Overview

URL booking.k1-sporthotel.de/
IP89.22.100.170
ASNdogado GmbH
Location Germany
Report completed2022-08-06 05:52:18 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-08-06 2 booking.k1-sporthotel.de/ Phishing
2022-08-06 2 booking.k1-sporthotel.de/ Phishing
2022-08-06 2 booking.k1-sporthotel.de/Scripts/google_rating.js Phishing
2022-08-06 2 booking.k1-sporthotel.de/Scripts/bootstrap.min.js Phishing
2022-08-06 2 booking.k1-sporthotel.de/Scripts/site.js Phishing
2022-08-06 2 booking.k1-sporthotel.de/Scripts/google-ratings.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (13)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-08-05 04:57:18 UTC 23.36.77.32
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-06 04:57:51 UTC 54.230.111.7
[Mnemonic Passive DNS] ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-08-06 04:58:04 UTC 142.250.74.3
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-05 05:06:17 UTC 35.160.51.228
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (3) 1631 2017-09-01 03:40:57 UTC 2022-08-05 06:49:03 UTC 34.120.237.76
[Mnemonic Passive DNS] fonts.googleapis.com (2) 8877 2017-01-30 04:59:43 UTC 2019-10-16 05:12:41 UTC 216.58.211.10
[Mnemonic Passive DNS] booking.k1-sporthotel.de (12) 0 No data No data 89.22.100.170 Unknown ranking
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-08-06 05:01:09 UTC 93.184.220.29
[Mnemonic Passive DNS] maps.googleapis.com (1) 33876 2017-01-30 05:00:19 UTC 2022-08-04 21:16:37 UTC 142.250.74.42
[Mnemonic Passive DNS] www.k1-sporthotel.de (1) 0 2019-04-18 01:42:29 UTC 2022-08-06 04:44:55 UTC 89.22.100.170 Unknown ranking
[Mnemonic Passive DNS] fonts.gstatic.com (4) 0 2017-01-30 04:59:51 UTC 2022-08-05 04:56:59 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.7


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 89.22.100.170

Date UQ / IDS / BL URL IP
2022-08-16 03:52:18 +0000
0 - 0 - 7 booking.k1-sporthotel.de/ 89.22.100.170
2022-08-16 02:52:13 +0000
0 - 0 - 6 booking.k1-sporthotel.de/ 89.22.100.170
2022-08-15 23:46:14 +0000
0 - 0 - 1 k1-sporthotel.com/ 89.22.100.170
2022-08-15 23:43:11 +0000
0 - 0 - 1 k1-hotel.de/ 89.22.100.170
2022-08-15 20:46:41 +0000
0 - 0 - 2 testcenter-oberwiesenthal.de/ 89.22.100.170
2022-08-15 16:47:02 +0000
0 - 0 - 1 sporthotel-oberwiesenthal.de/ 89.22.100.170
2022-08-15 12:47:22 +0000
0 - 0 - 2 skiverleih-oberwiesenthal.de/ 89.22.100.170
2022-08-15 05:45:44 +0000
0 - 0 - 1 post.k1-sporthotel.de/ 89.22.100.170
2022-08-15 05:28:14 +0000
0 - 0 - 1 k1-hotel.de/ 89.22.100.170
2022-08-15 05:02:57 +0000
0 - 0 - 2 firmenausflug.info/ 89.22.100.170

