Report - hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/

Report Overview

Submitted URL
hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
IP
185.32.80.72
ASN
#42263 German Edge Cloud GmbH & Co. KG
Submitted
2023-01-15 20:28:40
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
hh.ermoeglicher.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	407 kB	185.32.80.72
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.3 kB	11 kB	216.58.211.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
app.usercentrics.eu	12624	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	22 kB	35.190.14.188
uct.service.usercentrics.eu	53073	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	437 B	34.95.108.180
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.210.191.84
graphql.usercentrics.eu	14191	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	751 B	34.120.238.166
consent-api.service.consent.usercentrics.eu	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	859 B	35.201.111.240
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	3.3 kB	151.101.193.229
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	46 kB	142.250.74.168
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226
api.usercentrics.eu	11845	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	19 kB	35.241.3.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-15 20:28:29	medium	Client IP	185.32.80.72	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	app.usercentrics.eu/browser-ui/3.14.0/DefaultUI-917606c2-86ee2573.js	1.7 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/DefaultUI-917606c2-86ee2573.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 6501c60414eea7f5496a7d832f0b4085 9a1589bc0b057af8307447bfc9c25ea053d45dad 2248e05564b4346351f550f8500e9c73a564b516791bf42fba95bb09487e074e Loading...

	app.usercentrics.eu/browser-ui/3.14.0/FirstLayerCustomization-0e1d6632-5d888855.js	2.9 kB	2023-03-12	2023-09-11
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/FirstLayerCustomization-0e1d6632-5d888855.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-09-11 03:55:17 Times Seen352 Hash 32ad5d4ff0365166321eef72426c674d e76a5846799d6c3aab1ac62696e2ae7cc1ead099 a99da98ccf11b34790289d0264ed889d2d3765757da0cd807590cfa328d7689c Loading...

	app.usercentrics.eu/browser-ui/3.14.0/Taglogger-3287a09c-e1e8bf90.js	1.2 kB	2023-03-08	2023-09-11
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/Taglogger-3287a09c-e1e8bf90.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:05:14 Last Seen2023-09-11 03:55:17 Times Seen577 Hash fa069aba99c9c9e0df4dc7e513f2f5c4 fa7cc131bf869d47dc2aef7a1a16cccfd8a0ecb3 43023061a506aa31987f6a256e4b42561c2fba643dcbba8e17124cb070d0a4da Loading...

	app.usercentrics.eu/browser-ui/3.14.0/SaveButton-e4a1936a.js	1.4 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/SaveButton-e4a1936a.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash e8f8937e33ac907f1c3b68459ebf356b b6d14f103b28002ce725b8ed0ff1dafadfc38b5f 202190c4ffc78227028e3c4a73333d354fc98a37d6230219b631f4835f2831be Loading...

	app.usercentrics.eu/browser-ui/3.14.0/index.module.js	356 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/index.module.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 9b81b50bd01b197f772e6eb311ac5898 4d0a6accbbc7fae4a5791d2f3b63d8f65846c67a ab20de747f96ffce152f64dcd2e9898b4f5fdae01da220e2820026053f61c227 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-K7NF7RM	116 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K7NF7RM IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:30:15 Last Seen2023-03-13 00:30:15 Times Seen1 Hash dcaa5e2f8123618f8ada87a8a1edd0ca 235243b71fa1996993f02ebaaf1c2e27cf00bac5 d720672c31c5ce283b15d7981be1dbd53e2386579dc1e2acb4603e607041bdbc Loading...

	cdn.jsdelivr.net/gh/mcstudios/glightbox/dist/js/glightbox.min.js	56 kB	2023-03-10	2024-03-04
Pretty URL cdn.jsdelivr.net/gh/mcstudios/glightbox/dist/js/glightbox.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:21:49 Last Seen2024-03-04 00:58:07 Times Seen105 Hash 98bdef99fed1735951123bb477fde4c8 67bc06fc3c3c66e72a8a3c013a419b2c407b720a c98267e669cfec3a2a89eb501b16d6d8fba8e0d33e09f355554b19fcf213ffea Loading...

	app.usercentrics.eu/browser-ui/latest/loader.js	63 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/latest/loader.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash dd317d62665ba9b86709a91617f7925f 5a88f0fe1dd66f49545f71cbe9a06ee43b0e463b aa21f50cfc7f12ed180c5e65dc06b486e633c51f8648304694737b031e00416c Loading...

	app.usercentrics.eu/browser-ui/3.14.0/PrivacyButton-838e13c6.js	5.5 kB	2023-03-08	2023-11-19
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/PrivacyButton-838e13c6.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:29:54 Last Seen2023-11-19 22:07:18 Times Seen921 Hash 5cd92a212bc0369b233eaf4a53e12f0f 4ab50b1fb989287cfa24bb691a6e21948c7cfd63 f3d541bb8ac4f2634c8bc045e37ade096d7b03e2f67c54fe7f8bb81a8d7d4dc9 Loading...

	hh.ermoeglicher.de/static/bundle.9a675619016f.js	91 kB	2023-03-13	2023-03-13
Pretty URL hh.ermoeglicher.de/static/bundle.9a675619016f.js IP 185.32.80.72 ASN #42263 German Edge Cloud GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:30:15 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 9a675619016fef688bb4fe2e112f1de3 c2ee156727fbef14ca6835a3ee42c92aa402c35a 05b62f5b29263a069dbc2e3bac24870a71f7b03b5b5e862a2b38e5d5bfacd9cf Loading...

	hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/	75 B	2023-03-13	2023-03-13
Pretty URL hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/ IP 185.32.80.72 ASN #42263 German Edge Cloud GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:30:15 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 8bb5a324145d614bd08e5f6654b422ab 61fb3651dd4e509d2d0783922113a1b7b7e40e6a e7487cf96a0f162f5050158c489bcda10ec3c6c168e3a203b82c42e5b12c1c01 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/DefaultData-179215c9-7baa5001.js	2.2 kB	2023-03-08	2023-09-11
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/DefaultData-179215c9-7baa5001.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:05:14 Last Seen2023-09-11 03:55:17 Times Seen575 Hash 0676bbfaa53999bc7f872e76778930bc f53e90d2380ec4ecc87a0e8642e4142700844aad 70fdf46ec720c9235e60fe600dd444bd55a7422894d37763364fe4cde32d0d14 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/index-1e4fcfa6.js	1.7 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/index-1e4fcfa6.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash c386667e56c78e242be2cd7a022212e2 2b24cd09aeae5e6e6a14852ea6ea7babcd44f689 ddfd60c6929fe815cab1063f2bb1014fc3cae50d641d98010043ef4224f02a43 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/index-b02ff534.js	5.0 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/index-b02ff534.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash d16d1f75c466ff0211c55495ee4d0c4c d8770dcbc57d63189e88a60115086914480039d3 e11b877be293055dd2c71ddc81d07e84ecba5d504cfe32805466198e7a5f1233 Loading...

	hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/	350 B	2023-03-13	2023-03-13
Pretty URL hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/ IP 185.32.80.72 ASN #42263 German Edge Cloud GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:30:15 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 1c0ca452e92137af53b9d6ffc66f8bde f72a376916b22dc2a162d3529fde1bf1af28943b a9c0d6628fce983ecea2409abe9217cd074378c0045274b8b58bcaf1daa26b03 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/SecondLayerUI-87844021-0f5d225e.js	567 B	2023-03-08	2023-11-19
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/SecondLayerUI-87844021-0f5d225e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:18 Last Seen2023-11-19 22:07:19 Times Seen1069 Hash 3c558f62ac8600e4f5a12e778163a113 de384e9e997676dc65e6f2d6623339e1603b9c8a 112f05d9a926b4846f9325f21f6851a8fd3baecafb76be4e0a49265a3cf91da1 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/VirtualServiceItem-5cefb71d.js	158 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/VirtualServiceItem-5cefb71d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash b6e4dd06777abb788850cfa2977ff409 43962614ab7d58aacfc5e523b217118f87291602 3d13222bb77dc48f4e195433e293fb7ce30532bd9f46a3ef6cba4918ae982a17 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/DefaultTabs-818c5157.js	4.4 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/DefaultTabs-818c5157.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 5ee61863b4f9d8566625d60b9fd3e2e6 9bf44a3f95e6a26cfca6badae34640fc9a23c92c 79ad293bb357839168115da30a12fa6c8ed6960bd2df452dd9aa726e40e9a308 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/ButtonsCustomization-1efef9a5-d4bd00e7.js	473 B	2023-03-08	2023-11-19
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/ButtonsCustomization-1efef9a5-d4bd00e7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:18 Last Seen2023-11-19 22:07:17 Times Seen1040 Hash 7559f5f95af499d1785f7af1c51ad49b 0c38816b068ae0488402ecdca429a999a5d3cb96 e1e2838d72c3c267345fa419ecba66f968fefc1f0928a8dc3da1d6df5078278c Loading...

HTTP Transactions (69)

URL IP Response Size

hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/

185.32.80.72

301 Moved Permanently

169 B

URL HTTP/1.1
hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
e2b2d66924b5bad7a8faa2c59f643055
a77ad5a69799f61612679c19cb2f3bf8e876c397
956e4fc6180dc45eb50c4e4071e0a2c90c871317dd63477e6b0ea6810b71dd14

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

HTTP Headers

GET /aktuell/corona-virus-infos-fuer-unternehmen/ HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.19.3
Date: Sun, 15 Jan 2023 20:28:29 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19407
Expires: Mon, 16 Jan 2023 01:51:56 GMT
Date: Sun, 15 Jan 2023 20:28:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Sun, 15 Jan 2023 21:29:38 GMT
Date: Sun, 15 Jan 2023 20:28:29 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 19:49:06 GMT
content-type: application/json
age: 2363
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18288
Expires: Mon, 16 Jan 2023 01:33:17 GMT
Date: Sun, 15 Jan 2023 20:28:29 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: JFaCr3KhyLwCc7BZtbZcB6v7xLe6uZLAwiO57GWG8aiP71mpgOpGAznrueA474J4CJ9DtqZgUgBsfYsJKjnASA==
x-amz-request-id: FY2Q5K1S4CEC8Q0B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 19:55:29 GMT
age: 1980
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/BBBank_Logo_HH_Std_RGB_cXPBNkZ.original.png

