| hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/ | 185.32.80.72 | 301 Moved Permanently | 169 B |
URL HTTP/1.1hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/ IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashe2b2d66924b5bad7a8faa2c59f643055 a77ad5a69799f61612679c19cb2f3bf8e876c397 956e4fc6180dc45eb50c4e4071e0a2c90c871317dd63477e6b0ea6810b71dd14
NIDS | Severity | Alert | suricata | medium | ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2 |
GET /aktuell/corona-virus-infos-fuer-unternehmen/ HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.19.3
Date: Sun, 15 Jan 2023 20:28:29 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2258cd6b877a3aca8f4c84074e65ac4b 4e46c70941f8e497e8afc8d078644e7f81761a1c faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19407
Expires: Mon, 16 Jan 2023 01:51:56 GMT
Date: Sun, 15 Jan 2023 20:28:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash0643dc6b6fed33b3537160b6bb77bcbf aa43bd1fbb30d2219f3285c1ee4991ffb33562c5 f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Sun, 15 Jan 2023 21:29:38 GMT
Date: Sun, 15 Jan 2023 20:28:29 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 19:49:06 GMT
content-type: application/json
age: 2363
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd6e2abd68203014e8e24d4a9e20e980a 5edbbb1a36083d5077b90b82e7aa10049e90c5d6 88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18288
Expires: Mon, 16 Jan 2023 01:33:17 GMT
Date: Sun, 15 Jan 2023 20:28:29 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JFaCr3KhyLwCc7BZtbZcB6v7xLe6uZLAwiO57GWG8aiP71mpgOpGAznrueA474J4CJ9DtqZgUgBsfYsJKjnASA==
x-amz-request-id: FY2Q5K1S4CEC8Q0B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 19:55:29 GMT
age: 1980
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/BBBank_Logo_HH_Std_RGB_cXPBNkZ.original.png | 185.32.80.72 | 200 OK | 42 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/BBBank_Logo_HH_Std_RGB_cXPBNkZ.original.png IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typePNG image data, 645 x 209, 8-bit/color RGBA, non-interlaced\012- data Hash40abb1097870ddd6fa07a276d85ca797 bfef1f7b5372d97218a2d4e81377a73c95a5bb06 6d68574d3214a519e25200b491f2f2aeb59a7c62a8d72c280bb6742a3b724b5c
GET /media/images/BBBank_Logo_HH_Std_RGB_cXPBNkZ.original.png HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/png
content-length: 42296
last-modified: Fri, 20 May 2022 11:53:17 GMT
etag: "6287812d-a538"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/glightbox/dist/css/glightbox.min.css | 151.101.193.229 | 200 OK | 2.6 kB |
URL HTTP/2cdn.jsdelivr.net/npm/glightbox/dist/css/glightbox.min.css IP151.101.193.229:0
File typeASCII text, with very long lines (13749), with no line terminators Hash5cbdaec6157ee3ce220b1fd336fd6ec3 2c16bb574fb829de58db438b82b83ef9c049da61 7dcf3f432d6c4b69808d8df5b9d5820e80e9805ab6b9bd38f4bbe9337c336831
GET /npm/glightbox/dist/css/glightbox.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.2.0
x-jsd-version-type: version
etag: W/"35b5-O1t5BPT0vPVZWcLs71CCG9kRACE"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 15 Jan 2023 20:28:30 GMT
age: 22947
x-served-by: cache-fra-eddf8230097-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2565
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/LP_-_Grunden.menu.original.menu.original.jpg | 185.32.80.72 | 200 OK | 14 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/LP_-_Grunden.menu.original.menu.original.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data Hash7a327ec08384cdda963f7673cefc7d28 19d976ab5b812694c6c5ffac05a6bc746e882373 92babc3cb03ec40b47fa6fd57efca2e1f2a6e6b0e3f884226e5917a1e10970ac
GET /media/images/LP_-_Grunden.menu.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 14050
last-modified: Thu, 18 Feb 2021 19:16:50 GMT
etag: "602ebd22-36e2"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/LP_-_Nachfolge.menu.original.original.jpg | 185.32.80.72 | 200 OK | 19 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/LP_-_Nachfolge.menu.original.original.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data Hash21cb4cffa348d432abc9bd338e8e574b 734b4ae2b1e8cff06381c2f600c7bbc737ed8d10 faedcfea79985c957562aaeb01d8c0fa1cb07ea20deeade22151bc57a6ba0967