Last 10 reports on ASN: dogado GmbH

Date UQ / IDS / BL URL IP
2022-08-16 04:55:51 +0000
0 - 0 - 3 lindnerelektroanlagen.de/INVOICE/AOG-3515110/ 185.137.168.76
2022-08-16 04:55:33 +0000
0 - 0 - 3 www.reifenquick.de/Scripts/open-0627720493640 (...) 185.137.168.76
2022-08-16 04:54:10 +0000
0 - 0 - 3 www.reifenquick.de/Scripts/hl8-8w4cs-6325/ 185.137.168.76
2022-08-16 04:53:50 +0000
0 - 0 - 3 reifenquick.de/Scripts/hl8-8w4cs-6325/ 185.137.168.76
2022-08-16 04:53:44 +0000
0 - 0 - 3 www.reifenquick.de/Scripts/closed_957176_mxqS (...) 185.137.168.76
2022-08-16 04:53:35 +0000
0 - 0 - 3 www.reifenquick.de/Scripts/statement/ul397wfyb/ 185.137.168.76
2022-08-16 04:52:45 +0000
0 - 0 - 3 www.reifenquick.de/Scripts/FILE/21mnqlvi/oz88 (...) 185.137.168.76
2022-08-16 04:52:39 +0000
0 - 0 - 3 reifenquick.de/Scripts/statement/ul397wfyb/ 185.137.168.76
2022-08-16 03:52:18 +0000
0 - 0 - 7 booking.k1-sporthotel.de/ 89.22.100.170
2022-08-16 02:52:13 +0000
0 - 0 - 6 booking.k1-sporthotel.de/ 89.22.100.170

No other reports on domain: k1-sporthotel.de



JavaScript

Executed Scripts (17)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (43)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         89.22.100.170
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://booking.k1-sporthotel.de/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Sat, 06 Aug 2022 05:52:06 GMT
Content-Length: 186


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Size:   186
Md5:    a3a843ff21f6268f227ca8066059bcd2
Sha1:   54c4e97b7b5f09faa9961870411cf74839eba1b9
Sha256: a352e9c0b9fc509a076c270137cb4a7b8f1186b592476de659d6ae6d1b4fdbf8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 06 Aug 2022 05:02:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Cdr0lkP2xUp6VAc6Mp3As1oLhfLoJVJBTb_zMo9c9gLfuklB-wERMw==
Age: 2988


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F055127A4794D0F76CB4DF8F290DF8E259258A63398A700F592C859DFFE9AC34"
Last-Modified: Thu, 04 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7172
Expires: Sat, 06 Aug 2022 07:51:39 GMT
Date: Sat, 06 Aug 2022 05:52:07 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sun, 31 Jul 2022 18:34:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 06 Aug 2022 04:15:27 GMT
etag: "578b9ff83ff3950ab2a3d1a8344d2938"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wJpHZEU3hyWdJQSusGjAj-MWNDqQJWbNMm13gEUptCWUvwYcgzDEOw==
age: 5801
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    578b9ff83ff3950ab2a3d1a8344d2938
Sha1:   39d48b67ba6aa45ec01767725e726cf9b0c87a70
Sha256: 35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 05:52:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8485BBD157F2D42417AD98BE61131574807239E6A89F3BD0FD09980B9592DE7B"
Last-Modified: Thu, 04 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21527
Expires: Sat, 06 Aug 2022 11:50:54 GMT
Date: Sat, 06 Aug 2022 05:52:07 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.2050094880.1654386813
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:06 GMT
content-length: 12727
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1030), with CRLF, LF line terminators
Size:   12727
Md5:    74d9d8f917357df756337dba0e876879
Sha1:   e22f4025870188a3814389703c2a96ceca37c38e
Sha256: b43d3687b5ff970784c41bc3f0ac31996b6c3ef27c9d1867ee7d021cb45572e5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 06 Aug 2022 05:16:14 GMT
Cache-Control: max-age=3600
Expires: Sat, 06 Aug 2022 05:24:55 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y-BKbq9cJJTseddmr6rMcHhOObpZh4ZM71onrybx4PfWy7G_VXwdMg==
Age: 2153


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /Scripts/google_rating.js HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Cookie: _ga=GA1.2.2050094880.1654386813
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 17:33:20 GMT
accept-ranges: bytes
etag: "5be80b6051d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:06 GMT
content-length: 358
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   358
Md5:    1dc1c45bd2a4248701bf1f1b123b4785
Sha1:   d9bfc33d70df7ea892b7f82cf428671cadef7ad2
Sha256: ccb27feb19c121daf6fe8f9d2ea5bfeb3d59fd1f446306cb34ebf158045bfb92

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /Content/site.css HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Cookie: _ga=GA1.2.2050094880.1654386813
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
content-type: text/css
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 18:40:01 GMT
accept-ranges: bytes
etag: "83f22b68e54d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:07 GMT
content-length: 10953
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   10953
Md5:    d262e45226b938a19d8bc8d4bdee031a
Sha1:   14e56a001ba0e0657bf37df56114f3a1dcd38125
Sha256: f55bb00350989c04819f6cfca65157560721ddeebe603355599b0f0834493b7a
                                        
                                            GET /Scripts/bootstrap.min.js HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Cookie: _ga=GA1.2.2050094880.1654386813
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 17:24:27 GMT
accept-ranges: bytes
etag: "602ffcd5e51d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:07 GMT
content-length: 36896
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32003)
Size:   36896
Md5:    5d768fa0401808a1ba60e21c226a6c05
Sha1:   5470e3a384b89f6ef125ee793b4065d5b3e48a49
Sha256: fe0cb52bce8a3324db36ce5207b65f043093d4b667e7f590db3961cf852d4d08

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /Scripts/site.js HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Cookie: _ga=GA1.2.2050094880.1654386813
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 17:24:34 GMT
accept-ranges: bytes
etag: "faa734d25e51d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:07 GMT
content-length: 1184
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1184
Md5:    6208631849f2c70d3a6038ea883547f0
Sha1:   c02bd030b752c53ad600cf771a9169b210bfb30d
Sha256: 688056a94f370065cddd18a5b662a4b2954cb37ac0dbac8e0eb86bfa296a3d1b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /Scripts/google-ratings.js HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Cookie: _ga=GA1.2.2050094880.1654386813
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 17:33:21 GMT
accept-ranges: bytes
etag: "e6cdd1b6051d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:07 GMT
content-length: 5079
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   5079
Md5:    29fea24c3465230bc46f9b21e1a1a7ea
Sha1:   c1f23e074181d9bd6aea39c69440b3e7e13a544f
Sha256: 1adbd320ed69f26b75df00ce940bbc70082226ecbad03f65b931662d3523f796

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4E3534B15DB1B7698DD5A40D2FF66CB5DA190784B0D64679EFA9B2FC139CE872"
Last-Modified: Wed, 03 Aug 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13860
Expires: Sat, 06 Aug 2022 09:43:07 GMT
Date: Sat, 06 Aug 2022 05:52:07 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 05:52:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 05:52:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /DXR.axd?r=1_88-hEa6o HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Cookie: _ga=GA1.2.2050094880.1654386813
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
cache-control: public, max-age=31536000
content-type: image/gif
expires: Wed, 11 Jan 2023 16:12:53 GMT
last-modified: Tue, 11 Jan 2022 16:12:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:07 GMT
content-length: 43
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 05:52:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5273
Cache-Control: max-age=99787
Date: Sat, 06 Aug 2022 05:52:07 GMT
Etag: "62eccfb9-1d7"
Expires: Sun, 07 Aug 2022 09:35:14 GMT
Last-Modified: Fri, 05 Aug 2022 08:07:21 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /maps/api/js?v=3.exp&key=AIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&signed_in=true&libraries=places HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
                                        
content-type: text/javascript; charset=UTF-8
date: Sat, 06 Aug 2022 05:52:07 GMT
expires: Sat, 06 Aug 2022 06:22:07 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56664
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2462)
Size:   56664
Md5:    8a53f7cac6d3765feaab11488ff2412c
Sha1:   9e2a2916eed556fdd96fb9e5fe4b236564f3f176
Sha256: 8f94bd857e9ec67cd609af7345e6c82d95855222f97d92be34c62bb3b336651f
                                        
                                            GET /wp-content/uploads/2020/05/logo-k1-sporthotel-80.png HTTP/1.1 
Host: www.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Cookie: _ga=GA1.2.2050094880.1654386813
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
content-type: image/png
last-modified: Wed, 02 Jun 2021 14:19:02 GMT
accept-ranges: bytes
etag: "ffcbf13cba57d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:07 GMT
content-length: 2952
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 88 x 80, 8-bit colormap, non-interlaced\012- data
Size:   2952
Md5:    ecd007e6f9a44717c89534503965a9c3
Sha1:   4a38bbbea230bee850548012baa8398106a448a0
Sha256: e07bb42a446d68e12b3b1d65f84b83b40bd8efbe23a07b5da892ed21338f04f8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 05:52:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 05:52:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /DXR.axd?r=1_73,1_67,1_68,1_69,1_72,1_209,1_206,1_208,1_205,1_252,1_251,1_83,24_378,24_379,24_394,1_7,24_406,24_407,24_422,26_37,26_36,26_35,26_32,26_34,26_30,26_28,26_31,1_75-oEa6o HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Cookie: _ga=GA1.2.2050094880.1654386813
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
cache-control: public, max-age=31536000
content-type: text/css
content-encoding: gzip
expires: Wed, 11 Jan 2023 16:13:00 GMT
last-modified: Tue, 11 Jan 2022 16:13:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:07 GMT
content-length: 209847
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5388), with CRLF line terminators
Size:   209847
Md5:    36b47c23fc5af5c87ff70d2fc25b0175
Sha1:   9c7389ab926a6faed8519b2ead0f7e56813e6fd4
Sha256: 59fef0b51c9ef1ab22bac0b9b806cb20321c39d0034a864288f40bed093a4ebb
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bzFrXZEKogKlopbQpGbNwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.160.51.228
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 56yC8GUhnlaLNvyYVIPpJF88a0c=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2267
Expires: Sat, 06 Aug 2022 06:29:56 GMT
Date: Sat, 06 Aug 2022 05:52:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2267
Expires: Sat, 06 Aug 2022 06:29:56 GMT
Date: Sat, 06 Aug 2022 05:52:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2267
Expires: Sat, 06 Aug 2022 06:29:56 GMT
Date: Sat, 06 Aug 2022 05:52:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2267
Expires: Sat, 06 Aug 2022 06:29:56 GMT
Date: Sat, 06 Aug 2022 05:52:09 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47127619-5c86-4363-ad38-bd0ea52d7a06.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 3871
x-amzn-requestid: 8e2f628a-40e7-4a30-9250-e799388e3f06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMExESGIAMFmSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d51-548ce53641314e2f14e5c4af;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N90ctXzr6WonpYvUPxVh9pub3pDwtN6P2RHXYhHEnvQojnGnfdXOiw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 22:01:03 GMT
age: 28266
etag: "5aafd1e4d78ce8b097b9d9333f8a583a3004ed21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3871
Md5:    2d2380784d41f22b7c39f22aa6ee89f5
Sha1:   5aafd1e4d78ce8b097b9d9333f8a583a3004ed21
Sha256: 0c0f5233c5b6e055ab79900dcd96b99dcd837a2459c75c75ba54d1289dab4ec7
                                        
                                            GET /Content/bootstrap.min.css HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Cookie: _ga=GA1.2.2050094880.1654386813
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
content-type: text/css
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 18:36:07 GMT
accept-ranges: bytes
etag: "66812a7a8d54d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:07 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   129486
Md5:    63ef1ada66bdcbede9ca3ad923c20abc
Sha1:   4f14c1127e3127eeab6ddb504b5edc2e14c3dd66
Sha256: 21f40c989a004faca61303cd9bbe4c1756ff3339a06ed751c3ca3bd584395bc2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c27fbc-f7dc-491c-92c7-70dd9c68da69.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7911
x-amzn-requestid: d3776da5-df77-4b08-bdf4-a949df45920a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WOTuzF2-oAMF6qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62e8ccc4-36cb6c6a64a2fcb85c4a98e8;Sampled=0
x-amzn-remapped-date: Tue, 02 Aug 2022 07:05:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Sa8b4L8kCsNGyke-UI-zyBEpPPGb9jghFNWPSaWLonAuTxFGHsJviQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 23:12:47 GMT
age: 23962
etag: "126688362f54060110b92826e9ea513fabcfde4f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7911
Md5:    662f84cbbc31ca3bd337c82f59e810fb
Sha1:   126688362f54060110b92826e9ea513fabcfde4f
Sha256: 22db946504dfb8ac5b27913a462593a14cbc4ddbb433b10f0a3e1ddee5dd6753
                                        
                                            GET /css?family=Open+Sans%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CLato%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic&ver=5.3.4 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
                                        
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 06 Aug 2022 05:52:07 GMT
date: Sat, 06 Aug 2022 05:52:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11950
Md5:    e8258d5fa13888259a05a811fabe7595
Sha1:   cd1591efe474e7b9eb35565f9e947084ed0ed052
Sha256: ada74ce40a1618a6f7bdcdb7b447bd8ba3e1b4e71ae88f46c29c423941d75d18
                                        
                                            GET /icon?family=Material+Icons HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
                                        
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 06 Aug 2022 05:52:07 GMT
date: Sat, 06 Aug 2022 05:52:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7796
Md5:    bfe8ec96a9a45401e2d53db74e4dd4d0
Sha1:   39c5aae877675168f6bdae38edcf50f0145ccbd1
Sha256: 577f02ea591f36dcd0fac095741b459cf854df419c0aff95425ab88b6ffa4162
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0639416-8f2d-4ab7-9e3b-459448bd9daa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10949
x-amzn-requestid: c1761599-dc8d-408b-87da-b2961ac6560f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WUXu5FD2IAMFpnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62eb3992-1c17ee5a619249e84c814b7a;Sampled=0
x-amzn-remapped-date: Thu, 04 Aug 2022 03:14:26 GMT
x-amz-cf-pop: YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: MgwKi7CqzjoVvketcgzMwT2q0Egm5MksC7_-AEICUW7cKe0ok2Ii7g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 733ae4e17f2a4786e797d3450daabd46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 06 Aug 2022 04:15:44 GMT
age: 5785
etag: "084b4b2e95a731acefcee158e539c4fbc74060f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10949
Md5:    6b23b52c323b1ebf1abd497da1051b47
Sha1:   084b4b2e95a731acefcee158e539c4fbc74060f2
Sha256: d5fb15eb9611b3b67d3954a6f8c2ccd53a4c385d2beb6254d3063fc38f04f56e
                                        
                                            GET /DXR.axd?r=1_0,1_2,1_3,1_4,1_11,1_63,1_12,1_13,1_14,1_15,1_16,1_20,1_65,1_48,1_17,1_9,17_0,17_7,1_27,1_39,1_31,17_35,1_23,1_55,17_34,1_41,1_54,1_53,17_33,1_182,1_183,1_24,1_33,1_46,1_212,1_210,1_239,1_47,1_52,17_6,1_51,17_14,1_21,1_22,1_40,1_34,1_19,1_223,1_224,1_211,1_217,1_215,1_218,1_219,1_216,1_220,1_213,1_221,1_222,1_226,1_235,1_237,1_238,1_225,1_230,1_231,1_232,1_214,1_227,1_228,1_229,1_233,1_234,1_236,17_48,17_49,17_2,1_59,1_57,17_38,1_56,17_39,1_58,17_40,17_41,1_60,17_3,1_49,17_8,17_9,1_35,17_10,1_62,17_11,1_50,1_38,17_43,1_43,17_12,17_13,1_66,1_184,1_181,17_23,1_204,17_24,1_193,17_17,1_202,17_19,1_187,1_189,1_197,1_198,1_199,1_203,1_185,1_192,17_16,17_21,1_191,17_18,1_61,1_194,1_188,17_15,1_196,1_190,17_42,1_201,1_195,17_20,1_5,24_368,1_1,24_364,24_365,24_366,24_367,24_359,24_362,24_363,24_360,24_361,24_423,24_424,26_19,26_21,24_404,24_405,26_23,26_20,26_22,17_26,26_24,17_27,26_11,26_16,26_18,17_25,26_15,26_13,26_14,26_12,26_17,1_249,17_1-oEa6o&p=cde5b7bc HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Cookie: _ga=GA1.2.2050094880.1654386813
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
cache-control: public, max-age=31536000
content-type: text/javascript
content-encoding: gzip
expires: Wed, 11 Jan 2023 16:13:00 GMT
last-modified: Tue, 11 Jan 2022 16:13:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:09 GMT
content-length: 2866729
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   2866729
Md5:    781b21c6c940706eced40abd90433fd1
Sha1:   9df01a2beadf0fd43892dedfb870c0296cef6129
Sha256: 9617ed11e90d52858ebc77f1178c39575a9da6d1ac449615129acddc6efdc2c3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 05:52:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://booking.k1-sporthotel.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 Aug 2022 06:41:08 GMT
expires: Fri, 04 Aug 2023 06:41:08 GMT
cache-control: public, max-age=31536000
age: 169863
last-modified: Wed, 11 May 2022 19:25:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16720, version 1.0\012- data
Size:   16720
Md5:    c416910cae8fe4258cdf8c35933e9f4c
Sha1:   4a768ba0a3abc49b572c08c235db9f066ffc2b18
Sha256: 9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 05:52:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://booking.k1-sporthotel.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 02 Aug 2022 17:10:21 GMT
expires: Wed, 02 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 304910
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size:   23040
Md5:    de69cf9e514df447d1b0bb16f49d2457
Sha1:   2ac78601179c3a63ba3f3f3081556b12ddcaf655
Sha256: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
                                        
                                            GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://booking.k1-sporthotel.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 03 Aug 2022 19:46:31 GMT
expires: Thu, 03 Aug 2023 19:46:31 GMT
cache-control: public, max-age=31536000
age: 209140
last-modified: Wed, 11 May 2022 19:25:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16812, version 1.0\012- data
Size:   16812
Md5:    ccc4fae5b3a426b89f4245f50715e416
Sha1:   7f036f96dc68e7981c5cc5322ecbbd4628b439cd
Sha256: 25b0bc9dda8dd671aa7cc47201a3d2b019d51deb6c6cebe10c38ec352d4a1c96
                                        
                                            GET /s/materialicons/v135/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://booking.k1-sporthotel.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 01 Aug 2022 21:08:19 GMT
expires: Tue, 01 Aug 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 377032
last-modified: Mon, 18 Jul 2022 18:44:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 128504, version 1.0\012- data
Size:   128504
Md5:    be78d53c0b937af36048c7a24228fc95
Sha1:   60709a7f0c7ec3f3056fb0ea7d190fb01e382d55
Sha256: 0ceee87b4f5030bcea1406c18ab6534743fd5f65a37fafd864cc47af46ba79bc
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: booking.k1-sporthotel.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.k1-sporthotel.de/
Cookie: _ga=GA1.2.2050094880.1654386813
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         89.22.100.170
HTTP/2 200 OK
                                        
content-type: image/x-icon
last-modified: Fri, 03 Jul 2020 17:22:02 GMT
accept-ranges: bytes
etag: "d3b121775e51d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 06 Aug 2022 05:52:11 GMT
content-length: 32038
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   32038
Md5:    4859e39ae6c0f1f428f2126a6bb32bd9
Sha1:   1c0c85678ae963bc96d0b7fbe1eb89074cf1fbe0
Sha256: a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d