Report - www.bg-hamburg.de/aktuell/corona-virus-infos-fuer-unternehmen/

Report Overview

Submitted URL
www.bg-hamburg.de/aktuell/corona-virus-infos-fuer-unternehmen/
IP
185.32.80.72
ASN
#42263 German Edge Cloud GmbH & Co. KG
Submitted
2023-01-16 10:19:44
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.228.230.125
consent-api.service.consent.usercentrics.eu	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	859 B	35.201.111.240
api.usercentrics.eu	11845	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	19 kB	35.241.3.184
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	735 B	19 kB	151.101.193.229
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
hh.ermoeglicher.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.8 kB	432 kB	185.32.80.72
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	46 kB	142.250.74.168
graphql.usercentrics.eu	14191	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	751 B	34.120.238.166
uct.service.usercentrics.eu	53073	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	437 B	34.95.108.180
www.bg-hamburg.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	884 B	864 B	185.32.80.72
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.3 kB	11 kB	142.250.74.131
app.usercentrics.eu	12624	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	197 kB	35.190.14.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-16 10:19:34	medium	Client IP	185.32.80.72	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	app.usercentrics.eu/browser-ui/3.14.0/PrivacyButton-838e13c6.js	5.5 kB	2023-03-08	2023-11-19
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/PrivacyButton-838e13c6.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:29:54 Last Seen2023-11-19 22:07:18 Times Seen921 Hash 5cd92a212bc0369b233eaf4a53e12f0f 4ab50b1fb989287cfa24bb691a6e21948c7cfd63 f3d541bb8ac4f2634c8bc045e37ade096d7b03e2f67c54fe7f8bb81a8d7d4dc9 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/index-b02ff534.js	5.0 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/index-b02ff534.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash d16d1f75c466ff0211c55495ee4d0c4c d8770dcbc57d63189e88a60115086914480039d3 e11b877be293055dd2c71ddc81d07e84ecba5d504cfe32805466198e7a5f1233 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/SaveButton-e4a1936a.js	1.4 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/SaveButton-e4a1936a.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash e8f8937e33ac907f1c3b68459ebf356b b6d14f103b28002ce725b8ed0ff1dafadfc38b5f 202190c4ffc78227028e3c4a73333d354fc98a37d6230219b631f4835f2831be Loading...

	app.usercentrics.eu/browser-ui/3.14.0/VirtualServiceItem-5cefb71d.js	158 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/VirtualServiceItem-5cefb71d.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash b6e4dd06777abb788850cfa2977ff409 43962614ab7d58aacfc5e523b217118f87291602 3d13222bb77dc48f4e195433e293fb7ce30532bd9f46a3ef6cba4918ae982a17 Loading...

	hh.ermoeglicher.de/static/bundle.9a675619016f.js	91 kB	2023-03-13	2023-03-13
Pretty URL hh.ermoeglicher.de/static/bundle.9a675619016f.js IP 185.32.80.72 ASN #42263 German Edge Cloud GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:30:15 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 9a675619016fef688bb4fe2e112f1de3 c2ee156727fbef14ca6835a3ee42c92aa402c35a 05b62f5b29263a069dbc2e3bac24870a71f7b03b5b5e862a2b38e5d5bfacd9cf Loading...

	www.googletagmanager.com/gtm.js?id=GTM-K7NF7RM	116 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K7NF7RM IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:56:24 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 5994f42e60ee499bdf70dd55fa3834d6 4fac958ea6f2b9e84dd4282d93a0c724de75d331 360e4434bef6983a6a3a1052ed603f3964225ffebb4e6999ec08d807f1d96df2 Loading...

	hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/	75 B	2023-03-13	2023-03-13
Pretty URL hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/ IP 185.32.80.72 ASN #42263 German Edge Cloud GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:30:15 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 8bb5a324145d614bd08e5f6654b422ab 61fb3651dd4e509d2d0783922113a1b7b7e40e6a e7487cf96a0f162f5050158c489bcda10ec3c6c168e3a203b82c42e5b12c1c01 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/SecondLayerUI-87844021-0f5d225e.js	567 B	2023-03-08	2023-11-19
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/SecondLayerUI-87844021-0f5d225e.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:18 Last Seen2023-11-19 22:07:19 Times Seen1069 Hash 3c558f62ac8600e4f5a12e778163a113 de384e9e997676dc65e6f2d6623339e1603b9c8a 112f05d9a926b4846f9325f21f6851a8fd3baecafb76be4e0a49265a3cf91da1 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/DefaultData-179215c9-7baa5001.js	2.2 kB	2023-03-08	2023-09-11
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/DefaultData-179215c9-7baa5001.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:05:14 Last Seen2023-09-11 03:55:17 Times Seen575 Hash 0676bbfaa53999bc7f872e76778930bc f53e90d2380ec4ecc87a0e8642e4142700844aad 70fdf46ec720c9235e60fe600dd444bd55a7422894d37763364fe4cde32d0d14 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/Taglogger-3287a09c-e1e8bf90.js	1.2 kB	2023-03-08	2023-09-11
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/Taglogger-3287a09c-e1e8bf90.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:05:14 Last Seen2023-09-11 03:55:17 Times Seen577 Hash fa069aba99c9c9e0df4dc7e513f2f5c4 fa7cc131bf869d47dc2aef7a1a16cccfd8a0ecb3 43023061a506aa31987f6a256e4b42561c2fba643dcbba8e17124cb070d0a4da Loading...

	app.usercentrics.eu/browser-ui/3.14.0/DefaultTabs-818c5157.js	4.4 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/DefaultTabs-818c5157.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 5ee61863b4f9d8566625d60b9fd3e2e6 9bf44a3f95e6a26cfca6badae34640fc9a23c92c 79ad293bb357839168115da30a12fa6c8ed6960bd2df452dd9aa726e40e9a308 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/FirstLayerCustomization-0e1d6632-5d888855.js	2.9 kB	2023-03-12	2023-09-11
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/FirstLayerCustomization-0e1d6632-5d888855.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-09-11 03:55:17 Times Seen352 Hash 32ad5d4ff0365166321eef72426c674d e76a5846799d6c3aab1ac62696e2ae7cc1ead099 a99da98ccf11b34790289d0264ed889d2d3765757da0cd807590cfa328d7689c Loading...

	app.usercentrics.eu/browser-ui/3.14.0/ButtonsCustomization-1efef9a5-d4bd00e7.js	473 B	2023-03-08	2023-11-19
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/ButtonsCustomization-1efef9a5-d4bd00e7.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:18 Last Seen2023-11-19 22:07:17 Times Seen1040 Hash 7559f5f95af499d1785f7af1c51ad49b 0c38816b068ae0488402ecdca429a999a5d3cb96 e1e2838d72c3c267345fa419ecba66f968fefc1f0928a8dc3da1d6df5078278c Loading...

	app.usercentrics.eu/browser-ui/3.14.0/index-1e4fcfa6.js	1.7 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/index-1e4fcfa6.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash c386667e56c78e242be2cd7a022212e2 2b24cd09aeae5e6e6a14852ea6ea7babcd44f689 ddfd60c6929fe815cab1063f2bb1014fc3cae50d641d98010043ef4224f02a43 Loading...

	hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/	350 B	2023-03-13	2023-03-13
Pretty URL hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/ IP 185.32.80.72 ASN #42263 German Edge Cloud GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:30:15 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 1c0ca452e92137af53b9d6ffc66f8bde f72a376916b22dc2a162d3529fde1bf1af28943b a9c0d6628fce983ecea2409abe9217cd074378c0045274b8b58bcaf1daa26b03 Loading...