GET /media/images/LP_-_Nachfolge.menu.original.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 19338
last-modified: Thu, 18 Feb 2021 19:16:27 GMT
etag: "602ebd0b-4b8a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/LP_-_Wachsen.menu.original.original.jpg | 185.32.80.72 | 200 OK | 21 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/LP_-_Wachsen.menu.original.original.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data Hashf239c03c1a37d6c56e8093c5be372eae 04a6fc74c3bf0aa2177f6d28bb38fa7a561d2bc9 e639722bca836830c57854b97b5851df9b4a180185b3c214e05b0d66dc25c631
GET /media/images/LP_-_Wachsen.menu.original.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 21148
last-modified: Thu, 18 Feb 2021 19:16:08 GMT
etag: "602ebcf8-529c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/LP_-_Stabilisieren.menu.original.original.jpg | 185.32.80.72 | 200 OK | 19 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/LP_-_Stabilisieren.menu.original.original.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data Hash27ca43ec8839ff67ccb0140536965edb a6d16a0da774077fd51a18f30da6156f99069b44 b3ccab537d2c1cda8931b8dd61afc6f3e97daf52df79d527bacd510d6c186600
GET /media/images/LP_-_Stabilisieren.menu.original.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 18955
last-modified: Thu, 18 Feb 2021 19:16:51 GMT
etag: "602ebd23-4a0b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/LP_-_Banken.original.menu.original.jpg | 185.32.80.72 | 200 OK | 13 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/LP_-_Banken.original.menu.original.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data Hash6d067840cde72a943d34df45ce053ebb b894cdb02219df54af0233e4fdeab04c93cedce2 0e915ca44e8cfe965a2cd51fcb09068fa1632b1edd4d6f09d472e02889e5eb02
GET /media/images/LP_-_Banken.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 13372
last-modified: Thu, 18 Feb 2021 19:16:30 GMT
etag: "602ebd0e-343c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/LP_-_Leasing.original.menu.original.jpg | 185.32.80.72 | 200 OK | 15 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/LP_-_Leasing.original.menu.original.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data Hash8c39d2e91cd07f304655fb25bd7f9177 b80d6e3ee14aff51b1ba2f8f85f827546bded120 bf97b9bee19f63670ea5e1d7d4bb0e2cf797a8ef28e334c66022622d5762daf9
GET /media/images/LP_-_Leasing.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 14934
last-modified: Thu, 18 Feb 2021 19:16:54 GMT
etag: "602ebd26-3a56"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/LP_-_Beratende_Berufe_ZXZD6OJ.original.menu.original.jpg | 185.32.80.72 | 200 OK | 18 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/LP_-_Beratende_Berufe_ZXZD6OJ.original.menu.original.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data Hashd5e43465a9e9dfff6b90eb7ed92f2a36 a36ec77e2868bb89aad9a9884670f7aa8f058f20 a052db4870c84876c18ebca8672e1c5e8c23f9de951debfe721f70e2461024ba
GET /media/images/LP_-_Beratende_Berufe_ZXZD6OJ.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 18305
last-modified: Thu, 18 Feb 2021 19:16:31 GMT
etag: "602ebd0f-4781"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/LP_-_KammernVerbande.original.menu.original.jpg | 185.32.80.72 | 200 OK | 16 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/LP_-_KammernVerbande.original.menu.original.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data Hash03c25d2096c298bd4672ff78963d3414 f0f0ca8de4b6775b09528b089096948281932e05 41b9ccb6881f9f99c6c34788bb633941a959adcbe292306907f2d1bdc520282f
GET /media/images/LP_-_KammernVerbande.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 15543
last-modified: Thu, 18 Feb 2021 19:16:39 GMT
etag: "602ebd17-3cb7"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/uber_uns.menu.width-501.jpg | 185.32.80.72 | 200 OK | 24 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/uber_uns.menu.width-501.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 449x300, components 3\012- data Hash1d23f8d330f4f36af71a2e4cbd043521 3d5bb9b5216bad8f2c4183bc5615b2c1d47e41f5 7f53e501dd588ba5b0e392881abd19cb2138089830ef6286aa65a7d925217f20
GET /media/images/uber_uns.menu.width-501.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 24327
last-modified: Thu, 18 Feb 2021 19:17:02 GMT
etag: "602ebd2e-5f07"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/Logo_VDB.width-150.jpg | 185.32.80.72 | 200 OK | 3.6 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/Logo_VDB.width-150.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x53, components 3\012- data Hash5b5704e54381e6e1ff3493d516ff0e22 95ba58cc2c325d183a831b36bab7fece0a13e37c 1e071354e54d5e427622debd7bbd7f7f72cd8997eff10f84cf5f8e5bbe2bc059
GET /media/images/Logo_VDB.width-150.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 3582
last-modified: Wed, 13 Apr 2022 09:48:31 GMT
etag: "62569c6f-dfe"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/BTG_Logo_4c_300dpi_CMYK.jpg.width-150.jpg | 185.32.80.72 | 200 OK | 3.3 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/BTG_Logo_4c_300dpi_CMYK.jpg.width-150.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x35, components 3\012- data Hash7a071f9c7cb9bb1864257db1ea098e9c 2f45c3da199b72f6d3d47735ba5753be00b061c3 cdcdba161ccee161ccd4deff370978f82e5734c51414a55a16a510ed1886fc2f
GET /media/images/BTG_Logo_4c_300dpi_CMYK.jpg.width-150.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 3278
last-modified: Tue, 19 Oct 2021 11:28:30 GMT
etag: "616eabde-cce"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/media/images/logo_VDBS.width-150.jpg | 185.32.80.72 | 200 OK | 3.1 kB |
URL HTTP/2hh.ermoeglicher.de/media/images/logo_VDBS.width-150.jpg IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x53, components 3\012- data Hash59f97bdb34ea15e8bb9599177258d8ad 53529387a510bb9cee7f5086c88791dd63c776bb e59a8a71978bd900408403ffc5b195e5a69d5c2b23247e7c48487ae304d46fbb
GET /media/images/logo_VDBS.width-150.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/jpeg
content-length: 3084
last-modified: Thu, 18 Feb 2021 19:15:57 GMT
etag: "602ebced-c0c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 | 104.18.20.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP104.18.20.226:0
Hash92e7e87a11ebb917358deaca26fe7371 ebfe61819f209f5f1a657a9aac5fc237d4907239 571bf919415a02f9bfd1f355447cdc5880c22f51c6ee7eec4c0f3dc06268498c
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 20:28:30 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "AEA522DDB0DC1D849F9E1E55082E9B4ABEEC51F1"
Expires: Mon, 16 Jan 2023 07:00:00 GMT
Last-Modified: Sun, 15 Jan 2023 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2114
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a15bb1ee4f0b3d-OSL
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hasha813a061a05c54b0097af9696d4bcb2e 6a7c9a8587f67a9202d2220c8ab12dd283df0e54 be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtm.js?id=GTM-K7NF7RM | 142.250.74.168 | 200 OK | 45 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-K7NF7RM IP142.250.74.168:0
File typeASCII text, with very long lines (1921) Hash5e83cfe169a7356031567a9e953376c9 db9495e63bac69ceefd9b05a9c20a4559c1edfd7 7c14ab3621a521775ebeb028cc85fd7d460a5b400eeebef77bb844b72b31f96a
GET /gtm.js?id=GTM-K7NF7RM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 15 Jan 2023 20:28:30 GMT
expires: Sun, 15 Jan 2023 20:28:30 GMT
cache-control: private, max-age=900
last-modified: Sun, 15 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hasha813a061a05c54b0097af9696d4bcb2e 6a7c9a8587f67a9202d2220c8ab12dd283df0e54 be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 20:17:25 GMT
age: 665
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/static/fonts/brandon_grotesque_700_woff2.ce87f4e0d168 | 185.32.80.72 | 200 OK | 28 kB |
URL HTTP/2hh.ermoeglicher.de/static/fonts/brandon_grotesque_700_woff2.ce87f4e0d168 IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeWeb Open Font Format (Version 2), TrueType, length 27712, version 1.0\012- data Hashce87f4e0d16868acaa3a5f4d894e9c29 b0b82fa20adb7c495172f8345f0ef0a64d2f815e fc19e2d873270cfa3ce69c2345fac36b8ab1b0fe2cd8983f0946a8c180f236b3
GET /static/fonts/brandon_grotesque_700_woff2.ce87f4e0d168 HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: application/octet-stream
content-length: 27712
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-6c40"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/static/fonts/kepler_std_display_300_woff2.d7777fb08538 | 185.32.80.72 | 200 OK | 122 kB |
URL HTTP/2hh.ermoeglicher.de/static/fonts/kepler_std_display_300_woff2.d7777fb08538 IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeWeb Open Font Format (Version 2), CFF, length 121700, version 1.0\012- data Size122 kB (121700 bytes) Hashd7777fb085385076c168a632ce66d0db eb5d37d9bc35971f7985ed629313d7db2eb82faa 1b3d70a7c4ab337b8d5169a9d97a1470a873f2784db40a71d8785d56a0755169
GET /static/fonts/kepler_std_display_300_woff2.d7777fb08538 HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: application/octet-stream
content-length: 121700
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-1db64"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/static/fonts/brandon_grotesque_400_woff2.6c288957e1ea | 185.32.80.72 | 200 OK | 27 kB |
URL HTTP/2hh.ermoeglicher.de/static/fonts/brandon_grotesque_400_woff2.6c288957e1ea IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typeWeb Open Font Format (Version 2), TrueType, length 26888, version 1.0\012- data Hash6c288957e1ea69636d76b434a53c65ef b8e0e2074136f3b167567d532312cc0f838bdf5f c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc
GET /static/fonts/brandon_grotesque_400_woff2.6c288957e1ea HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: application/octet-stream
content-length: 26888
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-6908"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/static/favicon/android-icon-192x192.81d35b4070d5.png | 185.32.80.72 | 200 OK | 11 kB |
URL HTTP/2hh.ermoeglicher.de/static/favicon/android-icon-192x192.81d35b4070d5.png IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hash81d35b4070d5ca7cab633d4afa2b6caa 539607d5bdfc64abe737441eac56da7291daf035 1b1524524710bc83e55dc7a0364026bb3c8ff626b5060c12b79c8e8ed7a15dc5
GET /static/favicon/android-icon-192x192.81d35b4070d5.png HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/png
content-length: 10725
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-29e5"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/static/favicon/favicon-16x16.be21cb3b89b3.png | 185.32.80.72 | 200 OK | 1.3 kB |
URL HTTP/2hh.ermoeglicher.de/static/favicon/favicon-16x16.be21cb3b89b3.png IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data Hashbe21cb3b89b375c8cf1c26700c920a90 fdb53b2246d0ccaeb65c266cbcba530121b2faf2 004833817ed711d71f0fcab9316993118e48534ce41ad57ef336c4303d0e6e16
GET /static/favicon/favicon-16x16.be21cb3b89b3.png HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: image/png
content-length: 1310
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-51e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashe5f9cfd32ba0e755eba2eba2bca5bc3c 012c01ac7a06da9f57e0e1c24658a4bd40e82518 ffd7fc715a11f6579f953c2f0f65128000733620fcc777cd0a4c5bb895c64ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6243
Cache-Control: max-age=138139
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:30 GMT
Etag: "63c3c226-1d7"
Expires: Tue, 17 Jan 2023 10:50:49 GMT
Last-Modified: Sun, 15 Jan 2023 09:06:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/s/gts1d4/jEa5WN7607o | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/jEa5WN7607o IP216.58.211.3:0
Hash20553ea3e0e45eee180dcfe711c199ca 75915ff0cd713b112c79fb425f1bc2fd54a569b3 c6f6e48bf52126eab1b7a0fcbbd8285d9930a86b84c71ab17cb70f1533abe6f4
POST /s/gts1d4/jEa5WN7607o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| app.usercentrics.eu/browser-ui/latest/loader.js | 35.190.14.188 | 200 OK | 21 kB |
URL HTTP/2app.usercentrics.eu/browser-ui/latest/loader.js IP35.190.14.188:0
File typeUnicode text, UTF-8 text, with very long lines (63068) Hashc665b569bbe04be9338583c20d162234 9570872fe37d8a740152c2c76e3a6fdd5e449248 24b3e37410b6781d5b30aca7595e5dd2eb95d741330f30b6c8902e8166964ad0
GET /browser-ui/latest/loader.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtMjmZLP0R88OVoj__Re5NULt1U-AbhLO468lzpvZiHCzJ6wkJoBTKe_eXFxsexdUw604UqrWOCyTQpT22HiyYEENsbtiuW
x-goog-generation: 1673270178845255
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 21129
content-encoding: gzip
x-goog-hash: crc32c=hnNeow==, md5=xmW1abvgS+kzhYPCDRYiNA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 21129
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
server: UploadServer
date: Sun, 15 Jan 2023 19:44:59 GMT
expires: Sun, 15 Jan 2023 20:44:59 GMT
cache-control: public, max-age=3600, no-transform
age: 2612
last-modified: Mon, 09 Jan 2023 13:16:18 GMT
etag: "c665b569bbe04be9338583c20d162234"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/jEa5WN7607o | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/jEa5WN7607o IP216.58.211.3:0
Hash20553ea3e0e45eee180dcfe711c199ca 75915ff0cd713b112c79fb425f1bc2fd54a569b3 c6f6e48bf52126eab1b7a0fcbbd8285d9930a86b84c71ab17cb70f1533abe6f4
POST /s/gts1d4/jEa5WN7607o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 34.210.191.84 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.210.191.84:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6Mpad1TVzjNTN7cyavttuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oq8r/kURLmwtqUAsXDtdaaUBY+w=
|
|
| ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig IP216.58.211.3:0
Hashfbc13b8b7962819ec34cf3e7413ef6c9 f5cf13a1c06d94ad809fca8fc8a296e504951e6a 37287a4ff846ab9b5dc8d7f1479ccbd5562821db466afe233baab0852ad8f4f6
POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig IP216.58.211.3:0
Hashfbc13b8b7962819ec34cf3e7413ef6c9 f5cf13a1c06d94ad809fca8fc8a296e504951e6a 37287a4ff846ab9b5dc8d7f1479ccbd5562821db466afe233baab0852ad8f4f6
POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json | 35.241.3.184 | 200 OK | 0 B |
URL HTTP/2api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json IP35.241.3.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /settings/uZ6Kykx5J/latest/languages.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduLz0cZAMN1OB0m6GtC6Mgil9aPfdl142NG2doYNnWhw7SNkN5UCrbKwcY5uilnxavX_p0fHXIOjgBVbwuIFBes0g
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Sun, 15 Jan 2023 20:28:31 GMT
expires: Sun, 15 Jan 2023 20:28:31 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json | 35.241.3.184 | 200 OK | 67 B |
URL HTTP/2api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json IP35.241.3.184:0
File typeJSON data\012- , ASCII text, with no line terminators Hashda13a9b5363ff28c20e52e67131f24fd 1d9f99b1ae654913e9d23a6477c477b7ce924292 86b7be6c42bfb970e332b5d92083dd6370cf0774eedcff50d97a8f689431b1ca
GET /settings/uZ6Kykx5J/latest/languages.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsNEB_uDBNmMsDLhhW-5xnJKJtKKlaJszGKjs8_x7Hg82XUYe6jAIXXO5wsDno12vRjG5nLmBdIndh1RxmwfbkGbw
x-goog-generation: 1673598844215167
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 67
content-encoding: gzip
x-goog-hash: crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 67
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Sun, 15 Jan 2023 20:28:31 GMT
expires: Sun, 15 Jan 2023 20:28:41 GMT
cache-control: public, max-age=1800, s-maxage=10
last-modified: Fri, 13 Jan 2023 08:34:04 GMT
etag: "da13a9b5363ff28c20e52e67131f24fd"
content-type: application/json
age: 0
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig IP216.58.211.3:0
Hashfbc13b8b7962819ec34cf3e7413ef6c9 f5cf13a1c06d94ad809fca8fc8a296e504951e6a 37287a4ff846ab9b5dc8d7f1479ccbd5562821db466afe233baab0852ad8f4f6
POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json | 35.241.3.184 | 200 OK | 0 B |
URL HTTP/2api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json IP35.241.3.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /settings/uZ6Kykx5J/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtsmvqIeG58IN7e87YukIpuBmLJh3nbGUXJQgDpIM182An-w7wKsA3LN97QoIH_H42e1yQtkqAbIt9NHXQMBPZNzlxWgIdb
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Sun, 15 Jan 2023 20:28:31 GMT
expires: Sun, 15 Jan 2023 20:28:31 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json | 35.241.3.184 | 200 OK | 15 kB |
URL HTTP/2api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json IP35.241.3.184:0
File typeJSON data\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash758da89da5dcf9dfb65d2a77213b6402 77d9799ebf601d88ecbdc0da8bf95af90005b069 025c7b5b296356f578464dc2c219072565a791ca7a4e860b6e014531bf2d3c4f
GET /settings/uZ6Kykx5J/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsjY2Ak3GQHkLrv-ivsSNUk_j84WHTeVr8VwgGtdGY_nt-JytJJDJQkZClo1TqflYqNJxHBdsH8I6Do50XL7zRv98_ZWzcA
vary: Accept-Encoding
x-goog-generation: 1673598844205366
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 15078
content-encoding: gzip
x-goog-hash: crc32c=Xt6yZA==, md5=dY2onaXc+d+2XSp3ITtkAg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 15078
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Sun, 15 Jan 2023 20:28:31 GMT
expires: Sun, 15 Jan 2023 20:28:41 GMT
cache-control: public, max-age=1800, s-maxage=10
last-modified: Fri, 13 Jan 2023 08:34:04 GMT
etag: "758da89da5dcf9dfb65d2a77213b6402"
content-type: application/json
age: 0
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.usercentrics.eu/translations/translations-de.json | 35.241.3.184 | 200 OK | 0 B |
URL HTTP/2api.usercentrics.eu/translations/translations-de.json IP35.241.3.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /translations/translations-de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvKwXbIbDrbskJIZsoRPmsZW7ce6Xj6NMpX73Huh7DJGxtG2jxxRqtDuSKZNleoCN38fjj5sQIV6f7TRK5xVlULGmjywX0Y
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Sun, 15 Jan 2023 20:28:31 GMT
expires: Sun, 15 Jan 2023 20:28:31 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/VJA41Da9_CE | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/VJA41Da9_CE IP216.58.211.3:0
Hashbcab1be2e8e19cb953dcb55a3b6257b3 a73016d37dfa8d8e9dd10fb0a899b1e56c4bf112 b94fb659c86728b28e3cc33c321a52c33703b7f1dd3c3622337b7496a1315caf
POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/VJA41Da9_CE | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/VJA41Da9_CE IP216.58.211.3:0
Hashbcab1be2e8e19cb953dcb55a3b6257b3 a73016d37dfa8d8e9dd10fb0a899b1e56c4bf112 b94fb659c86728b28e3cc33c321a52c33703b7f1dd3c3622337b7496a1315caf
POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8 | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8 IP216.58.211.3:0
Hash73727743b2dbbecd5f9857c5611a2606 63e22ec6acf2e42a7faccd472f9db73195f76c99 f7be7ba281e89bcd3d97b15ac364a15f73e65cd182110cbae9b07aa6164094ad
POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8 | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8 IP216.58.211.3:0
Hash73727743b2dbbecd5f9857c5611a2606 63e22ec6acf2e42a7faccd472f9db73195f76c99 f7be7ba281e89bcd3d97b15ac364a15f73e65cd182110cbae9b07aa6164094ad
POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| graphql.usercentrics.eu/graphql | 34.120.238.166 | 204 No Content | 0 B |
URL HTTP/2graphql.usercentrics.eu/graphql IP34.120.238.166:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 15 Jan 2023 20:28:31 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg IP216.58.211.3:0
Hashe084f532cbbfb0da739b8a8a70da3f32 a3587d59bd8a5635b74d99cd1154ef26b7fbbf45 687e41e57d57ab21f12faa30436d95f9113b72d3a14371602bff01788baa1181
POST /s/gts1d4/yQ_v2YqKKtg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| consent-api.service.consent.usercentrics.eu/consent/uw/1 | 35.201.111.240 | 204 No Content | 0 B |
URL HTTP/2consent-api.service.consent.usercentrics.eu/consent/uw/1 IP35.201.111.240:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/uw/1 HTTP/1.1
Host: consent-api.service.consent.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-max-age: 86400
x-cloud-trace-context: 73b032d03eaac26a5789ef0c4d57f830
date: Sun, 15 Jan 2023 20:28:31 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/VJA41Da9_CE | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/VJA41Da9_CE IP216.58.211.3:0
Hashbcab1be2e8e19cb953dcb55a3b6257b3 a73016d37dfa8d8e9dd10fb0a899b1e56c4bf112 b94fb659c86728b28e3cc33c321a52c33703b7f1dd3c3622337b7496a1315caf
POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| uct.service.usercentrics.eu/uct?v=1&sid=uZ6Kykx5J&t=1&abv=&r=https%3A%2F%2Fhh.ermoeglicher.de%2Faktuell%2Fcorona-virus-infos-fuer-unternehmen%2F&cb=1673814512116 | 34.95.108.180 | 200 OK | 35 B |
URL HTTP/2uct.service.usercentrics.eu/uct?v=1&sid=uZ6Kykx5J&t=1&abv=&r=https%3A%2F%2Fhh.ermoeglicher.de%2Faktuell%2Fcorona-virus-infos-fuer-unternehmen%2F&cb=1673814512116 IP34.95.108.180:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /uct?v=1&sid=uZ6Kykx5J&t=1&abv=&r=https%3A%2F%2Fhh.ermoeglicher.de%2Faktuell%2Fcorona-virus-infos-fuer-unternehmen%2F&cb=1673814512116 HTTP/1.1
Host: uct.service.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-store
content-type: image/gif
function-execution-id: 5nasklrkvtjq
x-powered-by: Express
x-cloud-trace-context: f48ab37981def60676b32b2e9ee1331f
date: Sun, 15 Jan 2023 20:28:31 GMT
server: Google Frontend
content-length: 35
via: 1.1 google
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8 | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8 IP216.58.211.3:0
Hash73727743b2dbbecd5f9857c5611a2606 63e22ec6acf2e42a7faccd472f9db73195f76c99 f7be7ba281e89bcd3d97b15ac364a15f73e65cd182110cbae9b07aa6164094ad
POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| consent-api.service.consent.usercentrics.eu/consent/uw/1 | 35.201.111.240 | 201 Created | 0 B |
URL HTTP/2consent-api.service.consent.usercentrics.eu/consent/uw/1 IP35.201.111.240:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /consent/uw/1 HTTP/1.1
Host: consent-api.service.consent.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 5004c0bc-7327-40eb-b456-b2af3e16c97d
Origin: https://hh.ermoeglicher.de
Content-Length: 611
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
vary: Origin
access-control-allow-origin: *
x-cloud-trace-context: 7fb092fa2915a560e9ae68196d0d7fb0
date: Sun, 15 Jan 2023 20:28:31 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg IP216.58.211.3:0
Hashe084f532cbbfb0da739b8a8a70da3f32 a3587d59bd8a5635b74d99cd1154ef26b7fbbf45 687e41e57d57ab21f12faa30436d95f9113b72d3a14371602bff01788baa1181
POST /s/gts1d4/yQ_v2YqKKtg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 20:28:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6981
Expires: Sun, 15 Jan 2023 22:24:53 GMT
Date: Sun, 15 Jan 2023 20:28:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6981
Expires: Sun, 15 Jan 2023 22:24:53 GMT
Date: Sun, 15 Jan 2023 20:28:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6981
Expires: Sun, 15 Jan 2023 22:24:53 GMT
Date: Sun, 15 Jan 2023 20:28:32 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash74ac30be02dee9dcfeee79a7dc54edff 1368d81de22ea2e4054a3e1a8f01ef337c63e35b 8abc2f276906dfb9ce75c2526d2c2cfa6aea6dbe13f4046de1040cd611cbbc1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9801
x-amzn-requestid: 39d84a20-55f7-4b7c-abc4-9ac1ff100da9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqSkoGCZoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0caea-4f7a1cf676335cc83018dc51;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 03:07:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUFicgD94yxyZhMtQm-aYS-QpZXn07rLRBhnBLMTIQh6qHKOX_LRFg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 03:30:55 GMT
age: 61057
etag: "1368d81de22ea2e4054a3e1a8f01ef337c63e35b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd45fb-ae78-4593-88df-aa9d625197e7.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd45fb-ae78-4593-88df-aa9d625197e7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6f82c507da28e1b4557ea7f2bdf0f7fc 4be269ad35497a42bf7fce03d711ddf9496abbb4 f51879b87cb99b4883f320fe4abe44032968c42e32b88dc5f788b40ddc6494db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd45fb-ae78-4593-88df-aa9d625197e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10558
x-amzn-requestid: ff08c622-f06b-45ad-acbe-1f7b99ef4996
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewdALF9BIAMFX1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c34200-22ce17b369e4542f7dac153d;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 00:00:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cIpnZDNTTM7-pclfJ7OfiBlh3MDEPNLG8-YAO3Rhs2Rb_KrxkFZ8ug==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 07:17:32 GMT
age: 47460
etag: "4be269ad35497a42bf7fce03d711ddf9496abbb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg | 34.120.237.76 | 200 OK | 5.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5c609c89120eef87bbdd0d8ee5ee18f9 be8e369be0ccc707b904546798aacc9afe413cfa feaa9f41b45aaa71d87008fe3112bc09e41cf6c2c500b4bc1adc125c7c82eee1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4981
x-amzn-requestid: b38d8240-7f85-4fd6-845b-54ddc6da7521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewH9tHxWoAMFTQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c32057-657c5e342a66713b0f5f8f0b;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XFRrdpdDYEyYq9lFI99gf2mrKB2VRbNmAwbMN9c3wJlbBbc9UTTiaQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:51:43 GMT
age: 81409
etag: "be8e369be0ccc707b904546798aacc9afe413cfa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg | 34.120.237.76 | 200 OK | 5.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash90fc5463f271bab652af099cb526f189 805c27d8f82a5eb6583814313c36f5e7699408e5 749dca33aa337b494fb113896bf035bc9dcb17068ecffdf30fc5ac85a4ac5185
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5495
x-amzn-requestid: d76b8f1d-37a2-47ac-9acf-1b0a44a4a5fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqsroF62IAMF-mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0f4b0-67700bfd11f1ad5d0aaab92d;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 06:05:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KrCFIa2Dpbas7vvk8nttLRG7HaQ8bEgVmqZUZtlGhdSeV8igH3FLpg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 14:12:40 GMT
age: 22552
etag: "805c27d8f82a5eb6583814313c36f5e7699408e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3c8e4b9f12af5bbc6b743aeae4dfc55a 97f874ba034be152dfecd90e4996c928aa268950 bfc0ef4f4d13b729a3a38efbb04d2c58e6b05bbc2bd3492611c0fc26457d1dec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6658
x-amzn-requestid: 4a356eaa-4717-410c-af86-5d3770f0cf7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniyVExqoAMFWkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb1a8-05a4e869449e4d730a5dd438;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:07:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ad0MftSuAjk104dN-xxd3cDy9vUH4noA3fBbte6XySSR7_Vnqc5I7A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 07:17:10 GMT
age: 47482
etag: "97f874ba034be152dfecd90e4996c928aa268950"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha23d61d610c7b55d943fcb2636a01b65 82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065 28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 33735807-3403-41ee-a488-a3f25f9b12d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewX9XFvoIAMFzMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c339ee-65def8747314ecb63b000a4c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:25:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7ds4KRTpC9H3aDH6fAS0S5W8kONOlSxK7bU2Rzr1d_24GytaZLRTsQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 12:46:14 GMT
age: 27738
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/static/global.9152f8640b6c.css | 185.32.80.72 | 200 OK | 0 B |
URL HTTP/2hh.ermoeglicher.de/static/global.9152f8640b6c.css IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
GET /static/global.9152f8640b6c.css HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: text/css
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
vary: Accept-Encoding
etag: W/"636d1248-1f93e"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/static/bundle.9a675619016f.js | 185.32.80.72 | 200 OK | 0 B |
URL HTTP/2hh.ermoeglicher.de/static/bundle.9a675619016f.js IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
GET /static/bundle.9a675619016f.js HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
vary: Accept-Encoding
etag: W/"636d1248-16304"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| graphql.usercentrics.eu/graphql | 34.120.238.166 | 200 OK | 0 B |
URL HTTP/2graphql.usercentrics.eu/graphql IP34.120.238.166:0
POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 4a419954-bf6c-49c2-928e-33aa1de6c136
Origin: https://hh.ermoeglicher.de
Content-Length: 1997
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 20:28:31 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"169-LdX2+Gty544Sz4bwmXBZqmRGJyo"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/ | 185.32.80.72 | 404 Not Found | 0 B |
URL HTTP/2hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/ IP185.32.80.72:0 ASN#42263 German Edge Cloud GmbH & Co. KG
NIDS | Severity | Alert | suricata | medium | ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2 |
GET /aktuell/corona-virus-infos-fuer-unternehmen/ HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx/1.19.3
date: Sun, 15 Jan 2023 20:28:30 GMT
content-type: text/html; charset=utf-8
x-frame-options: DENY
vary: Accept-Encoding, Accept-Language, Origin, Cookie
content-language: en
x-content-type-options: nosniff
referrer-policy: same-origin
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|