185.32.80.72

200 OK

42 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/BBBank_Logo_HH_Std_RGB_cXPBNkZ.original.png
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
PNG image data, 645 x 209, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (42296 bytes)
Hash
40abb1097870ddd6fa07a276d85ca797
bfef1f7b5372d97218a2d4e81377a73c95a5bb06
6d68574d3214a519e25200b491f2f2aeb59a7c62a8d72c280bb6742a3b724b5c

HTTP Headers

GET /media/images/BBBank_Logo_HH_Std_RGB_cXPBNkZ.original.png HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/png
content-length: 42296
last-modified: Fri, 20 May 2022 11:53:17 GMT
etag: "6287812d-a538"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/glightbox/dist/css/glightbox.min.css

151.101.193.229

200 OK

2.6 kB

URL HTTP/2
cdn.jsdelivr.net/npm/glightbox/dist/css/glightbox.min.css
IP
151.101.193.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (13749), with no line terminators
Size
2.6 kB (2565 bytes)
Hash
5cbdaec6157ee3ce220b1fd336fd6ec3
2c16bb574fb829de58db438b82b83ef9c049da61
7dcf3f432d6c4b69808d8df5b9d5820e80e9805ab6b9bd38f4bbe9337c336831

HTTP Headers

GET /npm/glightbox/dist/css/glightbox.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.2.0
x-jsd-version-type: version
etag: W/"35b5-O1t5BPT0vPVZWcLs71CCG9kRACE"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 15 Jan 2023 20:28:30 GMT
age: 22947
x-served-by: cache-fra-eddf8230097-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2565
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Grunden.menu.original.menu.original.jpg

185.32.80.72

200 OK

14 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Grunden.menu.original.menu.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
14 kB (14050 bytes)
Hash
7a327ec08384cdda963f7673cefc7d28
19d976ab5b812694c6c5ffac05a6bc746e882373
92babc3cb03ec40b47fa6fd57efca2e1f2a6e6b0e3f884226e5917a1e10970ac

HTTP Headers

GET /media/images/LP_-_Grunden.menu.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 14050
last-modified: Thu, 18 Feb 2021 19:16:50 GMT
etag: "602ebd22-36e2"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Nachfolge.menu.original.original.jpg

185.32.80.72

200 OK

19 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Nachfolge.menu.original.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
19 kB (19338 bytes)
Hash
21cb4cffa348d432abc9bd338e8e574b
734b4ae2b1e8cff06381c2f600c7bbc737ed8d10
faedcfea79985c957562aaeb01d8c0fa1cb07ea20deeade22151bc57a6ba0967

HTTP Headers

GET /media/images/LP_-_Nachfolge.menu.original.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 19338
last-modified: Thu, 18 Feb 2021 19:16:27 GMT
etag: "602ebd0b-4b8a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Wachsen.menu.original.original.jpg

185.32.80.72

200 OK

21 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Wachsen.menu.original.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
21 kB (21148 bytes)
Hash
f239c03c1a37d6c56e8093c5be372eae
04a6fc74c3bf0aa2177f6d28bb38fa7a561d2bc9
e639722bca836830c57854b97b5851df9b4a180185b3c214e05b0d66dc25c631

HTTP Headers

GET /media/images/LP_-_Wachsen.menu.original.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 21148
last-modified: Thu, 18 Feb 2021 19:16:08 GMT
etag: "602ebcf8-529c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Stabilisieren.menu.original.original.jpg

185.32.80.72

200 OK

19 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Stabilisieren.menu.original.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
19 kB (18955 bytes)
Hash
27ca43ec8839ff67ccb0140536965edb
a6d16a0da774077fd51a18f30da6156f99069b44
b3ccab537d2c1cda8931b8dd61afc6f3e97daf52df79d527bacd510d6c186600

HTTP Headers

GET /media/images/LP_-_Stabilisieren.menu.original.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 18955
last-modified: Thu, 18 Feb 2021 19:16:51 GMT
etag: "602ebd23-4a0b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Banken.original.menu.original.jpg

185.32.80.72

200 OK

13 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Banken.original.menu.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
13 kB (13372 bytes)
Hash
6d067840cde72a943d34df45ce053ebb
b894cdb02219df54af0233e4fdeab04c93cedce2
0e915ca44e8cfe965a2cd51fcb09068fa1632b1edd4d6f09d472e02889e5eb02

HTTP Headers

GET /media/images/LP_-_Banken.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 13372
last-modified: Thu, 18 Feb 2021 19:16:30 GMT
etag: "602ebd0e-343c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Leasing.original.menu.original.jpg

185.32.80.72

200 OK

15 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Leasing.original.menu.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
15 kB (14934 bytes)
Hash
8c39d2e91cd07f304655fb25bd7f9177
b80d6e3ee14aff51b1ba2f8f85f827546bded120
bf97b9bee19f63670ea5e1d7d4bb0e2cf797a8ef28e334c66022622d5762daf9

HTTP Headers

GET /media/images/LP_-_Leasing.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 14934
last-modified: Thu, 18 Feb 2021 19:16:54 GMT
etag: "602ebd26-3a56"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Beratende_Berufe_ZXZD6OJ.original.menu.original.jpg

185.32.80.72

200 OK

18 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Beratende_Berufe_ZXZD6OJ.original.menu.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
18 kB (18305 bytes)
Hash
d5e43465a9e9dfff6b90eb7ed92f2a36
a36ec77e2868bb89aad9a9884670f7aa8f058f20
a052db4870c84876c18ebca8672e1c5e8c23f9de951debfe721f70e2461024ba

