apache
last-modified: Mon, 18 Oct 2021 11:46:24 GMT
etag: "7717a-5ce9f182cebfc"
accept-ranges: bytes
content-length: 487802
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.meinereiseangebote.de/dist/main-c7349d72ad.min.css
13.69.68.38200 OK 124 kB URL HTTP/2 www.meinereiseangebote.de/dist/main-c7349d72ad.min.css
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size 124 kB (124194 bytes)
Hash c7349d72addbece5c0ee0fef648266c3
4004f9c476c7f21da04a8013ab8870968bb7ba05
38ad2b58a70d5d9a73d463e4a9d70d36ef7b6b9d7417c5932405d0b5a6db9f0c
GET /dist/main-c7349d72ad.min.css HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: TiPMix=99.27558382811812; x-ms-routing-name=self; ARRAffinitySameSite=333acd15598c845134244b7b82a2f7de686135ef4edddaafd5b14c6d05694126
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Mon, 23 Jan 2023 01:35:55 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "63c53cac-1e522"
last-modified: Mon, 16 Jan 2023 12:01:48 GMT
content-length: 124194
X-Firefox-Spdy: h2
www.meinereiseangebote.de/images/map-pointer.svg
13.69.68.38200 OK 520 B URL HTTP/2 www.meinereiseangebote.de/images/map-pointer.svg
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash ac3b43d0d75a0c358464b8c81b168ba0
a8de09edc55ab38a335e7c883b480c0602089e8a
128a253d55271bb538fa48869e9ccb3374f64267e0f7559fa749d37fa83e8abf
GET /images/map-pointer.svg HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: TiPMix=99.27558382811812; x-ms-routing-name=self; ARRAffinitySameSite=333acd15598c845134244b7b82a2f7de686135ef4edddaafd5b14c6d05694126
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 23 Jan 2023 01:35:55 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "63c53c9c-208"
last-modified: Mon, 16 Jan 2023 12:01:32 GMT
content-length: 520
X-Firefox-Spdy: h2
www.meinereiseangebote.de/js/iframeResizer.min.js
13.69.68.38200 OK 14 kB URL HTTP/2 www.meinereiseangebote.de/js/iframeResizer.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (13786)
Hash 2aaac39b084194a22aaf2949f369daab
16afa7e4b49219f8e32b86c2f672b9c2b04ad764
7584c84b0f5a6703b5243c67c4ba5d5c3875638c33b77b8799c24a065379b81d
GET /js/iframeResizer.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: TiPMix=99.27558382811812; x-ms-routing-name=self; ARRAffinitySameSite=333acd15598c845134244b7b82a2f7de686135ef4edddaafd5b14c6d05694126
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 23 Jan 2023 01:35:55 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "1dc09d84-36fc"
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
content-length: 14076
X-Firefox-Spdy: h2
www.meinereiseangebote.de/js/jquery.validate.min.js
13.69.68.38200 OK 25 kB URL HTTP/2 www.meinereiseangebote.de/js/jquery.validate.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (24463)
Hash 5861a036c2de6c2df26749fe41d57605
514dc9a21607634859963c49bbc773fb57a356db
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
GET /js/jquery.validate.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: TiPMix=99.27558382811812; x-ms-routing-name=self; ARRAffinitySameSite=333acd15598c845134244b7b82a2f7de686135ef4edddaafd5b14c6d05694126
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 23 Jan 2023 01:35:55 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "1dc09d84-6019"
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
content-length: 24601
X-Firefox-Spdy: h2
www.meinereiseangebote.de/AZUY-2760?supressCookieConsent&output_content=iframe
13.69.68.38200 OK 102 kB URL HTTP/2 www.meinereiseangebote.de/AZUY-2760?supressCookieConsent&output_content=iframe
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 102 kB (102226 bytes)
Hash f103c78c6b216ed7a7ffb6466f3b18d2
ef81805c30ba16cec4aec85883febd6c88357694
330aea325f0f2c521a5b9aafa64f32492fa47420931b93709cdd513cbb0b512c
GET /AZUY-2760?supressCookieConsent&output_content=iframe HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Mon, 23 Jan 2023 01:35:54 GMT
server: nginx/1.22.1
cache-control: no-store, must-revalidate, no-cache
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: TiPMix=99.27558382811812; path=/; HttpOnly; Domain=www.meinereiseangebote.de; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=www.meinereiseangebote.de; Max-Age=3600; Secure; SameSite=None
PHPSESSID=d744043f6664c7e22955ae2a1996e10b; path=/; secure; HttpOnly; SameSite=Strict
ARRAffinity=333acd15598c845134244b7b82a2f7de686135ef4edddaafd5b14c6d05694126;Path=/;HttpOnly;Secure;Domain=www.meinereiseangebote.de
ARRAffinitySameSite=333acd15598c845134244b7b82a2f7de686135ef4edddaafd5b14c6d05694126;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.meinereiseangebote.de
x-powered-by: PHP/8.1.12
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
content-security-policy: default-src 'none';frame-src 'self' *.trustyou.com *.youtube.com *.google.com review.holidaycheck.com;media-src 'self' static.gebeco.de *.studiosus.com;font-src 'self' https://fonts.gstatic.com *.smartberatung.com;img-src * 'self' data:;object-src 'none';script-src 'strict-dynamic' 'nonce-XfnWsyz+ecrVfxsnCAcDZkZ3iII=' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.core.windows.net cdn.smartberatung.com;frame-ancestors *;base-uri 'self';form-action 'self';connect-src *;
X-Firefox-Spdy: h2
www.meinereiseangebote.de/js/iframeResizer.contentWindow.min.js
13.69.68.38200 OK 14 kB URL HTTP/2 www.meinereiseangebote.de/js/iframeResizer.contentWindow.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (13224)
Hash 98bed7238b6b65d0ebcb9c4d5d16647b
0cc8049db0bbe81db1454deb813c64997998376d
b2a0c4eee585201745033f70abdbde716072e7c5e4364fae64f0c107d11fb2e7
GET /js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: TiPMix=99.27558382811812; x-ms-routing-name=self; ARRAffinitySameSite=333acd15598c845134244b7b82a2f7de686135ef4edddaafd5b14c6d05694126
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 23 Jan 2023 01:35:55 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "1dc09d84-34fb"
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
content-length: 13563
X-Firefox-Spdy: h2
www.meinereiseangebote.de/dist/list.9d9c7f0e382e4e3a824c.bundle.js
13.69.68.38200 OK 112 kB URL HTTP/2 www.meinereiseangebote.de/dist/list.9d9c7f0e382e4e3a824c.bundle.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65412)
Size 112 kB (111852 bytes)
Hash 40696ae4bb37cf42b707e80c50c537fa
1639218fed989c8032a4da32af1cc505cb8b37b3
8635b550b87adcde650a876d437d26c746667020df445a0bbd9496235dc8f8d8
GET /dist/list.9d9c7f0e382e4e3a824c.bundle.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: TiPMix=99.27558382811812; x-ms-routing-name=self; ARRAffinitySameSite=333acd15598c845134244b7b82a2f7de686135ef4edddaafd5b14c6d05694126
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 23 Jan 2023 01:35:55 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "63c53cc4-1b4ec"
last-modified: Mon, 16 Jan 2023 12:02:12 GMT
content-length: 111852
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Reisethemen/Camping/camping-4609961_1920.jpg
5.175.22.217200 OK 671 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Reisethemen/Camping/camping-4609961_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1730x1920, components 3\012- data
Size 671 kB (671299 bytes)
Hash db6c770d12554baf44a0261b818e866e
1491537397956ae32f06bfdb02167eab2c2ce7fe
358de6bb14d9c1e991f38fb32322dc5eaf575316b8939825660bed16231a3f9a
GET /images/BilderPool/Reisethemen/Camping/camping-4609961_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:54 GMT
server: Apache
last-modified: Fri, 05 Nov 2021 16:10:27 GMT
etag: "a3e43-5d00ce1a90e75"
accept-ranges: bytes
content-length: 671299
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
cluster2.images.traveltainment.eu/images/content/va_logos/small/TUID.gif
185.64.96.3200 OK 2.3 kB URL HTTP/1.1 cluster2.images.traveltainment.eu/images/content/va_logos/small/TUID.gif
IP 185.64.96.3:0
ASN #8469 CANCOM Managed Services GmbH
File type GIF image data, version 89a, 75 x 21\012- data
Hash 0c7153215a517b6f58e3c0eabc10fe85
cc28e0224562061bd12a495a103a456755c4121c
97f086249c7bbb39a813106527f2cf46d59fd0250da15605ec24becd2ccc3461
GET /images/content/va_logos/small/TUID.gif HTTP/1.1
Host: cluster2.images.traveltainment.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 01:35:55 GMT
Content-Type: image/gif
Content-Length: 2337
Last-Modified: Tue, 05 Jul 2022 14:52:15 GMT
Connection: keep-alive
ETag: "62c4501f-921"
Expires: Mon, 23 Jan 2023 02:35:55 GMT
Cache-Control: max-age=3600
X-TT-Cluster: op-image-p107-X_content-https
Vary: Accept-Encoding
Accept-Ranges: bytes
cluster2.images.traveltainment.eu/images/content/va_logos/small/DER.gif
185.64.96.3200 OK 1.6 kB URL HTTP/1.1 cluster2.images.traveltainment.eu/images/content/va_logos/small/DER.gif
IP 185.64.96.3:0
ASN #8469 CANCOM Managed Services GmbH
File type GIF image data, version 89a, 75 x 21\012- data
Hash da7829d625ab3b856df0c5542bc51453
7a2cd84acac7fd3b4fcc6f77019435560befe598
bfeace013ec92b8b010013e668501d002e74e315734c26692f56a8f692a59b9b
GET /images/content/va_logos/small/DER.gif HTTP/1.1
Host: cluster2.images.traveltainment.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 01:35:55 GMT
Content-Type: image/gif
Content-Length: 1589
Last-Modified: Wed, 14 Dec 2022 07:07:09 GMT
Connection: keep-alive
ETag: "6399761d-635"
Expires: Mon, 23 Jan 2023 02:35:55 GMT
Cache-Control: max-age=3600
X-TT-Cluster: op-image-p106-X_content-https
Vary: Accept-Encoding
Accept-Ranges: bytes
cluster2.images.traveltainment.eu/images/content/va_logos/small/ALL.gif
185.64.96.3200 OK 1.9 kB URL HTTP/1.1 cluster2.images.traveltainment.eu/images/content/va_logos/small/ALL.gif
IP 185.64.96.3:0
ASN #8469 CANCOM Managed Services GmbH
File type GIF image data, version 89a, 75 x 21\012- data
Hash 08ea22c0214722a9b4bed690af4d0c52
957cdad6a88f0cabef6526f41fd10d41f5d17ae4
d9c232973295cd317cc40f6b7a30062f5c3232f218b8fdcc1ec7aaa50a5c92b1
GET /images/content/va_logos/small/ALL.gif HTTP/1.1
Host: cluster2.images.traveltainment.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 01:35:55 GMT
Content-Type: image/gif
Content-Length: 1854
Last-Modified: Thu, 13 Aug 2015 09:47:09 GMT
Connection: keep-alive
ETag: "55cc679d-73e"
Expires: Mon, 23 Jan 2023 02:35:55 GMT
Cache-Control: max-age=3600
X-TT-Cluster: op-image-p104-X_content-https
Vary: Accept-Encoding
Accept-Ranges: bytes
www.gdp.reisen/images/BilderPool/Reisethemen/Ferienwohnung/caimari-596180_1920.jpg
5.175.22.217200 OK 896 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Reisethemen/Ferienwohnung/caimari-596180_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1436, components 3\012- data
Size 896 kB (895653 bytes)
Hash 5a442903782bc49f02e705d518e66d74
1c102cf20e60fb8b2ca6ec3f8fda251ba44debc5
61809823524216e6b8c32a8b95e43f83e9219b87d4b7d17eb1e1783d1b59e850
GET /images/BilderPool/Reisethemen/Ferienwohnung/caimari-596180_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:54 GMT
server: Apache
last-modified: Fri, 05 Nov 2021 16:10:44 GMT
etag: "daaa5-5d00ce2a49b14"
accept-ranges: bytes
content-length: 895653
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 76bcd59e3b7472d1e962ddb2f363eb0e
504b2c6b9526c3fe86feef407da4689e45451175
b167b9fb3798aedda051e3eb33c789d243816bc4d2a6d6e56e6487515f2c36a1
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 23 Jan 2023 01:35:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 22 Jan 2023 21:31:47 GMT
Expires: Mon, 23 Jan 2023 21:31:47 GMT
ETag: "504b2c6b9526c3fe86feef407da4689e45451175"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9e50c2155db0e677570e16ca68da3089
5b1a469ad63d845938c797e1faa579343ba4a5ff
9443fa5bc91f852b8e8103bfede0800690e43ecb46e2fb87dffdcc2ad23adc74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146243
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:55 GMT
Etag: "63cd7cbe-1d7"
Expires: Tue, 24 Jan 2023 18:13:18 GMT
Last-Modified: Sun, 22 Jan 2023 18:13:18 GMT
Server: nginx
Content-Length: 471
media.xmlteam.de/files/tuicruises/logo/Mein_Schiff_Logo.jpg
162.55.39.184200 OK 56 kB URL HTTP/2 media.xmlteam.de/files/tuicruises/logo/Mein_Schiff_Logo.jpg
IP 162.55.39.184:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, software=Adobe Illustrator 26.4 (Macintosh), datetime=2022:08:11 12:42:50], baseline, precision 8, 400x179, components 3\012- data
Hash 042095dfc95ab1bb3ae21f478bb89a69
b903be0581d2918d024d4a22898a8e511bb4bd62
78d14ae5d00820f446da1ad5f5fb0d7195aff23917782671a0210f3a84a3afaa
GET /files/tuicruises/logo/Mein_Schiff_Logo.jpg HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 09:13:05 GMT
etag: "d909-5e968b3c12112"
accept-ranges: bytes
content-length: 55561
content-type: image/jpeg
date: Mon, 23 Jan 2023 01:35:55 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9e50c2155db0e677570e16ca68da3089
5b1a469ad63d845938c797e1faa579343ba4a5ff
9443fa5bc91f852b8e8103bfede0800690e43ecb46e2fb87dffdcc2ad23adc74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146243
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:55 GMT
Etag: "63cd7cbe-1d7"
Expires: Tue, 24 Jan 2023 18:13:18 GMT
Last-Modified: Sun, 22 Jan 2023 18:13:18 GMT
Server: nginx
Content-Length: 471
ocsp.pki.goog/s/gts1d4/GLpZsxq0ZsM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/GLpZsxq0ZsM
IP 142.250.74.131:0
Hash e2034f1b6673629283c6fc5fa5d07ef3
c3263f46ac18e66384180723ca47574f36229c89
40a21a35b86192488641f961a9d526fd83dc683177267dcd136fba2d7722a8b9
POST /s/gts1d4/GLpZsxq0ZsM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.smartberatung.com/portal/7157/banner_small.png?ts=20221109_153256&ts=20221109_153256
13.107.238.53200 OK 19 kB URL HTTP/2 cdn.smartberatung.com/portal/7157/banner_small.png?ts=20221109_153256&ts=20221109_153256
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 185 x 168, 8-bit/color RGB, non-interlaced\012- data
Hash 8f0387edcea6bf7df204f59695988f7a
33605762d0ba2eac60cc88f626eb352c3caf83de
fc8af6db74770111d77678fbde4131870f0d081a9afd82321894fc707bb41f44
GET /portal/7157/banner_small.png?ts=20221109_153256&ts=20221109_153256 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 18918
content-type: image/png
content-md5: jwOH7c6mv33yBPWWlZiPeg==
last-modified: Wed, 02 Sep 2020 09:47:31 GMT
accept-ranges: bytes
etag: "0x8D84F2536050E2C"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 3e3a8434-701e-0094-6de5-2d3000000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0ClXNYwAAAACqfQSg/tMJSL6iY4jMypC/RlJBMjMxMDUwNDE3MDUzAGQ1Mzc1ZDljLWNjNTktNDhhNy1iZmFjLTM5YzlmODBhMjI2ZA==
x-azure-ref: 0e+TNYwAAAADSfZFQCP1mSreLDalneuWaQ1BIMzBFREdFMDQyMABkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Mon, 23 Jan 2023 01:35:55 GMT
X-Firefox-Spdy: h2
aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.39,S1pcEj_jZX@21.9.5,abGHajF1@6.0.1,BJz7qNsdj-7@15.8.13
34.120.28.121200 OK 2.7 kB URL HTTP/2 aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.39,S1pcEj_jZX@21.9.5,abGHajF1@6.0.1,BJz7qNsdj-7@15.8.13
IP 34.120.28.121:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (11831), with no line terminators
Hash 9d5e81eee5bddfc8ba3d3e20b658c7a3
1eacc8dda8f2c31f0d30ef7ace1348fdf544fb54
f1c9b95f77847891893766d61c714232f000f37bb29beb6fb655c630750f8f3c
GET /aggregate/de?templates=H1Vl5NidjWX@40.17.39,S1pcEj_jZX@21.9.5,abGHajF1@6.0.1,BJz7qNsdj-7@15.8.13 HTTP/1.1
Host: aggregator.service.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gdp.reisen/
Origin: https://www.gdp.reisen
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding, accept-encoding
access-control-allow-origin: *
content-encoding: br
server: Google Frontend
via: 1.1 google
date: Sun, 22 Jan 2023 15:23:54 GMT
cache-control: public,max-age=604800
etag: "xj0sf1"
content-type: application/json; charset=utf-8
content-length: 2709
age: 36721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.meinereiseangebote.de/css/customer.css.php?c=215c39&c_text=fff&cback=ffffff&cback_text=000&cbutton=ec6328&cbutton_text=fff&cattr=ff0000&cattr_text=fff
13.69.68.38200 OK 18 kB URL HTTP/2 www.meinereiseangebote.de/css/customer.css.php?c=215c39&c_text=fff&cback=ffffff&cback_text=000&cbutton=ec6328&cbutton_text=fff&cattr=ff0000&cattr_text=fff
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d72d4570713cbafac084cc8fcdba0749
b1f5c033f64029512bb259f0cadfab525b23ed36
4f5c0ae006298ee7c33701fcb39dc4761a8f826538c1f7958e2778e026d40aed
GET /css/customer.css.php?c=215c39&c_text=fff&cback=ffffff&cback_text=000&cbutton=ec6328&cbutton_text=fff&cattr=ff0000&cattr_text=fff HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: TiPMix=99.27558382811812; x-ms-routing-name=self; ARRAffinitySameSite=333acd15598c845134244b7b82a2f7de686135ef4edddaafd5b14c6d05694126
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Mon, 23 Jan 2023 01:35:55 GMT
server: nginx/1.22.1
x-powered-by: PHP/8.1.12
X-Firefox-Spdy: h2
cdn.smartberatung.com/fonts/roboto-v18-latin-regular.woff2
13.107.238.53200 OK 15 kB URL HTTP/2 cdn.smartberatung.com/fonts/roboto-v18-latin-regular.woff2
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /fonts/roboto-v18-latin-regular.woff2 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 15344
content-type: application/octet-stream
content-md5: XUrrTl9e91TjB9f/rvaIvQ==
last-modified: Fri, 30 Apr 2021 09:58:44 GMT
accept-ranges: bytes
etag: "0x8D90BBE8A6F780F"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_REMOTE_HIT
x-ms-request-id: 0c70ef10-601e-0047-2636-2e8fa5000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0e+TNYwAAAACJ7KaVEwE/QJQ5og1SYsr6RlJBMjMxMDUwNDE3MDMzAGQ1Mzc1ZDljLWNjNTktNDhhNy1iZmFjLTM5YzlmODBhMjI2ZA==
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0e+TNYwAAAAAKx7w30onCSbJL5+cuknUMQ1BIMzBFREdFMDQwOABkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Mon, 23 Jan 2023 01:35:55 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5f18402476238d2400467b788407ba50
6af008704d188641528abfb189ef0292de61ef4c
867c99e562ffc7c10e8fa69ca796bc0ab79a418d900ab3e9a181a41acd16dd65
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "867C99E562FFC7C10E8FA69CA796BC0AB79A418D900AB3E9A181A41ACD16DD65"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10080
Expires: Mon, 23 Jan 2023 04:23:56 GMT
Date: Mon, 23 Jan 2023 01:35:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9e50c2155db0e677570e16ca68da3089
5b1a469ad63d845938c797e1faa579343ba4a5ff
9443fa5bc91f852b8e8103bfede0800690e43ecb46e2fb87dffdcc2ad23adc74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146243
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:55 GMT
Etag: "63cd7cbe-1d7"
Expires: Tue, 24 Jan 2023 18:13:18 GMT
Last-Modified: Sun, 22 Jan 2023 18:13:18 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9e50c2155db0e677570e16ca68da3089
5b1a469ad63d845938c797e1faa579343ba4a5ff
9443fa5bc91f852b8e8103bfede0800690e43ecb46e2fb87dffdcc2ad23adc74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:55 GMT
Etag: "63cad998-1d7"
Server: ECS (amb/6B75)
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5f18402476238d2400467b788407ba50
6af008704d188641528abfb189ef0292de61ef4c
867c99e562ffc7c10e8fa69ca796bc0ab79a418d900ab3e9a181a41acd16dd65
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "867C99E562FFC7C10E8FA69CA796BC0AB79A418D900AB3E9A181A41ACD16DD65"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20560
Expires: Mon, 23 Jan 2023 07:18:36 GMT
Date: Mon, 23 Jan 2023 01:35:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9e50c2155db0e677570e16ca68da3089
5b1a469ad63d845938c797e1faa579343ba4a5ff
9443fa5bc91f852b8e8103bfede0800690e43ecb46e2fb87dffdcc2ad23adc74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:55 GMT
Etag: "63cd7cbe-1d7"
Server: ECS (amb/6B86)
Content-Length: 471
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP 142.250.74.131:0
Hash c9ef081b98a8792c8c15d4f447598504
e22af282abdd39265fc9879e809cf2b37c3682a9
98fdfb69f9b8bbf68d678500769b668d8bcf367796c5f2c10860f38a2ce334fd
POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/GLpZsxq0ZsM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/GLpZsxq0ZsM
IP 142.250.74.131:0
Hash e2034f1b6673629283c6fc5fa5d07ef3
c3263f46ac18e66384180723ca47574f36229c89
40a21a35b86192488641f961a9d526fd83dc683177267dcd136fba2d7722a8b9
POST /s/gts1d4/GLpZsxq0ZsM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.smartberatung.com/fonts/paxbooking.ttf?gi1j3r
13.107.238.53200 OK 4.7 kB URL HTTP/2 cdn.smartberatung.com/fonts/paxbooking.ttf?gi1j3r
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, paxbooking \012- data
Hash d597dd375e765299c4abc4c352440575
e16fc220bdbf2a32890ad447d1c9f3e3ec7ef0e2
6a00306b4e545f95146167837a17960b45ef9c155d8548856841dabb9e776b68
GET /fonts/paxbooking.ttf?gi1j3r HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 4676
content-type: application/octet-stream
content-md5: 1ZfdN152UpnEq8TDUkQFdQ==
last-modified: Tue, 27 Apr 2021 07:22:53 GMT
accept-ranges: bytes
etag: "0x8D9094D45A20D0E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 82e02382-101e-00a6-1b08-2e68d0000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0rqHNYwAAAACpwG53RJkJT4oj9BjwwCOgRlJBMjMxMDUwNDE3MDIxAGQ1Mzc1ZDljLWNjNTktNDhhNy1iZmFjLTM5YzlmODBhMjI2ZA==
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0fOTNYwAAAABn0xxfBlccTIbacZrRuI0yQ1BIMzBFREdFMDQwOABkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Mon, 23 Jan 2023 01:35:55 GMT
X-Firefox-Spdy: h2
pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
20.50.2.10204 No Content 0 B URL HTTP/1.1 pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
IP 20.50.2.10:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /ContentServer/negotiate HTTP/1.1
Host: pax-smartberatung-signalr.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Mon, 23 Jan 2023 01:35:55 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.meinereiseangebote.de
Vary: Origin
Request-Context: appId=cid-v1:331e6aed-06ec-49ad-ad4b-0e18e6e4cfd1
X-Powered-By: ASP.NET
cdn.smartberatung.com/agents/12898563/small.png?ts=20220126_093440
13.107.238.53200 OK 23 kB URL HTTP/2 cdn.smartberatung.com/agents/12898563/small.png?ts=20220126_093440
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash 93bdb99e692f56edcf687e1c170c0336
eaf636a8997a01c2e23a2dc3584e09775e4b804a
5ca5dd576acae0ab606bb5e743d87d6fe035540c736c009f7d764e424c7b2f50
GET /agents/12898563/small.png?ts=20220126_093440 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 22759
content-type: image/png
content-md5: k725nmkvVu3PaH4cFwwDNg==
last-modified: Thu, 03 Sep 2020 08:41:10 GMT
accept-ranges: bytes
etag: "0x8D84FE51BA1EA34"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: bd1dd8e9-a01e-00bf-473c-2e44b8000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0ClXNYwAAAACbTyrVaQroTonWjFJ1y9MORlJBMjMxMDUwNDE3MDExAGQ1Mzc1ZDljLWNjNTktNDhhNy1iZmFjLTM5YzlmODBhMjI2ZA==
x-azure-ref: 0fOTNYwAAAAAcqpFD7zLGR5LiTBJ12RQ+Q1BIMzBFREdFMDQyMABkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Mon, 23 Jan 2023 01:35:56 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP 142.250.74.131:0
Hash c9ef081b98a8792c8c15d4f447598504
e22af282abdd39265fc9879e809cf2b37c3682a9
98fdfb69f9b8bbf68d678500769b668d8bcf367796c5f2c10860f38a2ce334fd
POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
graphql.usercentrics.eu/graphql
34.120.238.166204 No Content 0 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP 34.120.238.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Referer: https://www.gdp.reisen/
Origin: https://www.gdp.reisen
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 23 Jan 2023 01:35:56 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.smartberatung.com/fonts/roboto-v18-latin-500.woff2
13.107.238.53200 OK 16 kB URL HTTP/2 cdn.smartberatung.com/fonts/roboto-v18-latin-500.woff2
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /fonts/roboto-v18-latin-500.woff2 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 15552
content-type: application/octet-stream
content-md5: KFRnF29/5rtqnGhzs9rSzA==
last-modified: Fri, 30 Apr 2021 09:58:43 GMT
accept-ranges: bytes
etag: "0x8D90BBE8A2F040E"
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_REMOTE_HIT
x-ms-request-id: 4312a99f-d01e-0092-05b0-2ec778000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0fOTNYwAAAADwI1ZzkanaS6BEgnxs7xeFRlJBMjMxMDUwNDE3MDIxAGQ1Mzc1ZDljLWNjNTktNDhhNy1iZmFjLTM5YzlmODBhMjI2ZA==
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0fOTNYwAAAADkhHg455sPTqexbNB7stVSQ1BIMzBFREdFMDQwOABkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Mon, 23 Jan 2023 01:35:55 GMT
X-Firefox-Spdy: h2
i25.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=21419&iid=64220061
162.55.90.60200 OK 98 kB URL HTTP/1.1 i25.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=21419&iid=64220061
IP 162.55.90.60:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Hash 078390cc7e2400c7884f9aa966a4ba92
8eb4df808ea94636190b90cd20cce3c3f20accf0
1b1ee1d8dfc38402beecc9c8828c03e5f113e1f2430bb2f0da8080cc7583e2e0
GET /s.php?uid=180322&source=xml&size=800&cid=21419&iid=64220061 HTTP/1.1
Host: i25.giatamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 01:35:56 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP 142.250.74.131:0
Hash c9ef081b98a8792c8c15d4f447598504
e22af282abdd39265fc9879e809cf2b37c3682a9
98fdfb69f9b8bbf68d678500769b668d8bcf367796c5f2c10860f38a2ce334fd
POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 01:35:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.smartberatung.com/portal/7157/banner.jpg?ts=20221109_153256&ts=20221109_153256
13.107.238.53404 Not Found 27 B URL HTTP/2 cdn.smartberatung.com/portal/7157/banner.jpg?ts=20221109_153256&ts=20221109_153256
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash c708d5758d499da94935ae02ac09dedb
172bb35ad6588430a1899ccd3219fef5289b3b56
334c6bf99d6725ed65037289839724f47c9bd66aee547ad8fa312facb918ef53
GET /portal/7157/banner.jpg?ts=20221109_153256&ts=20221109_153256 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-length: 27
content-type: text/html
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_MISS
x-ms-error-code: WebContentNotFound
x-ms-request-id: 2fb8e412-501e-004f-50cb-2e94d6000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0fOTNYwAAAAAnjSJxsAAzQoihMFbH+axJRlJBMjMxMDUwNDE4MDM1AGQ1Mzc1ZDljLWNjNTktNDhhNy1iZmFjLTM5YzlmODBhMjI2ZA==
x-azure-ref: 0fOTNYwAAAAC1fDNASVvfS4E866r4Z1SGQ1BIMzBFREdFMDQyMABkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Mon, 23 Jan 2023 01:35:56 GMT
X-Firefox-Spdy: h2
i31.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22877&iid=85384087
88.99.68.154200 OK 167 kB URL HTTP/1.1 i31.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22877&iid=85384087
IP 88.99.68.154:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x523, components 3\012- data
Size 167 kB (167175 bytes)
Hash f7ca997dfb89476d143dd7520f634c56
371dc8934bcc66016983043e35292fae712f9991
5ba12a2f3001e316d66a8435a28f6c54c94714ba7a6e9e9f751619f72c8fce47
GET /s.php?uid=180322&source=xml&size=800&cid=22877&iid=85384087 HTTP/1.1
Host: i31.giatamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 01:35:56 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com
i31.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22771&iid=85014477
88.99.68.154200 OK 131 kB URL HTTP/1.1 i31.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22771&iid=85014477
IP 88.99.68.154:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Size 131 kB (130795 bytes)
Hash ecd7ef050586483a5b37f0b9eed84b84
651514a6c3a3f7919b4760a812db5388ac840cf1
976928bcb063572040286f4ae224b569728db9643b57740ebc4adf5a9236aec6
GET /s.php?uid=180322&source=xml&size=800&cid=22771&iid=85014477 HTTP/1.1
Host: i31.giatamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 01:35:56 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com
i24.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=3959&iid=74211680
162.55.90.57200 OK 159 kB URL HTTP/1.1 i24.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=3959&iid=74211680
IP 162.55.90.57:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Size 159 kB (158586 bytes)
Hash b888e3b1ae381f5645b083159ebe41fb
b0c2463265b1340a3a5e4fdfaf5cfad8a6606330
26a4ce218fcaba11201190e75874b543233d418b815553a5789323fbdf81d527
GET /s.php?uid=180322&source=xml&size=800&cid=3959&iid=74211680 HTTP/1.1
Host: i24.giatamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 01:35:56 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com
i26.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22823&iid=84667111
148.251.18.66200 OK 163 kB URL HTTP/1.1 i26.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22823&iid=84667111
IP 148.251.18.66:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x469, components 3\012- data
Size 163 kB (162767 bytes)
Hash e1f4204b867ea68d420ba690946ebf1f
cee1f3615c7a243cb02b408567ea8d722c9a3498
480847bd40b9bf6a385a792019229be0ae38d5acbf10e571290b0d7911017c16
GET /s.php?uid=180322&source=xml&size=800&cid=22823&iid=84667111 HTTP/1.1
Host: i26.giatamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 01:35:56 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com
pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
20.50.2.10200 OK 572 B URL HTTP/1.1 pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
IP 20.50.2.10:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (478), with no line terminators
Hash 34a94858cba83f8b2730907a3545a5ed
aea3ae5fd276d6870cceadde9caf9d483b28b285
32d182fc58983f383e4205a141e9b03635ccea6bc0907ecd7893e5d95cfc34dd
POST /ContentServer/negotiate HTTP/1.1
Host: pax-smartberatung-signalr.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Date: Mon, 23 Jan 2023 01:35:55 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.meinereiseangebote.de
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Origin,Accept-Encoding
Request-Context: appId=cid-v1:331e6aed-06ec-49ad-ad4b-0e18e6e4cfd1
X-Powered-By: ASP.NET
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ef9aa614313fc1552d7822fb5130c17f
cfe852833b908c4e8b5ceeb902e9a046714e98a6
c7127e23706970ee68daf80aa4280e2fc7c77189a7ec390c59bbc015540b0924
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7127E23706970EE68DAF80AA4280E2FC7C77189A7EC390C59BBC015540B0924"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9875
Expires: Mon, 23 Jan 2023 04:20:31 GMT
Date: Mon, 23 Jan 2023 01:35:56 GMT
Connection: keep-alive
uc.e-recht24.de/erecht24_logo_white.png
159.69.24.179200 2.9 kB URL HTTP/1.1 uc.e-recht24.de/erecht24_logo_white.png
IP 159.69.24.179:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 98 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ce60860fb4697564e38580a4709ec5c
9806460f6b62a69a9652f8d17afaef69c3e8c287
933400df86c19613e2f9e127e098a0a8eb9e3d9870c8bbcbb8f234629cee5b74
GET /erecht24_logo_white.png HTTP/1.1
Host: uc.e-recht24.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 23 Jan 2023 01:35:56 GMT
Content-Type: image/png
Content-Length: 2889
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Fri, 29 Jul 2022 06:46:14 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 Jan 2024 01:35:56 GMT
X-Frame-Options: DENY
Pragma: no-cache, public
Cache-Control: max-age=31622400, public
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 71c6b1ec92c40157ebc1866a1f7fe016
7e884d77db8513efaead746572c5bfbfb8977944
cd9b3e3a0ffb9db30ce5623e3b4504622108c2d08c6ea25459b028fe3071adba
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sat, 28 Jan 2023 15:50:10 GMT
Last-Modified: Sun, 22 Jan 2023 13:09:34 GMT
ETag: "cd9b3e3a0ffb9db30ce5623e3b4504622108c2d08c6ea25459b028fe3071adba"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: D97837DCB99E46BB8C10DD48D066DF3F Ref B: OSL30EDGE0407 Ref C: 2023-01-23T01:35:56Z
Date: Mon, 23 Jan 2023 01:35:56 GMT
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 80893aaf5c7ff935963e03e1916fb793
5c5f03f18f021dce1b666638fc863739f94f8d51
ac74e269c0ffea729a3f408db72450ef1f5e562a1d06c7af779920bc54167bca
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Sat, 28 Jan 2023 15:50:11 GMT
Last-Modified: Sun, 22 Jan 2023 13:09:34 GMT
ETag: "ac74e269c0ffea729a3f408db72450ef1f5e562a1d06c7af779920bc54167bca"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 70322FCDCB294E4DB048DCD1B2D80236 Ref B: OSL30EDGE0419 Ref C: 2023-01-23T01:35:56Z
Date: Mon, 23 Jan 2023 01:35:56 GMT
pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=H%2FsvefEAAAA%3D
20.86.94.141204 No Content 0 B URL HTTP/2 pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=H%2FsvefEAAAA%3D
IP 20.86.94.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=H%2FsvefEAAAA%3D HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,x-requested-with
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 23 Jan 2023 01:35:56 GMT
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://www.meinereiseangebote.de
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=H%2FsvefEAAAA%3D
20.86.94.141200 OK 282 B URL HTTP/2 pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=H%2FsvefEAAAA%3D
IP 20.86.94.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 9edacbb55d314d53814ecdf3e03cda56
d782854402d426830750d131412338c7dc08f0ac
4a9ab9ba58c6f9787b501a8270086bd952f2aed6ea61476d8d95882ba11a90d5
POST /client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=H%2FsvefEAAAA%3D HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: text/plain;charset=UTF-8
Authorization: Bearer eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2MTQ0NTc4NTUiLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NzQ0Mzc3NTYsImV4cCI6MTY3NDQ0MTM1NiwiaWF0IjoxNjc0NDM3NzU2LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.3_C4ncj_ceTNzr3mtRTpu_f1H2J_qXYlhJ5zuVQq7gs
Content-Length: 0
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:56 GMT
content-type: application/json
content-length: 282
access-control-allow-credentials: true
access-control-allow-origin: https://www.meinereiseangebote.de
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
basic-light-ibe.traveltainment.de/api/regiontree?v=36131a89beeb¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice
80.87.174.128200 OK 7.9 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/api/regiontree?v=36131a89beeb¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (23670), with no line terminators
Hash 6d8f64adb5e48b72896c3e42b8d3f1ac
26efb8787763614c493d89c432efd9f51443dca8
39fd7ae1b74a53d4ffc5c6eaf0b8ab7961795ff60ccfe6f5b376e65fc8c11ff7
GET /api/regiontree?v=36131a89beeb¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
If-Modified-Since: Mon, 26 Jul 1997 06:06:06 GMT
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:56 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=86400
Content-Encoding: gzip
pax-signalr.service.signalr.net/client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=H%2FsvefEAAAA%3D&id=bBHr-3dTMKRpYX_25NoYBgba1173a81&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2MTQ0NTc4NTUiLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NzQ0Mzc3NTYsImV4cCI6MTY3NDQ0MTM1NiwiaWF0IjoxNjc0NDM3NzU2LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.3_C4ncj_ceTNzr3mtRTpu_f1H2J_qXYlhJ5zuVQq7gs
20.86.94.141101 Switching Protocols 0 B URL HTTP/1.1 pax-signalr.service.signalr.net/client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=H%2FsvefEAAAA%3D&id=bBHr-3dTMKRpYX_25NoYBgba1173a81&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2MTQ0NTc4NTUiLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NzQ0Mzc3NTYsImV4cCI6MTY3NDQ0MTM1NiwiaWF0IjoxNjc0NDM3NzU2LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.3_C4ncj_ceTNzr3mtRTpu_f1H2J_qXYlhJ5zuVQq7gs
IP 20.86.94.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=H%2FsvefEAAAA%3D&id=bBHr-3dTMKRpYX_25NoYBgba1173a81&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjE2MTQ0NTc4NTUiLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE2NzQ0Mzc3NTYsImV4cCI6MTY3NDQ0MTM1NiwiaWF0IjoxNjc0NDM3NzU2LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.3_C4ncj_ceTNzr3mtRTpu_f1H2J_qXYlhJ5zuVQq7gs HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.meinereiseangebote.de
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ynd5OUbU1ZKh3iaNWohJjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 23 Jan 2023 01:35:56 GMT
Connection: upgrade
access-control-allow-credentials: true
access-control-allow-origin: https://www.meinereiseangebote.de
upgrade: websocket
vary: Origin
sec-websocket-accept: iqPjwRND28y9qe9QWkAqJCritiY=
Strict-Transport-Security: max-age=15724800; includeSubDomains
cluster2.images.traveltainment.eu/images/content/va_logos/small/SLR.gif
185.64.96.3200 OK 1.3 kB URL HTTP/1.1 cluster2.images.traveltainment.eu/images/content/va_logos/small/SLR.gif
IP 185.64.96.3:0
ASN #8469 CANCOM Managed Services GmbH
File type GIF image data, version 89a, 75 x 21\012- data
Hash 5bf01da040a6ccea325bafa8627517cb
f5754f85aed0ff9263280140d2f999b0bcd179a9
8a5ccbfa4aca57b800c440e34c3e47f86cb57d21c4b4b141cb28ca23198139c5
GET /images/content/va_logos/small/SLR.gif HTTP/1.1
Host: cluster2.images.traveltainment.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 01:35:55 GMT
Content-Type: image/gif
Content-Length: 1309
Last-Modified: Mon, 09 Nov 2020 08:56:20 GMT
Connection: keep-alive
ETag: "5fa90434-51d"
Expires: Mon, 23 Jan 2023 02:35:55 GMT
Cache-Control: max-age=3600
X-TT-Cluster: op-image-p107-X_content-https
Vary: Accept-Encoding
Accept-Ranges: bytes
media.xmlteam.de/files/tuicruises/mein-schiff-3/schiff/ms3.png
162.55.39.184200 OK 1.0 MB URL HTTP/2 media.xmlteam.de/files/tuicruises/mein-schiff-3/schiff/ms3.png
IP 162.55.39.184:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1000 x 640, 8-bit/color RGB, non-interlaced\012- data
Size 1.0 MB (1010001 bytes)
Hash d83ca59ef8091681566bb280c7ae7c79
03f1b4a9837420b81224856933c1a9b968bd31e7
bc9065437775b1717eb4f811c7741ec0cacef13f9fd48e026fe78e9f11f6f8b6
GET /files/tuicruises/mein-schiff-3/schiff/ms3.png HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Jan 2022 15:08:10 GMT
etag: "f6951-5d5dca3222a80"
accept-ranges: bytes
content-length: 1010001
content-type: image/png
date: Mon, 23 Jan 2023 01:35:55 GMT
server: Apache
X-Firefox-Spdy: h2
basic-light-ibe.traveltainment.de/api/touroperators?v=36131a89beeb¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice
80.87.174.128200 OK 1.6 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/api/touroperators?v=36131a89beeb¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7540), with no line terminators
Hash 3f4d71225b2e7f68772e6f138a36db11
4fa70b67be7823b2fc5a1e6e8311da0c6dd8b802
f5a2485333f151b5957da68fb65b16aec45bcb7f22df372f7578ac0718329188
GET /api/touroperators?v=36131a89beeb¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
If-Modified-Since: Mon, 26 Jul 1997 06:06:06 GMT
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:56 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=86400
Content-Encoding: gzip
www.meinereiseangebote.de/js/signalr.min.js
13.69.68.38200 OK 0 B URL HTTP/2 www.meinereiseangebote.de/js/signalr.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /js/signalr.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: TiPMix=99.27558382811812; x-ms-routing-name=self; ARRAffinitySameSite=333acd15598c845134244b7b82a2f7de686135ef4edddaafd5b14c6d05694126
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 23 Jan 2023 01:35:55 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "5cfa9fd2-1c662"
last-modified: Fri, 07 Jun 2019 17:33:06 GMT
content-length: 116322
X-Firefox-Spdy: h2
basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/html/package.js?v=36131a89beeb
80.87.174.128200 OK 0 B URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/html/package.js?v=36131a89beeb
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
GET /ibecustomer/customers/basic-light/dist/html/package.js?v=36131a89beeb HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 01:35:53 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2022 10:59:58 GMT
Content-Encoding: gzip
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg
5.175.22.217200 OK 0 B URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
GET /www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "ceb2-5ca8ae539421c"
accept-ranges: bytes
content-length: 52914
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/assets/js/vendor_bundle.min.js
5.175.22.217200 OK 0 B URL HTTP/2 www.gdp.reisen/assets/js/vendor_bundle.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/vendor_bundle.min.js HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=37641872; CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:52 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:42:21 GMT
etag: "66b1b-5a67925eb8940-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Tue, 24 Jan 2023 01:35:52 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 101220
content-type: application/javascript
X-Firefox-Spdy: h2
www.gdp.reisen/
5.175.22.217200 OK 0 B IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:51 GMT
server: Apache
set-cookie: CFID=37641872; Expires=Tue, 24-Jan-2023 01:35:51 GMT; Path=/; HttpOnly
CFTOKEN=52eb829fe736a00a-9A99072A-9835-16BE-6DF6496F4B8F1D84; Expires=Tue, 24-Jan-2023 01:35:51 GMT; Path=/; HttpOnly
cache-control: max-age=420, private, must-revalidate
expires: Tue, 24 Jan 2023 01:35:51 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2
graphql.usercentrics.eu/graphql
34.120.238.166200 OK 0 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP 34.120.238.166:0
POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gdp.reisen/
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: b98d57f3-159d-48c2-9ccc-10f9a2fd1514
Origin: https://www.gdp.reisen
Content-Length: 1957
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:35:56 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"169-tKNo9f9O/P882+kGJfHmPUvnamY"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
graphql.usercentrics.eu/graphql
34.120.238.166200 OK 0 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP 34.120.238.166:0
POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gdp.reisen/
Content-Type: application/json
Access-Control-Allow-Origin: *
Origin: https://www.gdp.reisen
Content-Length: 1045
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 01:36:00 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"41-PhTBbLVr6CImcYBgZcu5QcL3968"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2