	cdn.jsdelivr.net/gh/mcstudios/glightbox/dist/js/glightbox.min.js	56 kB	2023-03-10	2024-03-04
Pretty URL cdn.jsdelivr.net/gh/mcstudios/glightbox/dist/js/glightbox.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:21:49 Last Seen2024-03-04 00:58:07 Times Seen105 Hash 98bdef99fed1735951123bb477fde4c8 67bc06fc3c3c66e72a8a3c013a419b2c407b720a c98267e669cfec3a2a89eb501b16d6d8fba8e0d33e09f355554b19fcf213ffea Loading...

	app.usercentrics.eu/browser-ui/latest/loader.js	63 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/latest/loader.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash dd317d62665ba9b86709a91617f7925f 5a88f0fe1dd66f49545f71cbe9a06ee43b0e463b aa21f50cfc7f12ed180c5e65dc06b486e633c51f8648304694737b031e00416c Loading...

	app.usercentrics.eu/browser-ui/3.14.0/index.module.js	356 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/index.module.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 9b81b50bd01b197f772e6eb311ac5898 4d0a6accbbc7fae4a5791d2f3b63d8f65846c67a ab20de747f96ffce152f64dcd2e9898b4f5fdae01da220e2820026053f61c227 Loading...

	app.usercentrics.eu/browser-ui/3.14.0/DefaultUI-917606c2-86ee2573.js	1.7 kB	2023-03-12	2023-03-13
Pretty URL app.usercentrics.eu/browser-ui/3.14.0/DefaultUI-917606c2-86ee2573.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:47 Last Seen2023-03-13 00:56:24 Times Seen1 Hash 6501c60414eea7f5496a7d832f0b4085 9a1589bc0b057af8307447bfc9c25ea053d45dad 2248e05564b4346351f550f8500e9c73a564b516791bf42fba95bb09487e074e Loading...

HTTP Transactions (85)

URL IP Response Size

www.bg-hamburg.de/aktuell/corona-virus-infos-fuer-unternehmen/

185.32.80.72

301 Moved Permanently

169 B

URL HTTP/1.1
www.bg-hamburg.de/aktuell/corona-virus-infos-fuer-unternehmen/
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
e2b2d66924b5bad7a8faa2c59f643055
a77ad5a69799f61612679c19cb2f3bf8e876c397
956e4fc6180dc45eb50c4e4071e0a2c90c871317dd63477e6b0ea6810b71dd14

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

HTTP Headers

GET /aktuell/corona-virus-infos-fuer-unternehmen/ HTTP/1.1
Host: www.bg-hamburg.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.19.3
Date: Mon, 16 Jan 2023 10:19:33 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.bg-hamburg.de/aktuell/corona-virus-infos-fuer-unternehmen/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8348
Expires: Mon, 16 Jan 2023 12:38:41 GMT
Date: Mon, 16 Jan 2023 10:19:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9865
Expires: Mon, 16 Jan 2023 13:03:58 GMT
Date: Mon, 16 Jan 2023 10:19:33 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 16 Jan 2023 09:42:09 GMT
content-type: application/json
age: 2244
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4380
Expires: Mon, 16 Jan 2023 11:32:33 GMT
Date: Mon, 16 Jan 2023 10:19:33 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: CU7HNWzaeBRpFQOTlgusCU6Hox1Yuuo1ZL09+jEcInnqw8MarpdAcFceE126pWR9bzmRCEW0Mzg=
x-amz-request-id: PBXK5YF7NZ5P5EFJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 16 Jan 2023 09:55:46 GMT
age: 1427
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.bg-hamburg.de/aktuell/corona-virus-infos-fuer-unternehmen/

185.32.80.72

301 Moved Permanently

169 B

URL HTTP/2
www.bg-hamburg.de/aktuell/corona-virus-infos-fuer-unternehmen/
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
e2b2d66924b5bad7a8faa2c59f643055
a77ad5a69799f61612679c19cb2f3bf8e876c397
956e4fc6180dc45eb50c4e4071e0a2c90c871317dd63477e6b0ea6810b71dd14

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

HTTP Headers

GET /aktuell/corona-virus-infos-fuer-unternehmen/ HTTP/1.1
Host: www.bg-hamburg.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:33 GMT
content-type: text/html
content-length: 169
location: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 10:19:33 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 09:33:46 GMT
age: 2748
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3305
Cache-Control: max-age=171744
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:34 GMT
Etag: "63c513ad-1d7"
Expires: Wed, 18 Jan 2023 10:01:58 GMT
Last-Modified: Mon, 16 Jan 2023 09:06:53 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

cdn.jsdelivr.net/npm/glightbox/dist/css/glightbox.min.css

151.101.193.229

200 OK

2.6 kB

URL HTTP/2
cdn.jsdelivr.net/npm/glightbox/dist/css/glightbox.min.css
IP
151.101.193.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (13749), with no line terminators
Size
2.6 kB (2565 bytes)
Hash
5cbdaec6157ee3ce220b1fd336fd6ec3
2c16bb574fb829de58db438b82b83ef9c049da61
7dcf3f432d6c4b69808d8df5b9d5820e80e9805ab6b9bd38f4bbe9337c336831

HTTP Headers

GET /npm/glightbox/dist/css/glightbox.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.2.0
x-jsd-version-type: version
etag: W/"35b5-O1t5BPT0vPVZWcLs71CCG9kRACE"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 16 Jan 2023 10:19:34 GMT
age: 29610
x-served-by: cache-fra-eddf8230097-FRA, cache-bma1675-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2565
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/mcstudios/glightbox/dist/js/glightbox.min.js

151.101.193.229

200 OK

15 kB

URL HTTP/2
cdn.jsdelivr.net/gh/mcstudios/glightbox/dist/js/glightbox.min.js
IP
151.101.193.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (56279)
Size
15 kB (15272 bytes)
Hash
2a4322d8fcb45c8a89e2618d0ec637b1
efc4bf24907dec5894a1d22c79b6050a93307fe5
d281f75d516885d38c4791697780158280e8c428bb002d2251928de70cd57b0d

HTTP Headers

GET /gh/mcstudios/glightbox/dist/js/glightbox.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.2.0
x-jsd-version-type: version
etag: W/"dbd8-Z7wG/Dw8ZucqijwBOkGbLEB7cgo"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 16 Jan 2023 10:19:34 GMT
age: 27564
x-served-by: cache-fra-eddf8230041-FRA, cache-bma1675-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15272
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/BBBank_Logo_HH_Std_RGB_cXPBNkZ.original.png

185.32.80.72

200 OK

42 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/BBBank_Logo_HH_Std_RGB_cXPBNkZ.original.png
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
PNG image data, 645 x 209, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (42296 bytes)
Hash
40abb1097870ddd6fa07a276d85ca797
bfef1f7b5372d97218a2d4e81377a73c95a5bb06
6d68574d3214a519e25200b491f2f2aeb59a7c62a8d72c280bb6742a3b724b5c

HTTP Headers

GET /media/images/BBBank_Logo_HH_Std_RGB_cXPBNkZ.original.png HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/png
content-length: 42296
last-modified: Fri, 20 May 2022 11:53:17 GMT
etag: "6287812d-a538"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Grunden.menu.original.menu.original.jpg

185.32.80.72

200 OK

14 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Grunden.menu.original.menu.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
14 kB (14050 bytes)
Hash
7a327ec08384cdda963f7673cefc7d28
19d976ab5b812694c6c5ffac05a6bc746e882373
92babc3cb03ec40b47fa6fd57efca2e1f2a6e6b0e3f884226e5917a1e10970ac