HTTP Headers

GET /media/images/LP_-_Beratende_Berufe_ZXZD6OJ.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 18305
last-modified: Thu, 18 Feb 2021 19:16:31 GMT
etag: "602ebd0f-4781"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_KammernVerbande.original.menu.original.jpg

185.32.80.72

200 OK

16 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_KammernVerbande.original.menu.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
16 kB (15543 bytes)
Hash
03c25d2096c298bd4672ff78963d3414
f0f0ca8de4b6775b09528b089096948281932e05
41b9ccb6881f9f99c6c34788bb633941a959adcbe292306907f2d1bdc520282f

HTTP Headers

GET /media/images/LP_-_KammernVerbande.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 15543
last-modified: Thu, 18 Feb 2021 19:16:39 GMT
etag: "602ebd17-3cb7"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/uber_uns.menu.width-501.jpg

185.32.80.72

200 OK

24 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/uber_uns.menu.width-501.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 449x300, components 3\012- data
Size
24 kB (24327 bytes)
Hash
1d23f8d330f4f36af71a2e4cbd043521
3d5bb9b5216bad8f2c4183bc5615b2c1d47e41f5
7f53e501dd588ba5b0e392881abd19cb2138089830ef6286aa65a7d925217f20

HTTP Headers

GET /media/images/uber_uns.menu.width-501.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 24327
last-modified: Thu, 18 Feb 2021 19:17:02 GMT
etag: "602ebd2e-5f07"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/Logo_VDB.width-150.jpg

185.32.80.72

200 OK

3.6 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/Logo_VDB.width-150.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x53, components 3\012- data
Size
3.6 kB (3582 bytes)
Hash
5b5704e54381e6e1ff3493d516ff0e22
95ba58cc2c325d183a831b36bab7fece0a13e37c
1e071354e54d5e427622debd7bbd7f7f72cd8997eff10f84cf5f8e5bbe2bc059

HTTP Headers

GET /media/images/Logo_VDB.width-150.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 3582
last-modified: Wed, 13 Apr 2022 09:48:31 GMT
etag: "62569c6f-dfe"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/BTG_Logo_4c_300dpi_CMYK.jpg.width-150.jpg

185.32.80.72

200 OK

3.3 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/BTG_Logo_4c_300dpi_CMYK.jpg.width-150.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x35, components 3\012- data
Size
3.3 kB (3278 bytes)
Hash
7a071f9c7cb9bb1864257db1ea098e9c
2f45c3da199b72f6d3d47735ba5753be00b061c3
cdcdba161ccee161ccd4deff370978f82e5734c51414a55a16a510ed1886fc2f

HTTP Headers

GET /media/images/BTG_Logo_4c_300dpi_CMYK.jpg.width-150.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 3278
last-modified: Tue, 19 Oct 2021 11:28:30 GMT
etag: "616eabde-cce"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/logo_VDBS.width-150.jpg

185.32.80.72

200 OK

3.1 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/logo_VDBS.width-150.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x53, components 3\012- data
Size
3.1 kB (3084 bytes)
Hash
59f97bdb34ea15e8bb9599177258d8ad
53529387a510bb9cee7f5086c88791dd63c776bb
e59a8a71978bd900408403ffc5b195e5a69d5c2b23247e7c48487ae304d46fbb

HTTP Headers

GET /media/images/logo_VDBS.width-150.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 3084
last-modified: Thu, 18 Feb 2021 19:15:57 GMT
etag: "602ebced-c0c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
92e7e87a11ebb917358deaca26fe7371
ebfe61819f209f5f1a657a9aac5fc237d4907239
571bf919415a02f9bfd1f355447cdc5880c22f51c6ee7eec4c0f3dc06268498c

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 20:28:30 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "AEA522DDB0DC1D849F9E1E55082E9B4ABEEC51F1"
Expires: Mon, 16 Jan 2023 07:00:00 GMT
Last-Modified: Sun, 15 Jan 2023 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2114
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a15bb1ee4f0b3d-OSL

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-K7NF7RM

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-K7NF7RM
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
45 kB (45240 bytes)
Hash
5e83cfe169a7356031567a9e953376c9
db9495e63bac69ceefd9b05a9c20a4559c1edfd7
7c14ab3621a521775ebeb028cc85fd7d460a5b400eeebef77bb844b72b31f96a

HTTP Headers

GET /gtm.js?id=GTM-K7NF7RM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 15 Jan 2023 20:28:30 GMT
expires: Sun, 15 Jan 2023 20:28:30 GMT
cache-control: private, max-age=900
last-modified: Sun, 15 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 20:17:25 GMT
age: 665
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/fonts/brandon_grotesque_700_woff2.ce87f4e0d168

185.32.80.72

200 OK

28 kB

URL HTTP/2
hh.ermoeglicher.de/static/fonts/brandon_grotesque_700_woff2.ce87f4e0d168
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
Web Open Font Format (Version 2), TrueType, length 27712, version 1.0\012- data
Size
28 kB (27712 bytes)
Hash
ce87f4e0d16868acaa3a5f4d894e9c29
b0b82fa20adb7c495172f8345f0ef0a64d2f815e
fc19e2d873270cfa3ce69c2345fac36b8ab1b0fe2cd8983f0946a8c180f236b3

HTTP Headers

GET /static/fonts/brandon_grotesque_700_woff2.ce87f4e0d168 HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: application/octet-stream
content-length: 27712
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-6c40"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/fonts/kepler_std_display_300_woff2.d7777fb08538

185.32.80.72

200 OK

122 kB

URL HTTP/2
hh.ermoeglicher.de/static/fonts/kepler_std_display_300_woff2.d7777fb08538
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
Web Open Font Format (Version 2), CFF, length 121700, version 1.0\012- data
Size
122 kB (121700 bytes)
Hash
d7777fb085385076c168a632ce66d0db
eb5d37d9bc35971f7985ed629313d7db2eb82faa
1b3d70a7c4ab337b8d5169a9d97a1470a873f2784db40a71d8785d56a0755169

HTTP Headers

GET /static/fonts/kepler_std_display_300_woff2.d7777fb08538 HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: application/octet-stream
content-length: 121700
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-1db64"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/fonts/brandon_grotesque_400_woff2.6c288957e1ea

185.32.80.72

200 OK

27 kB

URL HTTP/2
hh.ermoeglicher.de/static/fonts/brandon_grotesque_400_woff2.6c288957e1ea
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
Web Open Font Format (Version 2), TrueType, length 26888, version 1.0\012- data
Size
27 kB (26888 bytes)
Hash
6c288957e1ea69636d76b434a53c65ef
b8e0e2074136f3b167567d532312cc0f838bdf5f
c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc

HTTP Headers

GET /static/fonts/brandon_grotesque_400_woff2.6c288957e1ea HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: application/octet-stream
content-length: 26888
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-6908"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/favicon/android-icon-192x192.81d35b4070d5.png

185.32.80.72

200 OK

11 kB

URL HTTP/2
hh.ermoeglicher.de/static/favicon/android-icon-192x192.81d35b4070d5.png
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10725 bytes)
Hash
81d35b4070d5ca7cab633d4afa2b6caa
539607d5bdfc64abe737441eac56da7291daf035
1b1524524710bc83e55dc7a0364026bb3c8ff626b5060c12b79c8e8ed7a15dc5

HTTP Headers

GET /static/favicon/android-icon-192x192.81d35b4070d5.png HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/png
content-length: 10725
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-29e5"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/favicon/favicon-16x16.be21cb3b89b3.png

185.32.80.72

200 OK

1.3 kB

URL HTTP/2
hh.ermoeglicher.de/static/favicon/favicon-16x16.be21cb3b89b3.png
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1310 bytes)
Hash
be21cb3b89b375c8cf1c26700c920a90
fdb53b2246d0ccaeb65c266cbcba530121b2faf2
004833817ed711d71f0fcab9316993118e48534ce41ad57ef336c4303d0e6e16

HTTP Headers

GET /static/favicon/favicon-16x16.be21cb3b89b3.png HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/png
content-length: 1310
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-51e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e5f9cfd32ba0e755eba2eba2bca5bc3c
012c01ac7a06da9f57e0e1c24658a4bd40e82518
ffd7fc715a11f6579f953c2f0f65128000733620fcc777cd0a4c5bb895c64ad2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6243
Cache-Control: max-age=138139
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:30 GMT
Etag: "63c3c226-1d7"
Expires: Tue, 17 Jan 2023 10:50:49 GMT
Last-Modified: Sun, 15 Jan 2023 09:06:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/s/gts1d4/jEa5WN7607o

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/jEa5WN7607o
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
20553ea3e0e45eee180dcfe711c199ca
75915ff0cd713b112c79fb425f1bc2fd54a569b3
c6f6e48bf52126eab1b7a0fcbbd8285d9930a86b84c71ab17cb70f1533abe6f4

HTTP Headers

POST /s/gts1d4/jEa5WN7607o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.usercentrics.eu/browser-ui/latest/loader.js

35.190.14.188

200 OK

21 kB

URL HTTP/2
app.usercentrics.eu/browser-ui/latest/loader.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (63068)
Size
21 kB (21129 bytes)
Hash
c665b569bbe04be9338583c20d162234
9570872fe37d8a740152c2c76e3a6fdd5e449248
24b3e37410b6781d5b30aca7595e5dd2eb95d741330f30b6c8902e8166964ad0

HTTP Headers

GET /browser-ui/latest/loader.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtMjmZLP0R88OVoj__Re5NULt1U-AbhLO468lzpvZiHCzJ6wkJoBTKe_eXFxsexdUw604UqrWOCyTQpT22HiyYEENsbtiuW
x-goog-generation: 1673270178845255
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 21129
content-encoding: gzip
x-goog-hash: crc32c=hnNeow==, md5=xmW1abvgS+kzhYPCDRYiNA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 21129
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
server: UploadServer
date: Sun, 15 Jan 2023 19:44:59 GMT
expires: Sun, 15 Jan 2023 20:44:59 GMT
cache-control: public, max-age=3600, no-transform
age: 2612
last-modified: Mon, 09 Jan 2023 13:16:18 GMT
etag: "c665b569bbe04be9338583c20d162234"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/jEa5WN7607o

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/jEa5WN7607o
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
20553ea3e0e45eee180dcfe711c199ca
75915ff0cd713b112c79fb425f1bc2fd54a569b3
c6f6e48bf52126eab1b7a0fcbbd8285d9930a86b84c71ab17cb70f1533abe6f4

HTTP Headers

POST /s/gts1d4/jEa5WN7607o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.210.191.84

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.191.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6Mpad1TVzjNTN7cyavttuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oq8r/kURLmwtqUAsXDtdaaUBY+w=

ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fbc13b8b7962819ec34cf3e7413ef6c9
f5cf13a1c06d94ad809fca8fc8a296e504951e6a
37287a4ff846ab9b5dc8d7f1479ccbd5562821db466afe233baab0852ad8f4f6

HTTP Headers

POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fbc13b8b7962819ec34cf3e7413ef6c9
f5cf13a1c06d94ad809fca8fc8a296e504951e6a
37287a4ff846ab9b5dc8d7f1479ccbd5562821db466afe233baab0852ad8f4f6

HTTP Headers

POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json

35.241.3.184

200 OK

0 B

URL HTTP/2
api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /settings/uZ6Kykx5J/latest/languages.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycduLz0cZAMN1OB0m6GtC6Mgil9aPfdl142NG2doYNnWhw7SNkN5UCrbKwcY5uilnxavX_p0fHXIOjgBVbwuIFBes0g
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Sun, 15 Jan 2023 20:28:31 GMT
expires: Sun, 15 Jan 2023 20:28:31 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json

35.241.3.184

200 OK

67 B

URL HTTP/2
api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
67 B (67 bytes)
Hash
da13a9b5363ff28c20e52e67131f24fd
1d9f99b1ae654913e9d23a6477c477b7ce924292
86b7be6c42bfb970e332b5d92083dd6370cf0774eedcff50d97a8f689431b1ca

HTTP Headers

GET /settings/uZ6Kykx5J/latest/languages.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsNEB_uDBNmMsDLhhW-5xnJKJtKKlaJszGKjs8_x7Hg82XUYe6jAIXXO5wsDno12vRjG5nLmBdIndh1RxmwfbkGbw
x-goog-generation: 1673598844215167
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 67
content-encoding: gzip
x-goog-hash: crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 67
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Sun, 15 Jan 2023 20:28:31 GMT
expires: Sun, 15 Jan 2023 20:28:41 GMT
cache-control: public, max-age=1800, s-maxage=10
last-modified: Fri, 13 Jan 2023 08:34:04 GMT
etag: "da13a9b5363ff28c20e52e67131f24fd"
content-type: application/json
age: 0
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fbc13b8b7962819ec34cf3e7413ef6c9
f5cf13a1c06d94ad809fca8fc8a296e504951e6a
37287a4ff846ab9b5dc8d7f1479ccbd5562821db466afe233baab0852ad8f4f6

HTTP Headers

POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json

35.241.3.184

200 OK

0 B

URL HTTP/2
api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /settings/uZ6Kykx5J/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtsmvqIeG58IN7e87YukIpuBmLJh3nbGUXJQgDpIM182An-w7wKsA3LN97QoIH_H42e1yQtkqAbIt9NHXQMBPZNzlxWgIdb
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Sun, 15 Jan 2023 20:28:31 GMT
expires: Sun, 15 Jan 2023 20:28:31 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json

35.241.3.184

200 OK

15 kB

URL HTTP/2
api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type
JSON data\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
15 kB (15078 bytes)
Hash
758da89da5dcf9dfb65d2a77213b6402
77d9799ebf601d88ecbdc0da8bf95af90005b069
025c7b5b296356f578464dc2c219072565a791ca7a4e860b6e014531bf2d3c4f

HTTP Headers

GET /settings/uZ6Kykx5J/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsjY2Ak3GQHkLrv-ivsSNUk_j84WHTeVr8VwgGtdGY_nt-JytJJDJQkZClo1TqflYqNJxHBdsH8I6Do50XL7zRv98_ZWzcA
vary: Accept-Encoding
x-goog-generation: 1673598844205366
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 15078
content-encoding: gzip
x-goog-hash: crc32c=Xt6yZA==, md5=dY2onaXc+d+2XSp3ITtkAg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 15078
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Sun, 15 Jan 2023 20:28:31 GMT
expires: Sun, 15 Jan 2023 20:28:41 GMT
cache-control: public, max-age=1800, s-maxage=10
last-modified: Fri, 13 Jan 2023 08:34:04 GMT
etag: "758da89da5dcf9dfb65d2a77213b6402"
content-type: application/json
age: 0
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.usercentrics.eu/translations/translations-de.json

35.241.3.184

200 OK

0 B

URL HTTP/2
api.usercentrics.eu/translations/translations-de.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /translations/translations-de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvKwXbIbDrbskJIZsoRPmsZW7ce6Xj6NMpX73Huh7DJGxtG2jxxRqtDuSKZNleoCN38fjj5sQIV6f7TRK5xVlULGmjywX0Y
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Sun, 15 Jan 2023 20:28:31 GMT
expires: Sun, 15 Jan 2023 20:28:31 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/VJA41Da9_CE

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bcab1be2e8e19cb953dcb55a3b6257b3
a73016d37dfa8d8e9dd10fb0a899b1e56c4bf112
b94fb659c86728b28e3cc33c321a52c33703b7f1dd3c3622337b7496a1315caf

HTTP Headers

POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/VJA41Da9_CE

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bcab1be2e8e19cb953dcb55a3b6257b3
a73016d37dfa8d8e9dd10fb0a899b1e56c4bf112
b94fb659c86728b28e3cc33c321a52c33703b7f1dd3c3622337b7496a1315caf

HTTP Headers

POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
73727743b2dbbecd5f9857c5611a2606
63e22ec6acf2e42a7faccd472f9db73195f76c99
f7be7ba281e89bcd3d97b15ac364a15f73e65cd182110cbae9b07aa6164094ad

HTTP Headers

POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
73727743b2dbbecd5f9857c5611a2606
63e22ec6acf2e42a7faccd472f9db73195f76c99
f7be7ba281e89bcd3d97b15ac364a15f73e65cd182110cbae9b07aa6164094ad

HTTP Headers

POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

graphql.usercentrics.eu/graphql

34.120.238.166

204 No Content

0 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 15 Jan 2023 20:28:31 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e084f532cbbfb0da739b8a8a70da3f32
a3587d59bd8a5635b74d99cd1154ef26b7fbbf45
687e41e57d57ab21f12faa30436d95f9113b72d3a14371602bff01788baa1181

HTTP Headers

POST /s/gts1d4/yQ_v2YqKKtg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

consent-api.service.consent.usercentrics.eu/consent/uw/1

35.201.111.240

204 No Content

0 B

URL HTTP/2
consent-api.service.consent.usercentrics.eu/consent/uw/1
IP
35.201.111.240:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /consent/uw/1 HTTP/1.1
Host: consent-api.service.consent.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-max-age: 86400
x-cloud-trace-context: 73b032d03eaac26a5789ef0c4d57f830
date: Sun, 15 Jan 2023 20:28:31 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/VJA41Da9_CE

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bcab1be2e8e19cb953dcb55a3b6257b3
a73016d37dfa8d8e9dd10fb0a899b1e56c4bf112
b94fb659c86728b28e3cc33c321a52c33703b7f1dd3c3622337b7496a1315caf

HTTP Headers

POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

uct.service.usercentrics.eu/uct?v=1&sid=uZ6Kykx5J&t=1&abv=&r=https%3A%2F%2Fhh.ermoeglicher.de%2Faktuell%2Fcorona-virus-infos-fuer-unternehmen%2F&cb=1673814512116

34.95.108.180

200 OK

35 B

URL HTTP/2
uct.service.usercentrics.eu/uct?v=1&sid=uZ6Kykx5J&t=1&abv=&r=https%3A%2F%2Fhh.ermoeglicher.de%2Faktuell%2Fcorona-virus-infos-fuer-unternehmen%2F&cb=1673814512116
IP
34.95.108.180:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /uct?v=1&sid=uZ6Kykx5J&t=1&abv=&r=https%3A%2F%2Fhh.ermoeglicher.de%2Faktuell%2Fcorona-virus-infos-fuer-unternehmen%2F&cb=1673814512116 HTTP/1.1
Host: uct.service.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-store
content-type: image/gif
function-execution-id: 5nasklrkvtjq
x-powered-by: Express
x-cloud-trace-context: f48ab37981def60676b32b2e9ee1331f
date: Sun, 15 Jan 2023 20:28:31 GMT
server: Google Frontend
content-length: 35
via: 1.1 google
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
73727743b2dbbecd5f9857c5611a2606
63e22ec6acf2e42a7faccd472f9db73195f76c99
f7be7ba281e89bcd3d97b15ac364a15f73e65cd182110cbae9b07aa6164094ad

HTTP Headers

POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

consent-api.service.consent.usercentrics.eu/consent/uw/1

35.201.111.240

201 Created

0 B

URL HTTP/2
consent-api.service.consent.usercentrics.eu/consent/uw/1
IP
35.201.111.240:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /consent/uw/1 HTTP/1.1
Host: consent-api.service.consent.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 5004c0bc-7327-40eb-b456-b2af3e16c97d
Origin: https://hh.ermoeglicher.de
Content-Length: 611
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 201 Created
vary: Origin
access-control-allow-origin: *
x-cloud-trace-context: 7fb092fa2915a560e9ae68196d0d7fb0
date: Sun, 15 Jan 2023 20:28:31 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e084f532cbbfb0da739b8a8a70da3f32
a3587d59bd8a5635b74d99cd1154ef26b7fbbf45
687e41e57d57ab21f12faa30436d95f9113b72d3a14371602bff01788baa1181

HTTP Headers

POST /s/gts1d4/yQ_v2YqKKtg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6981
Expires: Sun, 15 Jan 2023 22:24:53 GMT
Date: Sun, 15 Jan 2023 20:28:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6981
Expires: Sun, 15 Jan 2023 22:24:53 GMT
Date: Sun, 15 Jan 2023 20:28:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6981
Expires: Sun, 15 Jan 2023 22:24:53 GMT
Date: Sun, 15 Jan 2023 20:28:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9801 bytes)
Hash
74ac30be02dee9dcfeee79a7dc54edff
1368d81de22ea2e4054a3e1a8f01ef337c63e35b
8abc2f276906dfb9ce75c2526d2c2cfa6aea6dbe13f4046de1040cd611cbbc1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9801
x-amzn-requestid: 39d84a20-55f7-4b7c-abc4-9ac1ff100da9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqSkoGCZoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0caea-4f7a1cf676335cc83018dc51;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 03:07:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUFicgD94yxyZhMtQm-aYS-QpZXn07rLRBhnBLMTIQh6qHKOX_LRFg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 03:30:55 GMT
age: 61057
etag: "1368d81de22ea2e4054a3e1a8f01ef337c63e35b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd45fb-ae78-4593-88df-aa9d625197e7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10558 bytes)
Hash
6f82c507da28e1b4557ea7f2bdf0f7fc
4be269ad35497a42bf7fce03d711ddf9496abbb4
f51879b87cb99b4883f320fe4abe44032968c42e32b88dc5f788b40ddc6494db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd45fb-ae78-4593-88df-aa9d625197e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10558
x-amzn-requestid: ff08c622-f06b-45ad-acbe-1f7b99ef4996
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewdALF9BIAMFX1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c34200-22ce17b369e4542f7dac153d;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 00:00:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cIpnZDNTTM7-pclfJ7OfiBlh3MDEPNLG8-YAO3Rhs2Rb_KrxkFZ8ug==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 07:17:32 GMT
age: 47460
etag: "4be269ad35497a42bf7fce03d711ddf9496abbb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4981 bytes)
Hash
5c609c89120eef87bbdd0d8ee5ee18f9
be8e369be0ccc707b904546798aacc9afe413cfa
feaa9f41b45aaa71d87008fe3112bc09e41cf6c2c500b4bc1adc125c7c82eee1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4981
x-amzn-requestid: b38d8240-7f85-4fd6-845b-54ddc6da7521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewH9tHxWoAMFTQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c32057-657c5e342a66713b0f5f8f0b;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XFRrdpdDYEyYq9lFI99gf2mrKB2VRbNmAwbMN9c3wJlbBbc9UTTiaQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:51:43 GMT
age: 81409
etag: "be8e369be0ccc707b904546798aacc9afe413cfa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5495 bytes)
Hash
90fc5463f271bab652af099cb526f189
805c27d8f82a5eb6583814313c36f5e7699408e5
749dca33aa337b494fb113896bf035bc9dcb17068ecffdf30fc5ac85a4ac5185

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5495
x-amzn-requestid: d76b8f1d-37a2-47ac-9acf-1b0a44a4a5fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqsroF62IAMF-mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0f4b0-67700bfd11f1ad5d0aaab92d;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 06:05:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KrCFIa2Dpbas7vvk8nttLRG7HaQ8bEgVmqZUZtlGhdSeV8igH3FLpg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 14:12:40 GMT
age: 22552
etag: "805c27d8f82a5eb6583814313c36f5e7699408e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6658 bytes)
Hash
3c8e4b9f12af5bbc6b743aeae4dfc55a
97f874ba034be152dfecd90e4996c928aa268950
bfc0ef4f4d13b729a3a38efbb04d2c58e6b05bbc2bd3492611c0fc26457d1dec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6658
x-amzn-requestid: 4a356eaa-4717-410c-af86-5d3770f0cf7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniyVExqoAMFWkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb1a8-05a4e869449e4d730a5dd438;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:07:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ad0MftSuAjk104dN-xxd3cDy9vUH4noA3fBbte6XySSR7_Vnqc5I7A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 07:17:10 GMT
age: 47482
etag: "97f874ba034be152dfecd90e4996c928aa268950"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9539 bytes)
Hash
a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 33735807-3403-41ee-a488-a3f25f9b12d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewX9XFvoIAMFzMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c339ee-65def8747314ecb63b000a4c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:25:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7ds4KRTpC9H3aDH6fAS0S5W8kONOlSxK7bU2Rzr1d_24GytaZLRTsQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 12:46:14 GMT
age: 27738
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/global.9152f8640b6c.css

185.32.80.72

200 OK

0 B

URL HTTP/2
hh.ermoeglicher.de/static/global.9152f8640b6c.css
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/global.9152f8640b6c.css HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: text/css
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
vary: Accept-Encoding
etag: W/"636d1248-1f93e"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/bundle.9a675619016f.js

185.32.80.72

200 OK

0 B

URL HTTP/2
hh.ermoeglicher.de/static/bundle.9a675619016f.js
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/bundle.9a675619016f.js HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
vary: Accept-Encoding
etag: W/"636d1248-16304"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

graphql.usercentrics.eu/graphql

34.120.238.166

200 OK

0 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 4a419954-bf6c-49c2-928e-33aa1de6c136
Origin: https://hh.ermoeglicher.de
Content-Length: 1997
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 15 Jan 2023 20:28:31 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"169-LdX2+Gty544Sz4bwmXBZqmRGJyo"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/

185.32.80.72

404 Not Found

0 B

URL HTTP/2
hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

HTTP Headers

GET /aktuell/corona-virus-infos-fuer-unternehmen/ HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: text/html; charset=utf-8
x-frame-options: DENY
vary: Accept-Encoding, Accept-Language, Origin, Cookie
content-language: en
x-content-type-options: nosniff
referrer-policy: same-origin
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML