schmitz-rsb.de/
92.51.134.215301 Moved Permanently 162 B IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 00:06:39 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: http://www.schmitz-rsb.de/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6674
Expires: Fri, 09 Dec 2022 01:57:53 GMT
Date: Fri, 09 Dec 2022 00:06:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4748
Expires: Fri, 09 Dec 2022 01:25:47 GMT
Date: Fri, 09 Dec 2022 00:06:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 23:08:14 GMT
content-type: application/json
age: 3505
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18505
Expires: Fri, 09 Dec 2022 05:15:04 GMT
Date: Fri, 09 Dec 2022 00:06:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jRbad7tkRu37j8mEvJHEqsYbbOtd/ZWiW7SbiYvgJNUfac63JeUFs4j8/iDAzJvicyMNqT58aKb+OOY22AGkoA==
x-amz-request-id: NVJYAJKG08DWFPTW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 23:48:06 GMT
age: 1113
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.schmitz-rsb.de/
5.35.252.29301 Moved Permanently 235 B IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1f69b3b03dbf92b387c8be4878b55c72
fcaf18fdccf2ae5f92e16a902ddd2ba4a4c18ac6
56f924a4ce55debd4816fd9b8d7f9c1d228e5201ca6e842416b2da49a7092dd2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Location: https://www.schmitz-rsb.de/
Content-Length: 235
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 00:06:39 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3a95e0af943efa29a6aafbb8793d4770
0958fff52af921b29f6a8b2428202f9d940af46a
8d8528cd95f356755fa76b3901437d6aca2ee800a77aab6446efbd8d58a0a494
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D8528CD95F356755FA76B3901437D6ACA2EE800A77AAB6446EFBD8D58A0A494"
Last-Modified: Fri, 09 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Fri, 09 Dec 2022 06:05:49 GMT
Date: Fri, 09 Dec 2022 00:06:39 GMT
Connection: keep-alive
www.schmitz-rsb.de/
5.35.252.29200 OK 26 kB IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (25964), with no line terminators
Hash dcf17a9722a727d8ffeb7c818eda5d7b
ff7148ce45adfa0ede4c3d6ff27d6d0dd19f75a3
b5810bc9323b81d15d8bb47a162e999f47fc78b4a67d3cbceddb6b430764e013
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Set-Cookie: CFID=6942545; Expires=Fri, 09-Dec-2022 23:06:51 GMT; Path=/; HttpOnly
CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; Expires=Fri, 09-Dec-2022 23:06:51 GMT; Path=/; HttpOnly
CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23; Expires=Sat, 30-Nov-2052 23:06:51 GMT; Path=/; HttpOnly
http-equiv: content-type
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 23:07:55 GMT
age: 3525
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.schmitz-rsb.de/www/system/js/thickbox/thickbox.css
5.35.252.29200 OK 3.0 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/thickbox/thickbox.css
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash cee154d990b3030a078ba0e4408158af
95598111c758a3a2fb01407e44404f494d00a88e
d1c78be81dc7d84511147648c445388ea3a2aad7ac08bd5b2c1f2dc8d000a454
GET /www/system/js/thickbox/thickbox.css HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Sat, 19 Jul 2008 15:54:20 GMT
Accept-Ranges: bytes
Content-Length: 3034
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.schmitz-rsb.de/www/system/js/global.js
5.35.252.29200 OK 1.1 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/global.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 57d7d5d2d845ce187843e683541229f9
36dbead95d487224cbee66763d17dec55846f7d1
a191df776ddc0da5e9938bd562a52b650e9f5bdcc8f5dd4805dd2fe21d8ffc65
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/global.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Sat, 04 Oct 2008 13:40:06 GMT
Accept-Ranges: bytes
Content-Length: 1068
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3b6374f1d621e5ad64d520fe18dff479
58bf0de423087cc249c36824ca9413ca5ad2561c
7aa8432ed21a112a1e117c4ce80981a03231d4e2c0a8e582d52ff4521d8e15aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 642
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 00:06:40 GMT
Etag: "6392454c-117"
Last-Modified: Thu, 08 Dec 2022 23:55:59 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 279
www.schmitz-rsb.de/www/system/js/menu/dmenu.js
5.35.252.29200 OK 49 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/menu/dmenu.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (48685), with CRLF line terminators
Hash ec1ab5c06a90c24eed8f3b3a9901d7c5
6117f75bb88f7ca9aa9f6c138711cfd4325be83b
152b5af701e79f310db4081b3a427cbcacdbc54a74b3d776dd151da5556c5675
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/menu/dmenu.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Wed, 15 May 2013 10:58:08 GMT
Accept-Ranges: bytes
Content-Length: 49028
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3257
Cache-Control: max-age=122069
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 00:06:40 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:01:09 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.schmitz-rsb.de/www/system/js/tabs.js
5.35.252.29200 OK 2.7 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/tabs.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (333), with CRLF line terminators
Hash a3d73b4ef678f8bcbd4be1c0256d2485
dff677f1c6f3af26f7692f8f3c897e054a0543ad
9a8b4c5c302c398d54ad07fc2369f8d6122b003f0217e28dd9e135dd798ce9bf
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/tabs.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Wed, 01 Oct 2008 06:58:28 GMT
Accept-Ranges: bytes
Content-Length: 2740
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.schmitz-rsb.de/www/system/js/masks.js
5.35.252.29200 OK 9.0 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/masks.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 594efb6a0b70d73434517b793eefe5b3
ba0195ab7ed4f62bc4f82e0331fc2fae2327315b
7ab5d47e872f66d909dabafb6a8bc5b0b275e6a19acd0ad341ac0d2d9ce37ae1
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/masks.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Fri, 09 Sep 2005 22:01:10 GMT
Accept-Ranges: bytes
Content-Length: 9032
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.schmitz-rsb.de/www/system/js/form.js
5.35.252.29200 OK 21 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/form.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (323), with CRLF line terminators
Hash 82e3301ed3210657b32228bb1dcfdda0
f71282c8dd5ee965295dfa620dbff31fe65106ae
9041c96b7b6da1c0ac9c8dd2ba84492a1b4c1f5379420ba093f04766b41541a2
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/form.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Tue, 12 Jan 2010 10:03:13 GMT
Accept-Ranges: bytes
Content-Length: 21354
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.schmitz-rsb.de/www/system/js/tree/dtree.js
5.35.252.29200 OK 21 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/tree/dtree.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (20328), with CRLF line terminators
Hash 9ab6cc0fd53a1d71fb6ed02c12b16b5e
baab1cdaa5bd5430594fbcfd5a10e573a69641f5
6a7d61fcd737f8e2915a943ad97a87769703ee3ee46e63df2c43ba144199c1f0
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/tree/dtree.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Mon, 08 Feb 2010 11:14:06 GMT
Accept-Ranges: bytes
Content-Length: 20675
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.schmitz-rsb.de/www/system/js/jquery.js
5.35.252.29200 OK 71 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/jquery.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (565), with CRLF line terminators
Hash 943e98c3138513b8a9a33d520e394755
98b9e01b5c055ce7867a13cf19320f3f8af89119
91c05288b220f91d8c7d218fdeef308639af418ad9840ebc93ee52ddc4fd19b9
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/jquery.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Thu, 21 Jan 2010 22:23:02 GMT
Accept-Ranges: bytes
Content-Length: 71140
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.schmitz-rsb.de/www/system/js/scroll.js
5.35.252.29200 OK 3.1 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/scroll.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash e6059973b3bbc833dbd35e0632cabb2c
68eb54cd00ee94571d6dab4f1c6e0dc5e89170c6
fe45a96d53467c1bf4207791751a129373c0bd5da7651fb0cd43bdde3ae8ca33
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/scroll.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Thu, 21 Jan 2010 22:26:19 GMT
Accept-Ranges: bytes
Content-Length: 3082
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.schmitz-rsb.de/www/system/js/tabs/dtabs.js
5.35.252.29200 OK 18 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/tabs/dtabs.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (17280), with CRLF line terminators
Hash 8affb734c90c415689c751393423853d
7a2dd1cd664d7f77ea08b8a1f8091ab116ace245
f0f1934cf557f27c1a89c3d064a8b3e86be8ea47ad5316620661cc2d0fce0d82
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/tabs/dtabs.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Tue, 16 Sep 2008 07:44:14 GMT
Accept-Ranges: bytes
Content-Length: 17631
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.schmitz-rsb.de/www/system/js/chaser.js
5.35.252.29200 OK 3.2 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/chaser.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type C source, ASCII text, with CRLF line terminators
Hash 21d5ab9c5c45e928624d01ec42347d39
e079d89c609effbeb2f52c562ef2733863a92743
07c4cdd3c6c075361e4575eb6aa0776d6b8a875a560b0cd5b0b95d58040ad809
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/chaser.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Tue, 11 Mar 2008 14:26:16 GMT
Accept-Ranges: bytes
Content-Length: 3193
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.schmitz-rsb.de/www/system/js/thickbox/thickbox.js
5.35.252.29200 OK 11 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/thickbox/thickbox.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type HTML document, ASCII text, with very long lines (427), with CRLF line terminators
Hash fbaf9e5bf6ef8062153bb6689c41cdd3
aabb2a75a6e8425d7fe017c87adc92852f830da8
4e15d374c1b5039690e931ee25238aedee981bcec1c5e2b5ca6330d5394813b8
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/thickbox/thickbox.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Wed, 23 Jul 2008 11:30:32 GMT
Accept-Ranges: bytes
Content-Length: 11367
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.schmitz-rsb.de/menues/Schmitz2015v01/data_2A59913A-1517-28E0-D9748376A358AA86.js
5.35.252.29200 OK 2.7 kB URL HTTP/1.1 www.schmitz-rsb.de/menues/Schmitz2015v01/data_2A59913A-1517-28E0-D9748376A358AA86.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type ASCII text, with CRLF, LF line terminators
Hash 0c5c0bab6e083428f334ba6e01ec8a39
61ae0b35aeb86d8f29246ed5acb93d0157a3ea16
07fea86c8da8c2c787b5d61ebda4186d9a1fe83e3a9418817332e07d73df6fd7
Analyzer Verdict Alert fortinet Phishing
GET /menues/Schmitz2015v01/data_2A59913A-1517-28E0-D9748376A358AA86.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Thu, 25 Jun 2015 10:53:09 GMT
Accept-Ranges: bytes
Content-Length: 2735
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.schmitz-rsb.de/www/system/js/wz_tooltip/wz_tooltip.js
5.35.252.29200 OK 30 kB URL HTTP/1.1 www.schmitz-rsb.de/www/system/js/wz_tooltip/wz_tooltip.js
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type ISO-8859 text, with CRLF line terminators
Hash cc48cf8b43337e5c9791df35751c8e09
deac03806f1fa3502b8da11535e7e5462830f02c
7c155f5ec70f1c26c06e71f34dfc1ff73161b3367b718422c921ed1da2669a44
Analyzer Verdict Alert fortinet Phishing
GET /www/system/js/wz_tooltip/wz_tooltip.js HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Sun, 27 Jul 2008 20:46:24 GMT
Accept-Ranges: bytes
Content-Length: 29560
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.schmitz-rsb.de/layouts/Schmitz2015/img/Schmitz_Logo.png
5.35.252.29200 OK 8.5 kB URL HTTP/1.1 www.schmitz-rsb.de/layouts/Schmitz2015/img/Schmitz_Logo.png
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type PNG image data, 260 x 118, 8-bit colormap, non-interlaced\012- data
Hash 9792394339e88eb8ada38153846fb955
079981d5b6e17b25c111a88808387e5aeb91fe40
ff6239c88c6333e9d7a425e1e4d8c0d25e8aaa3355b7153aafa7f23349a1c307
GET /layouts/Schmitz2015/img/Schmitz_Logo.png HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Tue, 19 May 2015 12:03:51 GMT
Accept-Ranges: bytes
Content-Length: 8457
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.schmitz-rsb.de/layouts/Schmitz2015/img/Rosemarie_Schmitz.jpg
5.35.252.29403 Forbidden 1.0 kB URL HTTP/1.1 www.schmitz-rsb.de/layouts/Schmitz2015/img/Rosemarie_Schmitz.jpg
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6e23a1a734f3b48822f1b6cf6105353c
795f5a41d6d355bd466ec01b0c704101f4b45061
0030b008a4ca0aba47d4253fdecb8f077f5b4d0567725ada7fa7dbbed0614103
GET /layouts/Schmitz2015/img/Rosemarie_Schmitz.jpg HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 403 Forbidden
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
www.schmitz-rsb.de/img/blank.gif
5.35.252.29200 OK 49 B URL HTTP/1.1 www.schmitz-rsb.de/img/blank.gif
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash d996a4bcec3517a340592206b8a24742
8c65416ada863dbe29829b008b28dbcf85509548
b82943e25e7506f399ec1937deabda162f8c4e3dd32fab9cd5906e5aeffcf115
GET /img/blank.gif HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Tue, 16 May 2000 22:00:00 GMT
Accept-Ranges: bytes
Content-Length: 49
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
www.schmitz-rsb.de/img/upload_1651924_F378C9BE-1517-28E0-D9ADF5FDD51879DA_20150614210809.jpg
5.35.252.29200 OK 467 kB URL HTTP/1.1 www.schmitz-rsb.de/img/upload_1651924_F378C9BE-1517-28E0-D9ADF5FDD51879DA_20150614210809.jpg
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2048x1347, components 3\012- data
Size 467 kB (467358 bytes)
Hash fae63997ee70e3cdb250196a7334c1b8
9402f28aadbaf5fc7b3a27e850b0560acc9965bf
da477788745225a059f4de2739d20209f450e1b13b905ec8c40ce0034bf07cac
GET /img/upload_1651924_F378C9BE-1517-28E0-D9ADF5FDD51879DA_20150614210809.jpg HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Sun, 14 Jun 2015 19:08:08 GMT
Accept-Ranges: bytes
Content-Length: 467358
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
push.services.mozilla.com/
35.163.38.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.38.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0JbX2zE08T30lrOVYssM0A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NaPP7b7oTg60qOPRnsGse959MU4=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3132
Cache-Control: max-age=148238
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 00:06:40 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:17:18 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.schmitz-rsb.de/animated_favicon1.gif
5.35.252.29200 OK 24 kB URL HTTP/1.1 www.schmitz-rsb.de/animated_favicon1.gif
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (23976), with no line terminators
Hash 75c22121e328fdacf8ad64b4c7ef345e
733baf6c538b938864331e0f3354fc9480ba2a0c
95ece453889175444b85451de578e137d97ddd1ed8898f6d7a3a4b8870eff232
GET /animated_favicon1.gif HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:52 GMT
Server: Apache
http-equiv: content-type
Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A52%27%7D%23hitcount%3D3%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23; Expires=Sat, 30-Nov-2052 23:06:52 GMT; Path=/; HttpOnly
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
connect.facebook.net/de_DE/sdk.js
157.240.221.16200 OK 1.7 kB URL HTTP/2 connect.facebook.net/de_DE/sdk.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (1957)
Hash 9a7ac2be2eddc6bfed1649c1dd9f5b07
e75494128d51d2b7abf55c396ceb4ae14b8379c1
999c405b8bb95661cb179bc1cbd93f4335766c888368a83e89b70bbba84cdcdd
GET /de_DE/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: cbb9c91cdfbef2595f7e66e24386c659
etag: "a1b0ae126bebe823a953ab204b2ab9c0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 09 Dec 2022 00:24:47 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: mnrCvi7dxr/tFknB3Z9bBw==
x-fb-debug: 2j6D/lzzgyIeoFS5kV6QDq+78uUebrd1HHjwvabRTOnCbhu1HJ3WFZkrffWmu5LDDbAXJK0GQ5wrKFN0tTU01w==
content-length: 1685
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 00:06:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3132
Cache-Control: max-age=148238
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 00:06:40 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:17:18 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
fast.fonts.net/t/1.css?apiType=css&projectid=5bd06592-1f65-4240-8673-28954504e3e6
104.17.225.78200 OK 0 B URL HTTP/2 fast.fonts.net/t/1.css?apiType=css&projectid=5bd06592-1f65-4240-8673-28954504e3e6
IP 104.17.225.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=5bd06592-1f65-4240-8673-28954504e3e6 HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: __cf_bm=FPNRMVBalN8JebRxwsoB5LF75LybLqRnv8f5wt00i_s-1670544400-0-AbEiQGnVJfEgaBqHqawbUB3jc4YemvMhU/ZFuSe8uM+cIwN1Nt7UCJjP58NeoZm2YtKEWdar73oXnUf93taOYyA=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 00:06:40 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: MhTUYc1WzPJuLb/14NanS0dioCj6djel5GlsmsEM/1g5i2nn+6oa0gOasLZIndl9eY/QlT2g50M=
x-amz-request-id: AFVFB9CPVVM13WBA
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77697f058d4eb4f4-OSL
X-Firefox-Spdy: h2
connect.facebook.net/de_DE/sdk.js?hash=d9eb109e59ab669124cc1d989dfaf77e
157.240.221.16200 OK 88 kB URL HTTP/2 connect.facebook.net/de_DE/sdk.js?hash=d9eb109e59ab669124cc1d989dfaf77e
IP 157.240.221.16:0
File type ASCII text, with very long lines (18530)
Hash e56f364229512be8fea0a6416d9b561c
8e7873401f78eeebad66db4316204d127f5448be
da80d56e3fe5a0ae638ebda3c7410de9c109f5f325a93266ea4ba6291777d670
GET /de_DE/sdk.js?hash=d9eb109e59ab669124cc1d989dfaf77e HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.schmitz-rsb.de
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: efa8911e73113ac0de9f0fe9caadd016
etag: "9577df1c37ac46154878fdaceda9ece3"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 08 Dec 2023 23:44:54 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 5W82QilRK+j+oKZBbZtWHA==
x-fb-debug: 85IcF+oK4aJqGexaeyweq1JTpEoQKmVxhOjpcIQfzQdkzf00DvbMxdfcuk5rk0PEz5RVkGp868isAY8255hOwg==
priority: u=3,i
content-length: 88512
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 00:06:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 9339e946ac214e7f0fae26fbb0f86402
c3c21c6f12a64d96ef5e39acb895db4210d46af8
bc70f65bc29e724b208408b2856b482a1865b2756093da1fd33e83526133d00e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 00:06:41 GMT
Last-Modified: Thu, 08 Dec 2022 23:11:47 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _1cfeAzjcwHloaWpb29_BWLjKYKNhPG1JjHuKtt2eBIUveseX3oNWA==
Age: 3294
s3.amazonaws.com/valao-cloud/cookie-hinweis/light-floating.css
52.216.54.152403 Forbidden 243 B URL HTTP/1.1 s3.amazonaws.com/valao-cloud/cookie-hinweis/light-floating.css
IP 52.216.54.152:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 61e4c13b8ff0b2405226457955c782cf
61e031bd93b7439a659154d3ee937723aa965b61
8562a2d19b8b0d1c09ae76805d56d1ec82d4de0e4f18c6f572a3d024115e5bc7
GET /valao-cloud/cookie-hinweis/light-floating.css HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
x-amz-request-id: M0ZT6MENPMYKTPRB
x-amz-id-2: ks9u7dGMq4ltkLhei+OwfOFotOLd/eC+sAmO4MyIxr/fUpRB2N94fpxtJXZ0l1nPw6PgZukZS2g=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Fri, 09 Dec 2022 00:06:41 GMT
Server: AmazonS3
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3018
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Fri, 09 Dec 2022 00:06:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3018
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Fri, 09 Dec 2022 00:06:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3018
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Fri, 09 Dec 2022 00:06:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3018
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Fri, 09 Dec 2022 00:06:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 13:49:59 GMT
age: 37002
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cb76c68a8cd472600106cc118067868
6cee6b1828c709f68b995197ca943a5c393f86fb
009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:12:28 GMT
age: 32053
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:33:10 GMT
age: 41611
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 03:42:37 GMT
age: 73444
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d1605154a552a8c3165c1358ea2e185
2e677da1f57c112d984180ead80481e8797ff2e8
12b075ad3e786dc68ab3fab1e4ce9d6f7810bdebc7bdafd993e19bc5bc7c0abc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11027
x-amzn-requestid: e0d56100-13aa-44e5-ae80-bedfeece87db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwV19EUOIAMFjcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900359-5a5402381d61db921a00404d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:07:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7ET6kgGgWAKa4_CFCgSwnN8m7FnplxP7zOp8lEyodxn5lmlIIHD4vQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 04:37:30 GMT
age: 70151
etag: "2e677da1f57c112d984180ead80481e8797ff2e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Il4kJ9VclWp3pqZSUrTpJNEY3vYu4XaZYEXRcrfDINMjyokDNSM8Lg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 04:08:47 GMT
age: 71874
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.schmitz-rsb.de/layouts/Schmitz2015/img/Angela_Mosni.jpg
5.35.252.29200 OK 0 B URL HTTP/1.1 www.schmitz-rsb.de/layouts/Schmitz2015/img/Angela_Mosni.jpg
IP 5.35.252.29:0
ASN #8972 Host Europe GmbH
GET /layouts/Schmitz2015/img/Angela_Mosni.jpg HTTP/1.1
Host: www.schmitz-rsb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Cookie: CFID=6942545; CFTOKEN=f3ae10faf4a705b-8855CDFC-D297-A769-6FE64A6076F60E8A; CFGLOBALS=urltoken%3DCFID%23%3D6942545%26CFTOKEN%23%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23lastvisit%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D12%2D09%2000%3A06%3A51%27%7D%23cftoken%3Df3ae10faf4a705b%2D8855CDFC%2DD297%2DA769%2D6FE64A6076F60E8A%23cfid%3D6942545%23
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 23:06:51 GMT
Server: Apache
Last-Modified: Mon, 08 Jun 2015 13:19:05 GMT
Accept-Ranges: bytes
Content-Length: 26067
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
fast.fonts.net/t/trackingCode.js
104.17.225.78200 OK 0 B URL HTTP/2 fast.fonts.net/t/trackingCode.js
IP 104.17.225.78:0
GET /t/trackingCode.js HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.schmitz-rsb.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 00:06:40 GMT
content-type: text/plain; charset=utf-8
x-amz-id-2: tV243F2E3FHzbzOmyb20MHfeQ1GDyYatZCBl0Nm17F8uWij/iigaf5Z34J37a+dZQxKIa0bZwb8=
x-amz-request-id: VPCR2ZHNCTBAG0DH
last-modified: Tue, 23 Mar 2021 09:15:19 GMT
etag: W/"32dd789522cc6923c80141fcf5d3a614"
cache-control: public, max-age=300
x-amz-meta-mtime: 1383840033
x-amz-version-id: null
cf-cache-status: HIT
age: 1369
expires: Fri, 09 Dec 2022 00:11:40 GMT
set-cookie: __cf_bm=FPNRMVBalN8JebRxwsoB5LF75LybLqRnv8f5wt00i_s-1670544400-0-AbEiQGnVJfEgaBqHqawbUB3jc4YemvMhU/ZFuSe8uM+cIwN1Nt7UCJjP58NeoZm2YtKEWdar73oXnUf93taOYyA=; path=/; expires=Fri, 09-Dec-22 00:36:40 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 77697f054d31b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2