HTTP Headers

GET /media/images/LP_-_Grunden.menu.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 14050
last-modified: Thu, 18 Feb 2021 19:16:50 GMT
etag: "602ebd22-36e2"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
dbab41f0dbcfd9fbb2d06d3807d20210
8cd17d91bc0510921fd25765ca14c076b6f311d9
df76db556aba28cc59c39956035e90b4f6e0485417e0ebc98b56fd559b8de902

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 10:19:34 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "7C74804F534A322D26092A3800B09B5E314525A8"
Expires: Mon, 16 Jan 2023 21:00:00 GMT
Last-Modified: Mon, 16 Jan 2023 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1444
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a61d147b8ab509-OSL

hh.ermoeglicher.de/media/images/LP_-_Nachfolge.menu.original.original.jpg

185.32.80.72

200 OK

19 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Nachfolge.menu.original.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
19 kB (19338 bytes)
Hash
21cb4cffa348d432abc9bd338e8e574b
734b4ae2b1e8cff06381c2f600c7bbc737ed8d10
faedcfea79985c957562aaeb01d8c0fa1cb07ea20deeade22151bc57a6ba0967

HTTP Headers

GET /media/images/LP_-_Nachfolge.menu.original.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 19338
last-modified: Thu, 18 Feb 2021 19:16:27 GMT
etag: "602ebd0b-4b8a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Wachsen.menu.original.original.jpg

185.32.80.72

200 OK

21 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Wachsen.menu.original.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
21 kB (21148 bytes)
Hash
f239c03c1a37d6c56e8093c5be372eae
04a6fc74c3bf0aa2177f6d28bb38fa7a561d2bc9
e639722bca836830c57854b97b5851df9b4a180185b3c214e05b0d66dc25c631

HTTP Headers

GET /media/images/LP_-_Wachsen.menu.original.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 21148
last-modified: Thu, 18 Feb 2021 19:16:08 GMT
etag: "602ebcf8-529c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Stabilisieren.menu.original.original.jpg

185.32.80.72

200 OK

19 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Stabilisieren.menu.original.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
19 kB (18955 bytes)
Hash
27ca43ec8839ff67ccb0140536965edb
a6d16a0da774077fd51a18f30da6156f99069b44
b3ccab537d2c1cda8931b8dd61afc6f3e97daf52df79d527bacd510d6c186600

HTTP Headers

GET /media/images/LP_-_Stabilisieren.menu.original.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 18955
last-modified: Thu, 18 Feb 2021 19:16:51 GMT
etag: "602ebd23-4a0b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Banken.original.menu.original.jpg

185.32.80.72

200 OK

13 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Banken.original.menu.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
13 kB (13372 bytes)
Hash
6d067840cde72a943d34df45ce053ebb
b894cdb02219df54af0233e4fdeab04c93cedce2
0e915ca44e8cfe965a2cd51fcb09068fa1632b1edd4d6f09d472e02889e5eb02

HTTP Headers

GET /media/images/LP_-_Banken.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 13372
last-modified: Thu, 18 Feb 2021 19:16:30 GMT
etag: "602ebd0e-343c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_Leasing.original.menu.original.jpg

185.32.80.72

200 OK

15 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Leasing.original.menu.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
15 kB (14934 bytes)
Hash
8c39d2e91cd07f304655fb25bd7f9177
b80d6e3ee14aff51b1ba2f8f85f827546bded120
bf97b9bee19f63670ea5e1d7d4bb0e2cf797a8ef28e334c66022622d5762daf9

HTTP Headers

GET /media/images/LP_-_Leasing.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 14934
last-modified: Thu, 18 Feb 2021 19:16:54 GMT
etag: "602ebd26-3a56"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

hh.ermoeglicher.de/media/images/LP_-_Beratende_Berufe_ZXZD6OJ.original.menu.original.jpg

185.32.80.72

200 OK

18 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_Beratende_Berufe_ZXZD6OJ.original.menu.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
18 kB (18305 bytes)
Hash
d5e43465a9e9dfff6b90eb7ed92f2a36
a36ec77e2868bb89aad9a9884670f7aa8f058f20
a052db4870c84876c18ebca8672e1c5e8c23f9de951debfe721f70e2461024ba

HTTP Headers

GET /media/images/LP_-_Beratende_Berufe_ZXZD6OJ.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 18305
last-modified: Thu, 18 Feb 2021 19:16:31 GMT
etag: "602ebd0f-4781"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/LP_-_KammernVerbande.original.menu.original.jpg

185.32.80.72

200 OK

16 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/LP_-_KammernVerbande.original.menu.original.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 501x250, components 3\012- data
Size
16 kB (15543 bytes)
Hash
03c25d2096c298bd4672ff78963d3414
f0f0ca8de4b6775b09528b089096948281932e05
41b9ccb6881f9f99c6c34788bb633941a959adcbe292306907f2d1bdc520282f

HTTP Headers

GET /media/images/LP_-_KammernVerbande.original.menu.original.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 15543
last-modified: Thu, 18 Feb 2021 19:16:39 GMT
etag: "602ebd17-3cb7"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/uber_uns.menu.width-501.jpg

185.32.80.72

200 OK

24 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/uber_uns.menu.width-501.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 449x300, components 3\012- data
Size
24 kB (24327 bytes)
Hash
1d23f8d330f4f36af71a2e4cbd043521
3d5bb9b5216bad8f2c4183bc5615b2c1d47e41f5
7f53e501dd588ba5b0e392881abd19cb2138089830ef6286aa65a7d925217f20

HTTP Headers

GET /media/images/uber_uns.menu.width-501.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 24327
last-modified: Thu, 18 Feb 2021 19:17:02 GMT
etag: "602ebd2e-5f07"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/Logo_VDB.width-150.jpg

185.32.80.72

200 OK

3.6 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/Logo_VDB.width-150.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x53, components 3\012- data
Size
3.6 kB (3582 bytes)
Hash
5b5704e54381e6e1ff3493d516ff0e22
95ba58cc2c325d183a831b36bab7fece0a13e37c
1e071354e54d5e427622debd7bbd7f7f72cd8997eff10f84cf5f8e5bbe2bc059

HTTP Headers

GET /media/images/Logo_VDB.width-150.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 3582
last-modified: Wed, 13 Apr 2022 09:48:31 GMT
etag: "62569c6f-dfe"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/BTG_Logo_4c_300dpi_CMYK.jpg.width-150.jpg

185.32.80.72

200 OK

3.3 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/BTG_Logo_4c_300dpi_CMYK.jpg.width-150.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x35, components 3\012- data
Size
3.3 kB (3278 bytes)
Hash
7a071f9c7cb9bb1864257db1ea098e9c
2f45c3da199b72f6d3d47735ba5753be00b061c3
cdcdba161ccee161ccd4deff370978f82e5734c51414a55a16a510ed1886fc2f

HTTP Headers

GET /media/images/BTG_Logo_4c_300dpi_CMYK.jpg.width-150.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 3278
last-modified: Tue, 19 Oct 2021 11:28:30 GMT
etag: "616eabde-cce"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/media/images/logo_VDBS.width-150.jpg

185.32.80.72

200 OK

3.1 kB

URL HTTP/2
hh.ermoeglicher.de/media/images/logo_VDBS.width-150.jpg
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x53, components 3\012- data
Size
3.1 kB (3084 bytes)
Hash
59f97bdb34ea15e8bb9599177258d8ad
53529387a510bb9cee7f5086c88791dd63c776bb
e59a8a71978bd900408403ffc5b195e5a69d5c2b23247e7c48487ae304d46fbb

HTTP Headers

GET /media/images/logo_VDBS.width-150.jpg HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/jpeg
content-length: 3084
last-modified: Thu, 18 Feb 2021 19:15:57 GMT
etag: "602ebced-c0c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/fonts/brandon_grotesque_700_woff2.ce87f4e0d168

185.32.80.72

200 OK

28 kB

URL HTTP/2
hh.ermoeglicher.de/static/fonts/brandon_grotesque_700_woff2.ce87f4e0d168
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
Web Open Font Format (Version 2), TrueType, length 27712, version 1.0\012- data
Size
28 kB (27712 bytes)
Hash
ce87f4e0d16868acaa3a5f4d894e9c29
b0b82fa20adb7c495172f8345f0ef0a64d2f815e
fc19e2d873270cfa3ce69c2345fac36b8ab1b0fe2cd8983f0946a8c180f236b3

HTTP Headers

GET /static/fonts/brandon_grotesque_700_woff2.ce87f4e0d168 HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: application/octet-stream
content-length: 27712
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-6c40"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-K7NF7RM

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-K7NF7RM
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
45 kB (45263 bytes)
Hash
c6c60c0b1216c759725d4101ba2d8e7f
8b4b28218577badbf2a92f9837a6918b859a082c
44a6fc7ab9f65ba44026f5bff86f35b7a0fb967ccd6da7360c1ea37efcf7ff34

HTTP Headers

GET /gtm.js?id=GTM-K7NF7RM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 16 Jan 2023 10:19:34 GMT
expires: Mon, 16 Jan 2023 10:19:34 GMT
cache-control: private, max-age=900
last-modified: Mon, 16 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45263
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/fonts/kepler_std_display_300_woff2.d7777fb08538

185.32.80.72

200 OK

122 kB

URL HTTP/2
hh.ermoeglicher.de/static/fonts/kepler_std_display_300_woff2.d7777fb08538
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
Web Open Font Format (Version 2), CFF, length 121700, version 1.0\012- data
Size
122 kB (121700 bytes)
Hash
d7777fb085385076c168a632ce66d0db
eb5d37d9bc35971f7985ed629313d7db2eb82faa
1b3d70a7c4ab337b8d5169a9d97a1470a873f2784db40a71d8785d56a0755169

HTTP Headers

GET /static/fonts/kepler_std_display_300_woff2.d7777fb08538 HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: application/octet-stream
content-length: 121700
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-1db64"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/fonts/brandon_grotesque_400_woff2.6c288957e1ea

185.32.80.72

200 OK

27 kB

URL HTTP/2
hh.ermoeglicher.de/static/fonts/brandon_grotesque_400_woff2.6c288957e1ea
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
Web Open Font Format (Version 2), TrueType, length 26888, version 1.0\012- data
Size
27 kB (26888 bytes)
Hash
6c288957e1ea69636d76b434a53c65ef
b8e0e2074136f3b167567d532312cc0f838bdf5f
c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc

HTTP Headers

GET /static/fonts/brandon_grotesque_400_woff2.6c288957e1ea HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: application/octet-stream
content-length: 26888
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-6908"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

hh.ermoeglicher.de/static/bundle.9a675619016f.js

185.32.80.72

200 OK

36 kB

URL HTTP/2
hh.ermoeglicher.de/static/bundle.9a675619016f.js
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
data
Size
36 kB (36265 bytes)
Hash
037610a1609db1b32cbee53995c54027
250ecad7a8896cd5d4d7da30f46792c9fcb6b7e4
35b29a93f434b76233688f15db612edfac3b4383978d2f53804dad272f5c4a75

HTTP Headers

GET /static/bundle.9a675619016f.js HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
vary: Accept-Encoding
etag: W/"636d1248-16304"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/favicon/favicon-16x16.be21cb3b89b3.png

185.32.80.72

200 OK

1.3 kB

URL HTTP/2
hh.ermoeglicher.de/static/favicon/favicon-16x16.be21cb3b89b3.png
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1310 bytes)
Hash
be21cb3b89b375c8cf1c26700c920a90
fdb53b2246d0ccaeb65c266cbcba530121b2faf2
004833817ed711d71f0fcab9316993118e48534ce41ad57ef336c4303d0e6e16

HTTP Headers

GET /static/favicon/favicon-16x16.be21cb3b89b3.png HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: image/png
content-length: 1310
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
etag: "636d1248-51e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.228.230.125

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.228.230.125:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ss+anPqFG2uNH3CtUl+Y2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 569tk5qgEVY4ltJMm3MHEU3TtuM=

ocsp.pki.goog/s/gts1d4/jEa5WN7607o

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/jEa5WN7607o
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cf42e7cdbd7a9e7aabfc02945bb9c515
1db467f94f85086f53410240770ade1a85cdf275
2cbc6bbd935b15a88fa6168cba886ffc2f3e1ef1b46a0a0bbdb0dae7aac2666b

HTTP Headers

POST /s/gts1d4/jEa5WN7607o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.usercentrics.eu/browser-ui/latest/loader.js

35.190.14.188

200 OK

21 kB

URL HTTP/2
app.usercentrics.eu/browser-ui/latest/loader.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (63068)
Size
21 kB (21129 bytes)
Hash
c665b569bbe04be9338583c20d162234
9570872fe37d8a740152c2c76e3a6fdd5e449248
24b3e37410b6781d5b30aca7595e5dd2eb95d741330f30b6c8902e8166964ad0

HTTP Headers

GET /browser-ui/latest/loader.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdt3AyDhdxFNDWNIZ8EUub8kL4MT9XDbS7CJLR4HLDQh4cShE-OEIgmfxJyuTC4_cEs4oo0nrGBnuDSSIC-VF-hXnLlJMKkt
x-goog-generation: 1673270178845255
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 21129
content-encoding: gzip
x-goog-hash: crc32c=hnNeow==, md5=xmW1abvgS+kzhYPCDRYiNA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 21129
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
server: UploadServer
date: Mon, 16 Jan 2023 09:31:21 GMT
expires: Mon, 16 Jan 2023 10:31:21 GMT
cache-control: public, max-age=3600, no-transform
age: 2893
last-modified: Mon, 09 Jan 2023 13:16:18 GMT
etag: "c665b569bbe04be9338583c20d162234"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/jEa5WN7607o

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/jEa5WN7607o
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cf42e7cdbd7a9e7aabfc02945bb9c515
1db467f94f85086f53410240770ade1a85cdf275
2cbc6bbd935b15a88fa6168cba886ffc2f3e1ef1b46a0a0bbdb0dae7aac2666b

HTTP Headers

POST /s/gts1d4/jEa5WN7607o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.usercentrics.eu/browser-ui/3.14.0/index.module.js

35.190.14.188

200 OK

102 kB

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/index.module.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
102 kB (102323 bytes)
Hash
6a7f91bc0e5bf6a11055b7140642266f
66e0735d1f80004951f1036fd68e50c547d4c21e
c5c125192926d516b09bc1981205999b73e9c85097d3228ccf78ae1a193f5f0a

HTTP Headers

GET /browser-ui/3.14.0/index.module.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycds_4GV2SfxdTYnWN_WrX9rgDk5Dj5qfHAnCiie2s5aCDXn-zGaiqNUymm3xldaYD_V2I5OgmYJ6Xt6gzg9kEnFE8lMj7C0b
x-goog-generation: 1673270150768233
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 102323
content-encoding: gzip
x-goog-hash: crc32c=a9HzMg==, md5=an+RvA5b9qEQVbcUBkImbw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 102323
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:54 GMT
expires: Tue, 09 Jan 2024 13:19:54 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:50 GMT
etag: "6a7f91bc0e5bf6a11055b7140642266f"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7791e314d72fa8884aae8b6e45a319e
8c0a57d63797ceb5e1f65cbd12c9280f091f1145
b90f8ae07950b910a46f9e44b47cf82af7bbafc84e78e0277883037df3106532

HTTP Headers

POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7791e314d72fa8884aae8b6e45a319e
8c0a57d63797ceb5e1f65cbd12c9280f091f1145
b90f8ae07950b910a46f9e44b47cf82af7bbafc84e78e0277883037df3106532

HTTP Headers

POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json

35.241.3.184

200 OK

0 B

URL HTTP/2
api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /settings/uZ6Kykx5J/latest/languages.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtxSAyblfpdgchHIfTLyeT89wtGZv3tpT3mXYpu5lmbIzsgEw1dW_DHbB-7cmlIM2iKakY5g27K5Cl1cbEOxkY3Bf1XGpWf
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Mon, 16 Jan 2023 10:19:35 GMT
expires: Mon, 16 Jan 2023 10:19:35 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json

35.241.3.184

200 OK

67 B

URL HTTP/2
api.usercentrics.eu/settings/uZ6Kykx5J/latest/languages.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
67 B (67 bytes)
Hash
da13a9b5363ff28c20e52e67131f24fd
1d9f99b1ae654913e9d23a6477c477b7ce924292
86b7be6c42bfb970e332b5d92083dd6370cf0774eedcff50d97a8f689431b1ca

HTTP Headers

GET /settings/uZ6Kykx5J/latest/languages.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsAzENTQsoZt232CquyZ1F8dV8jnDlm6hTuUziT33MRmVd9oDC28HW7muT8xxomSZJmkfqCQdj7WXSt54X8kF1-5w
x-goog-generation: 1673598844215167
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 67
content-encoding: gzip
x-goog-hash: crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 67
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 16 Jan 2023 10:19:34 GMT
expires: Mon, 16 Jan 2023 10:19:44 GMT
cache-control: public, max-age=1800, s-maxage=10
age: 1
last-modified: Fri, 13 Jan 2023 08:34:04 GMT
etag: "da13a9b5363ff28c20e52e67131f24fd"
content-type: application/json
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7791e314d72fa8884aae8b6e45a319e
8c0a57d63797ceb5e1f65cbd12c9280f091f1145
b90f8ae07950b910a46f9e44b47cf82af7bbafc84e78e0277883037df3106532

HTTP Headers

POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json

35.241.3.184

200 OK

0 B

URL HTTP/2
api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /settings/uZ6Kykx5J/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsN6e5AclR6BrgpQzxcFstXm1i_i6BtjzKTn4ARxbo49diSkkjcIxlXq5SHJ9--EK8MLlhB8niaZ2hDkOjw7YV0
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Mon, 16 Jan 2023 10:19:35 GMT
expires: Mon, 16 Jan 2023 10:19:35 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json

35.241.3.184

200 OK

15 kB

URL HTTP/2
api.usercentrics.eu/settings/uZ6Kykx5J/latest/de.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type
JSON data\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
15 kB (15078 bytes)
Hash
758da89da5dcf9dfb65d2a77213b6402
77d9799ebf601d88ecbdc0da8bf95af90005b069
025c7b5b296356f578464dc2c219072565a791ca7a4e860b6e014531bf2d3c4f

HTTP Headers

GET /settings/uZ6Kykx5J/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdt2mTcWQYkMaL2HCzufCDVU93dRieWV2VrBEL0uPDJNRzZnn6TSeuIHbUMTq14SXBaxnhi8nP3E9fgIGeLuNAu5rZEasXor
vary: Accept-Encoding
x-goog-generation: 1673598844205366
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 15078
content-encoding: gzip
x-goog-hash: crc32c=Xt6yZA==, md5=dY2onaXc+d+2XSp3ITtkAg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 15078
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 16 Jan 2023 10:19:35 GMT
expires: Mon, 16 Jan 2023 10:19:45 GMT
cache-control: public, max-age=1800, s-maxage=10
last-modified: Fri, 13 Jan 2023 08:34:04 GMT
etag: "758da89da5dcf9dfb65d2a77213b6402"
content-type: application/json
age: 0
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.usercentrics.eu/browser-ui/3.14.0/DefaultData-179215c9-7baa5001.js

35.190.14.188

200 OK

969 B

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/DefaultData-179215c9-7baa5001.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Java source, ASCII text, with very long lines (2216)
Size
969 B (969 bytes)
Hash
429679c044fd60c0ce820dcfbca470f1
919f5f36abe286c67df62cbbf49b540842e3764d
c351ab377c382afed53524b6ffc344fa02cbbe2c4374749b9bc104a24c2d9082

HTTP Headers

GET /browser-ui/3.14.0/DefaultData-179215c9-7baa5001.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdv9a2twE78eKMgbssFaAE4wU3ker7GLeL7f3qdlJODRkRljaiUaGLS_n7O_5ocPACsOpugikdvMWqgT0qi9UVexbg
x-goog-generation: 1673270138887921
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 969
content-encoding: gzip
x-goog-hash: crc32c=4ZHStw==, md5=QpZ5wET9YMDOgg3PvKRw8Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 969
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:38 GMT
etag: "429679c044fd60c0ce820dcfbca470f1"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.usercentrics.eu/translations/translations-de.json

35.241.3.184

200 OK

0 B

URL HTTP/2
api.usercentrics.eu/translations/translations-de.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /translations/translations-de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvo8faNc8gbx_v1Xf_gyfRNn_KDGmH-pICHIkwVr7YBlZpir-M31-MHuXCNhwIm7Jyfh7-n6U-qncfUe_F6owd_
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Mon, 16 Jan 2023 10:19:35 GMT
expires: Mon, 16 Jan 2023 10:19:35 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.usercentrics.eu/browser-ui/3.14.0/DefaultUI-917606c2-86ee2573.js

35.190.14.188

200 OK

756 B

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/DefaultUI-917606c2-86ee2573.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Java source, ASCII text, with very long lines (1727)
Size
756 B (756 bytes)
Hash
422d4d6b7aa5513eacac282b23d409ea
2831a0f1ddbb56e2e1e40457b1ed1560e6f4bdc1
3097e8c64926e0923f3769c673bfb9c7b142a9e177c56fc3a30f6900ca6c9425

HTTP Headers

GET /browser-ui/3.14.0/DefaultUI-917606c2-86ee2573.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdudTSOd8aB5OlKl5OEAd1oRC6wM3TlcyEAtfo7ClVVI6Wt0PnMn6H76QlY4L14J-qikBlMR49V0mLEHHsiNF0A_oQ
x-goog-generation: 1673270139695243
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 756
content-encoding: gzip
x-goog-hash: crc32c=9JiwXQ==, md5=Qi1Na3qlUT6srCgrI9QJ6g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 756
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:39 GMT
etag: "422d4d6b7aa5513eacac282b23d409ea"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.usercentrics.eu/browser-ui/3.14.0/FirstLayerCustomization-0e1d6632-5d888855.js

35.190.14.188

200 OK

1.1 kB

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/FirstLayerCustomization-0e1d6632-5d888855.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Java source, ASCII text, with very long lines (2946)
Size
1.1 kB (1065 bytes)
Hash
0d6ec7870bbbebf47d05f148a5112e9a
b2b7432aa372c677048a49946363a6711d277eb4
acda725c35bd0ad0c1782ff1d7f538ca92d9141ddd71c2a7bfc97ca9c7e8901e

HTTP Headers

GET /browser-ui/3.14.0/FirstLayerCustomization-0e1d6632-5d888855.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsw2vgRdlAi8a0jUQj_eYzpo4gF7VYob_2_albS3b22M8C-sLWYycaTurzsWpZ9fal7iSgCaolEsDRivMUoXExC_Pc0FZwM
x-goog-generation: 1673270139887198
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1065
content-encoding: gzip
x-goog-hash: crc32c=7/3XBA==, md5=DW7Hhwu76/R9BfFIpREumg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1065
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:39 GMT
etag: "0d6ec7870bbbebf47d05f148a5112e9a"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.usercentrics.eu/browser-ui/3.14.0/ButtonsCustomization-1efef9a5-d4bd00e7.js

35.190.14.188

200 OK

235 B

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/ButtonsCustomization-1efef9a5-d4bd00e7.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Java source, ASCII text, with very long lines (472)
Size
235 B (235 bytes)
Hash
be79da7928d2f71598d851c9346c7152
5e49d6a1481d421ce79ed54e78539e1360fea0e5
f3550384184791606f53a8515218a97d3af9d6f204526ae8bc37c5a248772092

HTTP Headers

GET /browser-ui/3.14.0/ButtonsCustomization-1efef9a5-d4bd00e7.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycds0Lp45DvYvKN7nGOANcp7Rw4bp0Ec0HGKMzSkCgV9oYAoY8gZG_QSDcMdPyh_7W6swsCk6nlq36O4h2Y5GaF0W6w
x-goog-generation: 1673270137416232
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 235
content-encoding: gzip
x-goog-hash: crc32c=xrAIiA==, md5=vnnaeSjS9xWY2FHJNGxxUg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 235
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:37 GMT
etag: "be79da7928d2f71598d851c9346c7152"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.usercentrics.eu/browser-ui/3.14.0/SecondLayerUI-87844021-0f5d225e.js

35.190.14.188

200 OK

317 B

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/SecondLayerUI-87844021-0f5d225e.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Java source, ASCII text, with very long lines (566)
Size
317 B (317 bytes)
Hash
7fd7a8af6f28663e7ae7b326baaae490
34b4931a321307f3adbdaeee734e0d29cc2c3a3a
969f4e6850c37dc8d96f95ec8a24e475d6d15d695d50b6ad920673f381b43cf8

HTTP Headers

GET /browser-ui/3.14.0/SecondLayerUI-87844021-0f5d225e.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvYg_i6QsLCRglRyJS2X_IIaO_2isEhoOf9rISkwhEEUN26L5AAAVXETiqr-l4fkLvGVVZTdknOjiZQY5W0NaGsiA
x-goog-generation: 1673270141148402
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 317
content-encoding: gzip
x-goog-hash: crc32c=wmDWLQ==, md5=f9eor28oZj5657MmuqrkkA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 317
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:41 GMT
etag: "7fd7a8af6f28663e7ae7b326baaae490"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.usercentrics.eu/browser-ui/3.14.0/Taglogger-3287a09c-e1e8bf90.js

35.190.14.188

200 OK

617 B

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/Taglogger-3287a09c-e1e8bf90.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
C source text\012- Java source, ASCII text, with very long lines (1156)
Size
617 B (617 bytes)
Hash
12ac7e5970b1c33da140b0e99f999ff6
33c4f38661cae56a04ef4dcd93f7a2ad8c8c27ed
832d75d02b91ed5fe26bdaf14bf3817b5d019bce6af966517f04bb7141a5e411

HTTP Headers

GET /browser-ui/3.14.0/Taglogger-3287a09c-e1e8bf90.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdu-cwjPYghFWJXqJXKE3AFVC0o85uH06GdmJ6Y10Q_PoOjuasd6Let9lhBuRaVJ2dw_Q3tVgtkRAAs1NbRb4u7Dbg
x-goog-generation: 1673270142417959
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 617
content-encoding: gzip
x-goog-hash: crc32c=OfhdRw==, md5=Eqx+WXCxwz2hQLDpn5mf9g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 617
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:42 GMT
etag: "12ac7e5970b1c33da140b0e99f999ff6"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.usercentrics.eu/browser-ui/3.14.0/PrivacyButton-838e13c6.js

35.190.14.188

200 OK

2.4 kB

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/PrivacyButton-838e13c6.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Java source, ASCII text, with very long lines (5491)
Size
2.4 kB (2449 bytes)
Hash
84a2c742232c767484f7b6d01911cb03
194c373b281e65b423ebe1cf92d7f0054fd779cd
82fc5127786452d1ed4f2869810e262273cd45350e989a0e5e5f5011dbec0340

HTTP Headers

GET /browser-ui/3.14.0/PrivacyButton-838e13c6.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtGi5koPy_BazwfSgji9tY9VHl8MmRh8uasB7eWmoDK1-RNbRQEgIpOEcB6vrqOUdnChtyJxWNLnEjYLsF_i0j8hg
x-goog-generation: 1673270140109692
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2449
content-encoding: gzip
x-goog-hash: crc32c=ZHI2jA==, md5=hKLHQiMsdnSE97bQGRHLAw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 2449
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:40 GMT
etag: "84a2c742232c767484f7b6d01911cb03"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/VJA41Da9_CE

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bcab1be2e8e19cb953dcb55a3b6257b3
a73016d37dfa8d8e9dd10fb0a899b1e56c4bf112
b94fb659c86728b28e3cc33c321a52c33703b7f1dd3c3622337b7496a1315caf

HTTP Headers

POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.usercentrics.eu/browser-ui/3.14.0/index-1e4fcfa6.js

35.190.14.188

200 OK

810 B

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/index-1e4fcfa6.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Java source, ASCII text, with very long lines (1741)
Size
810 B (810 bytes)
Hash
c608dd060a753af255b9e573c9aac61d
f304b30db4fec4f2fff3abf29b660d47b4187a58
bcb4077f084d44314b86fffba955e3d9ffec4602fb4e097eae0645a24bc93cc8

HTTP Headers

GET /browser-ui/3.14.0/index-1e4fcfa6.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvsY-hgzhznKiA2f2ODA33lwYG3e6BoEzrKjfJAd81DbZ7E4b79BxgDuQ7vG-zsprhojl4ItQcNIInguMBlsUYsFA
x-goog-generation: 1673270149071124
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 810
content-encoding: gzip
x-goog-hash: crc32c=HcpTCA==, md5=xgjdBgp1OvJVueVzyarGHQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 810
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:49 GMT
etag: "c608dd060a753af255b9e573c9aac61d"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/VJA41Da9_CE

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bcab1be2e8e19cb953dcb55a3b6257b3
a73016d37dfa8d8e9dd10fb0a899b1e56c4bf112
b94fb659c86728b28e3cc33c321a52c33703b7f1dd3c3622337b7496a1315caf

HTTP Headers

POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
73727743b2dbbecd5f9857c5611a2606
63e22ec6acf2e42a7faccd472f9db73195f76c99
f7be7ba281e89bcd3d97b15ac364a15f73e65cd182110cbae9b07aa6164094ad

HTTP Headers

POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
73727743b2dbbecd5f9857c5611a2606
63e22ec6acf2e42a7faccd472f9db73195f76c99
f7be7ba281e89bcd3d97b15ac364a15f73e65cd182110cbae9b07aa6164094ad

HTTP Headers

POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.usercentrics.eu/browser-ui/3.14.0/index-b02ff534.js

35.190.14.188

200 OK

2.0 kB

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/index-b02ff534.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Java source, ASCII text, with very long lines (5001)
Size
2.0 kB (2042 bytes)
Hash
ad230e0a7fe78a219f027e8acc0f1eb6
5fcf9cad315d1c7f296bb8eccb06ccd28e077f21
103827125f5dd2c4777501522f4879ffdb0bcc939b7209134f6daca2b6867972

HTTP Headers

GET /browser-ui/3.14.0/index-b02ff534.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsiZTiInowNOXf1hXSDTcpgtQBLJeyUorr8lnzo6aIIZe9lPecSTC29AJ8-F0OEwaOropTkH9h6Za1ly9HHJWGTyQ
x-goog-generation: 1673270149888726
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2042
content-encoding: gzip
x-goog-hash: crc32c=QYBqPg==, md5=rSMOCn/niiGfAn6KzA8etg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 2042
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:49 GMT
etag: "ad230e0a7fe78a219f027e8acc0f1eb6"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e084f532cbbfb0da739b8a8a70da3f32
a3587d59bd8a5635b74d99cd1154ef26b7fbbf45
687e41e57d57ab21f12faa30436d95f9113b72d3a14371602bff01788baa1181

HTTP Headers

POST /s/gts1d4/yQ_v2YqKKtg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

graphql.usercentrics.eu/graphql

34.120.238.166

204 No Content

0 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Mon, 16 Jan 2023 10:19:35 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.usercentrics.eu/browser-ui/3.14.0/SaveButton-e4a1936a.js

35.190.14.188

200 OK

586 B

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/SaveButton-e4a1936a.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Java source, ASCII text, with very long lines (1364)
Size
586 B (586 bytes)
Hash
3ea71e46fce01c6fb9ac10c8991fefe3
10b4d22bc7534bcd8c712929bdc5410cc54cf0f1
daefc0c582eaf0c7e5764c55eba139097b23d738b9e7dc76e7b67a37a8405c62

HTTP Headers

GET /browser-ui/3.14.0/SaveButton-e4a1936a.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdswWGF39lm4S9FIc1WoSOXEdD_Ge-inrlS43gUGIzJF4QhFvl-vJGt2Po5J5QsfzhJsPH1Zl9YRQMtgbrsS9zyLBg
x-goog-generation: 1673270140941934
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 586
content-encoding: gzip
x-goog-hash: crc32c=KlG9zA==, md5=PqceRvzgHG+5rBDImR/v4w==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 586
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:40 GMT
etag: "3ea71e46fce01c6fb9ac10c8991fefe3"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.usercentrics.eu/browser-ui/3.14.0/VirtualServiceItem-5cefb71d.js

35.190.14.188

200 OK

48 kB

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/VirtualServiceItem-5cefb71d.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
48 kB (48016 bytes)
Hash
3d0e5a27e19ecf729df498f3b7f4052c
c1e687a69189c59644f4ca5a765a05bf5dd7d460
8e0559c2a08e32f5f4767946420102b0bdd1f6be66ca5be10ef8dc091f1d15b3

HTTP Headers

GET /browser-ui/3.14.0/VirtualServiceItem-5cefb71d.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycduFzFQrhbh_hKyKl3ijNedOoMMnQGNrZvXPT4z3pDLQrjsRdfjv_o1NNYUR2WCnoZiq0zKQdArptqUh0AnIItnTxA
x-goog-generation: 1673270143113480
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 48016
content-encoding: gzip
x-goog-hash: crc32c=rb7rzQ==, md5=PQ5aJ+Gez3Kd9Jjzt/QFLA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 48016
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:43 GMT
etag: "3d0e5a27e19ecf729df498f3b7f4052c"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.usercentrics.eu/browser-ui/3.14.0/DefaultTabs-818c5157.js

35.190.14.188

200 OK

1.7 kB

URL HTTP/2
app.usercentrics.eu/browser-ui/3.14.0/DefaultTabs-818c5157.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Java source, ASCII text, with very long lines (4401)
Size
1.7 kB (1684 bytes)
Hash
aa05a4a385893ab32ffbf0ee5d81b4f0
af579f4c099158e5342930a440e1318bf30208e5
aad405328460de2b1cd18ee22af7c745e064376de01829156751deeb98ba6025

HTTP Headers

GET /browser-ui/3.14.0/DefaultTabs-818c5157.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvoNCtscuwj5nestAMPF3cUNX0jBx1_UkbGEBE_a3iYxiua9q9jfJv8FkNyLxTLug80XL6s4QjvYDy0uRycUnqCtw
x-goog-generation: 1673270139101973
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1684
content-encoding: gzip
x-goog-hash: crc32c=nYfOyw==, md5=qgWko4WJOrMv+/DuXYG08A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1684
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 09 Jan 2023 13:19:55 GMT
expires: Tue, 09 Jan 2024 13:19:55 GMT
cache-control: public, max-age=31536000, no-transform
last-modified: Mon, 09 Jan 2023 13:15:39 GMT
etag: "aa05a4a385893ab32ffbf0ee5d81b4f0"
content-type: application/javascript
age: 593980
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

consent-api.service.consent.usercentrics.eu/consent/uw/1

35.201.111.240

204 No Content

0 B

URL HTTP/2
consent-api.service.consent.usercentrics.eu/consent/uw/1
IP
35.201.111.240:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /consent/uw/1 HTTP/1.1
Host: consent-api.service.consent.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Origin: https://hh.ermoeglicher.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-max-age: 86400
x-cloud-trace-context: 7cb963815c75653da4b57db538c64362
date: Mon, 16 Jan 2023 10:19:35 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

uct.service.usercentrics.eu/uct?v=1&sid=uZ6Kykx5J&t=1&abv=&r=https%3A%2F%2Fhh.ermoeglicher.de%2Faktuell%2Fcorona-virus-infos-fuer-unternehmen%2F&cb=1673864376086

34.95.108.180

200 OK

35 B

URL HTTP/2
uct.service.usercentrics.eu/uct?v=1&sid=uZ6Kykx5J&t=1&abv=&r=https%3A%2F%2Fhh.ermoeglicher.de%2Faktuell%2Fcorona-virus-infos-fuer-unternehmen%2F&cb=1673864376086
IP
34.95.108.180:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /uct?v=1&sid=uZ6Kykx5J&t=1&abv=&r=https%3A%2F%2Fhh.ermoeglicher.de%2Faktuell%2Fcorona-virus-infos-fuer-unternehmen%2F&cb=1673864376086 HTTP/1.1
Host: uct.service.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-store
content-type: image/gif
function-execution-id: pqtbczk6uc4m
x-powered-by: Express
x-cloud-trace-context: a9d83973d7a2aa36981192122cdd56ec
date: Mon, 16 Jan 2023 10:19:35 GMT
server: Google Frontend
content-length: 35
via: 1.1 google
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/VJA41Da9_CE

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bcab1be2e8e19cb953dcb55a3b6257b3
a73016d37dfa8d8e9dd10fb0a899b1e56c4bf112
b94fb659c86728b28e3cc33c321a52c33703b7f1dd3c3622337b7496a1315caf

HTTP Headers

POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

consent-api.service.consent.usercentrics.eu/consent/uw/1

35.201.111.240

201 Created

0 B

URL HTTP/2
consent-api.service.consent.usercentrics.eu/consent/uw/1
IP
35.201.111.240:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /consent/uw/1 HTTP/1.1
Host: consent-api.service.consent.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 1efcd38f-2e08-45fa-acbf-e131c254144c
Origin: https://hh.ermoeglicher.de
Content-Length: 611
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 201 Created
vary: Origin
access-control-allow-origin: *
x-cloud-trace-context: a1633dcc49956d0314a8a2aec8bf1225
date: Mon, 16 Jan 2023 10:19:35 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
73727743b2dbbecd5f9857c5611a2606
63e22ec6acf2e42a7faccd472f9db73195f76c99
f7be7ba281e89bcd3d97b15ac364a15f73e65cd182110cbae9b07aa6164094ad

HTTP Headers

POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e084f532cbbfb0da739b8a8a70da3f32
a3587d59bd8a5635b74d99cd1154ef26b7fbbf45
687e41e57d57ab21f12faa30436d95f9113b72d3a14371602bff01788baa1181

HTTP Headers

POST /s/gts1d4/yQ_v2YqKKtg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 10:19:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2456
Expires: Mon, 16 Jan 2023 11:00:31 GMT
Date: Mon, 16 Jan 2023 10:19:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2456
Expires: Mon, 16 Jan 2023 11:00:31 GMT
Date: Mon, 16 Jan 2023 10:19:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2456
Expires: Mon, 16 Jan 2023 11:00:31 GMT
Date: Mon, 16 Jan 2023 10:19:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2456
Expires: Mon, 16 Jan 2023 11:00:31 GMT
Date: Mon, 16 Jan 2023 10:19:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2456
Expires: Mon, 16 Jan 2023 11:00:31 GMT
Date: Mon, 16 Jan 2023 10:19:35 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6273 bytes)
Hash
a7917592de9f2ddbe7d3a7fa7f3d4d62
866b04ce93a30369d7cb0a6d2155a8b10292507f
da58e1798bf0fcbfe771420a66bbf671cc84e0ca429e076fdc70bb8d73cddb18

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6273
x-amzn-requestid: f5d21802-91ea-44cc-aeb2-8ec9af07e1a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOyFwNIAMFZsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725e-3028350e72b2ee7b6ae44f2c;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8ggqVFvybykQ-MJzU9H_L6JS9YqmLGsuaMJ34Qy7o6yoMOJOmvYsMA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:53:09 GMT
age: 44786
etag: "866b04ce93a30369d7cb0a6d2155a8b10292507f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc3d9c-c641-44bc-8984-14b267d61d21.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10853 bytes)
Hash
15d27349999654cef859ce88c7667481
9fff393bf1bfa3b7343f38377e8c8ba62f1c0330
86cb634ee11bcffc4f3ee27a2296391ef30db42fad0ff4175e972f326874f0a3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc3d9c-c641-44bc-8984-14b267d61d21.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10853
x-amzn-requestid: 6b62dbea-3621-4c4b-acbd-7b9dc716388f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewYy0E6QIAMFpxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c33b45-7ffc9a9e28483e9726018e05;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:31:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yyeXOa4MReEjxsfEcvCVO3Qca3dXxD0qXrmqhUtAVhN39ExEVltpvQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 08:05:35 GMT
age: 8040
etag: "9fff393bf1bfa3b7343f38377e8c8ba62f1c0330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99108d47-2f63-4dc7-965c-495b56c7fc30.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6559 bytes)
Hash
8f9856e4a4461fb58b07a0202bded19e
8ff627a2fe99aaf07ec035d4a1efbf85835491e4
013181b036009effe9e2cf8e43965aa34ac68f8d1fcfcaac620441b00b26759f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99108d47-2f63-4dc7-965c-495b56c7fc30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6559
x-amzn-requestid: 2077d9af-6d78-4811-9526-2be067f54bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbLfE0pIAMFS7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47249-66bae56324858b0778530aeb;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7U9q5ecOsAOG_pyzfc4kThdaTReeTP_MRP0CH5eRj6a1Pqts6Oki3w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:19 GMT
age: 44716
etag: "8ff627a2fe99aaf07ec035d4a1efbf85835491e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F360310e0-03ae-4853-b8a4-4117707ac991.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7971 bytes)
Hash
89c2bbf2540f9f3698595b5643a8c146
8238969b9c53026326c556ca715bccab0be33156
1d360a683abc9d9dc90037c57298e63d14cf25b92b6afdc2e79da9c93e277288

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F360310e0-03ae-4853-b8a4-4117707ac991.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: d9240258-3dae-46d5-8092-4b8984011677
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbLXFyEIAMF9XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47248-209b22df69d4277b0843a6c3;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: stGH_FOj16gjy9qlxtIM-BymA0R1M9uNbNBc3Z3YPVxz73l5IJhzpA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:52:08 GMT
age: 44847
etag: "8238969b9c53026326c556ca715bccab0be33156"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5766 bytes)
Hash
542f87ebb35e170451b610e4b700bcb1
2259cdebacc4c9f07aad838eec494863d4273ad1
85001f2cf33f3fc98d4cdcc7aef38611e34aea3a791d8acb0a5946c4619398eb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5766
x-amzn-requestid: b6a8d7ee-ff35-4720-8d2e-ba2b8db6edfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbP4GDQIAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47265-6022a62f69d8f938458d18a0;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YcIDYSEtEIIfGauNxD9V1tuSCAPDq9OaaAATRTOC3Sjlb-72IA0ScQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:02:24 GMT
age: 44231
etag: "2259cdebacc4c9f07aad838eec494863d4273ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9176 bytes)
Hash
ad1a79b09348c4959a8ac05513efcb78
10c0a66add63c868ff332022f588e65f4ac1ec15
8a123746389e6b480669b8d6882f7edce290f1c226cd6744e23bac94b8de6d32

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9176
x-amzn-requestid: 1d5746ff-7de6-4a54-87d2-d15330d1bb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlL8HiPoAMFrIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21be5-044d012445cf23c01cb07a89;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:05:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rlWcTZTEG0kynoJM9bd9eba8kiPvodkF7ewyDV7JaR9qPjiNMApa1g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 00:20:11 GMT
age: 35964
etag: "10c0a66add63c868ff332022f588e65f4ac1ec15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/

185.32.80.72

404 Not Found

0 B

URL HTTP/2
hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /aktuell/corona-virus-infos-fuer-unternehmen/ HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: DENY
vary: Accept-Encoding, Accept-Language, Origin, Cookie
content-language: en
x-content-type-options: nosniff
referrer-policy: same-origin
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

hh.ermoeglicher.de/static/global.9152f8640b6c.css

185.32.80.72

200 OK

0 B

URL HTTP/2
hh.ermoeglicher.de/static/global.9152f8640b6c.css
IP
185.32.80.72:0
ASN
#42263 German Edge Cloud GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/global.9152f8640b6c.css HTTP/1.1
Host: hh.ermoeglicher.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh.ermoeglicher.de/aktuell/corona-virus-infos-fuer-unternehmen/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.3
date: Mon, 16 Jan 2023 10:19:34 GMT
content-type: text/css
last-modified: Thu, 10 Nov 2022 15:01:28 GMT
vary: Accept-Encoding
etag: W/"636d1248-1f93e"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

graphql.usercentrics.eu/graphql

34.120.238.166

200 OK

0 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: a903b74a-e9c1-4c39-bfd8-2a27f46650ca
Origin: https://hh.ermoeglicher.de
Content-Length: 1997
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 16 Jan 2023 10:19:35 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"169-Br6zJjHYbc9EdJNVTnswTjxVlfc"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML