gdp.reise/
92.51.134.215301 Moved Permanently 290 B IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dd6f456bf1b59ea70b28cb6706dfcb4b
1046f5303cf31136b18fbe29382106de2518b735
35e6482f42dcf19fabef43babe1e6a94f56a879fa3ddb866ece788fc41123e7e
GET / HTTP/1.1
Host: gdp.reise
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 22 Sep 2022 13:32:53 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 290
Connection: keep-alive
Location: https://www.gdp.reisen/
X-Powered-By: PleskLin
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 13:03:13 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: A7UOGYB3shyEsu0-KpDNPy2IerAv3RF8bmX_9lnbw65KuH_K1n_ewA==
Age: 1780
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8533
Expires: Thu, 22 Sep 2022 15:55:06 GMT
Date: Thu, 22 Sep 2022 13:32:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8PeCY58hCWkWy81_VUwPoJbk7jJvk0SG6Bue4lBFwZZ6HrEnRSydLw==
age: 32259
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 13:32:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 67aca531ca495bf6c1a511d9b2e898c9
6010c1d4514c44a3ea67996bc1133e5f1ef3f96f
a4f32b58f9d0d3976c07c8a796f73a892b3cc09763e3782c330ff596be58e66e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F32B58F9D0D3976C07C8A796F73A892B3CC09763E3782C330FF596BE58E66E"
Last-Modified: Thu, 22 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Thu, 22 Sep 2022 19:32:03 GMT
Date: Thu, 22 Sep 2022 13:32:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 22 Sep 2022 13:03:22 GMT
Expires: Thu, 22 Sep 2022 13:14:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sOr96NdMlRo5NmK6c9Y4N7a9p6Bzfn4vOgvnus0Nbk2UARyBhau3dQ==
Age: 1772
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css
104.17.24.14200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (22251)
Hash 4dbf1735a5370350943bce0dbad5843d
3a9d68ea18c3aa70887283c3c36b154ddd31ced8
b7cd289c437127d58b709dc9999390fe68d378d506a8a31252c74c70597e162e
GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
content-type: text/css; charset=utf-8
content-length: 2880
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-580a"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 18791935
expires: Tue, 12 Sep 2023 13:32:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCSQ8GBW4OWyu5cz8LYFK9vcIFXY7r2KwMyfDLjrzhb2m11VOokRBdlKr3vvSXIlQwcxb7H4p2dT6%2BsRXUDPkbtuaZyx51GhUAe5ZAyaYGGbXAYE0vRR8Ivc29UmfSHb%2Fw0hTjYF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74eb68c939041c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1510
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:54 GMT
Last-Modified: Thu, 22 Sep 2022 13:07:44 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js
104.17.24.14200 OK 6.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (27931)
Hash beafb90e7e7cb9afd1931dd1ce3d8a6b
ecb8187bf858a727949be0fffbadd1d018e0c169
eabdef01e87e471436dfac8d11edcd16c85d433aa854cdd695165399980ca818
GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gdp.reisen
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 6422
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-6e3e"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9937886
expires: Tue, 12 Sep 2023 13:32:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kj1Ue0r9nRgtUioD2WaXRLxO5RnEQ%2FNXZhtqMyS7GJcxzA9DBaYdtuvqACsc9UrKqzVgIh3DWeEHmXddCxmKHyRG0gBBMf4UbpedSuEN3i9wyMTqgaz0m9yWvPVqCIFceVRrX5CE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74eb68c959e5fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gdp.reisen/fonts/flaticon/Flaticon.woff2
5.175.22.217200 OK 37 kB URL HTTP/2 www.gdp.reisen/fonts/flaticon/Flaticon.woff2
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Hash e97e6acd6d5fae4dfb1b353ddf3dcf0f
186f523c36cdd4d80122ea6daf40106e0ce3e20d
0b56c2c2e69c2334a1881c975f0a1223b73447cd57a13f6b435b239a87de961e
Analyzer Verdict Alert fortinet Phishing
GET /fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 36736
content-type: font/woff2
X-Firefox-Spdy: h2
www.gdp.reisen/www/fonts/montserrat.css
5.175.22.217404 Not Found 196 B URL HTTP/2 www.gdp.reisen/www/fonts/montserrat.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /www/fonts/montserrat.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.gdp.reisen/assets/css/colorpalette.min.css
5.175.22.217200 OK 1.9 kB URL HTTP/2 www.gdp.reisen/assets/css/colorpalette.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with very long lines (8960), with CRLF line terminators
Hash 475de567aa0032280982829dcfc11116
4eceb810b11b830494dc13abff7eb578c42c2f0c
e405a2f80f2edb9470ad0a5184108ea934d9e512a8ed7894e60d9d2388ce219b
GET /assets/css/colorpalette.min.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Wed, 08 Jul 2020 05:55:56 GMT
etag: "3e89-5a9e7c2ecfd8b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 1898
content-type: text/css
X-Firefox-Spdy: h2
www.gdp.reisen/assets/css/color_scheme/customcolor.css
5.175.22.217200 OK 3.1 kB URL HTTP/2 www.gdp.reisen/assets/css/color_scheme/customcolor.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with very long lines (582), with CRLF line terminators
Hash 60d56c255a871ae01312cdbdf6ec1e27
8d986fa1d7258c73f1d6d2a043fc0bea80b88ca7
598057d50bdcc975d1742a5b6e8cc49575cb5394cead95b3a4d34aa94ffa97a5
GET /assets/css/color_scheme/customcolor.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Sun, 12 Jul 2020 12:43:45 GMT
etag: "4498-5aa3decc0656d-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 3095
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U
IP 142.250.74.3:0
Hash d6da357df380d99f33f26d8f1ae55bcb
541683dd8fb3dc09708487a0b798897bef97d4f5
89563b69181fa3867fc228cc31c46c08aaa1704c8a849d1809a5f836a5609733
POST /s/gts1d4/tkhg_zkCU7U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gdp.reisen/assets/css/vendor.swiper.min.css
5.175.22.217200 OK 4.2 kB URL HTTP/2 www.gdp.reisen/assets/css/vendor.swiper.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text, with very long lines (21675), with no line terminators
Hash 21888b586f9fd75d444d25f8e118f5d7
3f92c9c4fe3cb925d4e4f78f5af3b681b3c8c9e5
4151ce7b54bb179dd95e4b52465aeb2e0396d1868207e9ba98f8490cb1b352c0
GET /assets/css/vendor.swiper.min.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Tue, 07 Jul 2020 09:54:09 GMT
etag: "54b2-5a9d6f907ba36-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 4187
content-type: text/css
X-Firefox-Spdy: h2
www.gdp.reisen/assets/css/custom.css
5.175.22.217200 OK 3.0 kB URL HTTP/2 www.gdp.reisen/assets/css/custom.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with CRLF, LF line terminators
Hash 3f3dcde275d75ccd807e2e5e2f616812
e530d19c468592f6d6b2e217ca8b4b62aa6e5688
476ee261ef6f668eadf94cfffb6d64d227d6ccc1ee23659ab6f29835c61d94ac
GET /assets/css/custom.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Wed, 29 Jul 2020 14:42:41 GMT
etag: "3fbb-5ab959162640a-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 2987
content-type: text/css
X-Firefox-Spdy: h2
www.gdp.reisen/assets/css/vendor_bundle.min.css
5.175.22.217200 OK 3.8 kB URL HTTP/2 www.gdp.reisen/assets/css/vendor_bundle.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (39344)
Hash f95b5a6991b49a2d93a49c25b0507269
7ddba3d5c0fec9763dc37659af52ddc9a5fdb9ca
5c88a4b0439697d533ea190a067005a323d0a9e481b871985ebf30f8b854ed58
GET /assets/css/vendor_bundle.min.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:43 GMT
etag: "99c6-5a67923a7b3c0-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 3836
content-type: text/css
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Logos/GEW_NRW_v01.png
5.175.22.217200 OK 4.7 kB URL HTTP/2 www.gdp.reisen/images/GdP/Logos/GEW_NRW_v01.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 254 x 198, 8-bit colormap, non-interlaced\012- data
Hash ce331eba307acc78d99bb8c837550c8c
d0ee40c6dff28c10bc0721ccfcdfcfb5012064b8
fa676afd8327c32ab6134d6343628b8e3661dfc70423bb618e58f1aa2e63fd01
GET /images/GdP/Logos/GEW_NRW_v01.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 04 Apr 2022 09:20:24 GMT
etag: "124c-5dbd0a3667290"
accept-ranges: bytes
content-length: 4684
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/
5.175.22.217200 OK 243 kB IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (56598), with no line terminators
Size 243 kB (242746 bytes)
Hash 9676ccd8b8b5b41dfee32ef0bf5cbfad
72911870268ea993899db22658da80b7c98d33ac
840353cb39429ea9ecc71b8029c5b875c75ce32d478e4354cc707bfe3fd51942
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
set-cookie: CFID=35912394; Expires=Fri, 23-Sep-2022 13:32:54 GMT; Path=/; HttpOnly
CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2; Expires=Fri, 23-Sep-2022 13:32:54 GMT; Path=/; HttpOnly
cache-control: max-age=420, private, must-revalidate
expires: Fri, 23 Sep 2022 13:32:54 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Logos/Signal-iduna.png
5.175.22.217200 OK 5.3 kB URL HTTP/2 www.gdp.reisen/images/GdP/Logos/Signal-iduna.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 320 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash c774de9a641e4b7e78779107fd5caf06
3927ac5cb5811d8465d90c16259576d72be44221
8fc719f7eebb81793f78c38a6bd3d93e1c41e0f4be88eefdc741b7e942b2f616
GET /images/GdP/Logos/Signal-iduna.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Wed, 13 Jul 2022 09:15:24 GMT
etag: "14a5-5e3ac39ab1b15"
accept-ranges: bytes
content-length: 5285
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Apps/App_Store_Badge_DE_wht_092917.png
5.175.22.217200 OK 9.1 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Apps/App_Store_Badge_DE_wht_092917.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash dbdfbd1591c519a46bbc08a719af0de1
7fb96e4c45469d412e9676935d9b23cc2e718fae
06a953240c823a22fd7a254a53f9d5317c0883455d7da346e847dc26bc2339c2
GET /images/BilderPool/Apps/App_Store_Badge_DE_wht_092917.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 27 Jun 2022 15:44:05 GMT
etag: "23b6-5e26fca3647f6"
accept-ranges: bytes
content-length: 9142
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/www/gdp.reisen/img/logo_WEB.png
5.175.22.217200 OK 10 kB URL HTTP/2 www.gdp.reisen/www/gdp.reisen/img/logo_WEB.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 1000 x 150, 8-bit colormap, non-interlaced\012- data
Hash 702571f78cc153444926ed6c38180cfc
03fff1abb61414e7d9f454667bc8691388ab8813
8b1436316d04aba8bed6450776a4ec3f956f94d2b6f1675a58c1e0ba311b155b
GET /www/gdp.reisen/img/logo_WEB.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Fri, 07 Jan 2022 10:12:14 GMT
accept-ranges: bytes
content-length: 10399
cache-control: max-age=2592000, public
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Apps/google-play-badge.png
5.175.22.217200 OK 13 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Apps/google-play-badge.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 646 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 235818b9a5bf7810fc4cc1b20c81338a
45ae2af8287200f57ccded1fbc912876d4e582a3
f3db90e9aba4971877831a6e6904915e031423cb728a2b67cc3019b893e3fe9a
GET /images/BilderPool/Apps/google-play-badge.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 27 Jun 2022 15:44:05 GMT
etag: "3333-5e26fca3647f6"
accept-ranges: bytes
content-length: 13107
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Team/Hesse.jpg
5.175.22.217200 OK 27 kB URL HTTP/2 www.gdp.reisen/images/GdP/Team/Hesse.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash 741d21c12cc7a7b46e1dfa4c4853a9c3
898204c4d85919b1dcb4fe3c7a0190d48a103392
685d520df55383ee642e512e62292cc4360c2d23bff0e290670f48516eb1fd21
GET /images/GdP/Team/Hesse.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Thu, 24 Mar 2022 17:25:22 GMT
etag: "6b23-5dafa218308a0"
accept-ranges: bytes
content-length: 27427
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Logos/GdP_v01.png
5.175.22.217200 OK 31 kB URL HTTP/2 www.gdp.reisen/images/GdP/Logos/GdP_v01.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 280 x 280, 8-bit colormap, non-interlaced\012- data
Hash a04176d65dce9e8195fee491b56aa388
78437b264b94a6e095f06a7287ad5832bf9bb767
1a2c50bf47f031a6d37770257f8275be3632c885f0e1c1cc180b0ddc778c655f
GET /images/GdP/Logos/GdP_v01.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 04 Apr 2022 09:20:24 GMT
etag: "79ef-5dbd0a3667290"
accept-ranges: bytes
content-length: 31215
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Logos/bundeswehrverband_v01.png
5.175.22.217200 OK 31 kB URL HTTP/2 www.gdp.reisen/images/GdP/Logos/bundeswehrverband_v01.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 649bb6a67a51eb61a86ce1e46b1b2bd9
aaad88fc546326ff79d5a120f7c8800ea940b216
8e11d803995660d39afbd2f06745c9631e731e973853947ae19d21dc3e933de9
GET /images/GdP/Logos/bundeswehrverband_v01.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 04 Apr 2022 09:20:24 GMT
etag: "7863-5dbd0a365f978"
accept-ranges: bytes
content-length: 30819
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Team/Hamann.jpg
5.175.22.217200 OK 39 kB URL HTTP/2 www.gdp.reisen/images/GdP/Team/Hamann.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash cae8752ea30b514bdc915abfda1009ca
d74173c7f299044de55d588a5db9cca4580a5998
d4cd5493b078c05bf3473ccc74c04b75992e07282585aafea8624e26beaf2c6c
GET /images/GdP/Team/Hamann.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Thu, 24 Mar 2022 17:25:22 GMT
etag: "9818-5dafa21828ba0"
accept-ranges: bytes
content-length: 38936
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Team/Humberg.jpg
5.175.22.217200 OK 41 kB URL HTTP/2 www.gdp.reisen/images/GdP/Team/Humberg.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash a28b0ee95e9d4f82f3c2d7ff8d2def0e
08ac2472ca0f9fe8d152022d2f82fd770447f9c5
5b742806f3dbb3b2b28250b2f44f410a9acd5df52e27b340af006e7b867bac9d
GET /images/GdP/Team/Humberg.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Thu, 24 Mar 2022 17:25:22 GMT
etag: "9f85-5dafa218381b8"
accept-ranges: bytes
content-length: 40837
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Thementeaser/cruise-3991937_1920.jpg
5.175.22.217200 OK 103 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Thementeaser/cruise-3991937_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 103 kB (103225 bytes)
Hash 16c8eb759f00e9acd23e1fcab1c4c7cc
3bf5667d76b4f0c69a51ba4e0191ba04145a2732
306b20114671d7e0d693c20cf76cef96dcaa4351bc53cee88aa9a91c3d2f46ec
GET /images/BilderPool/Thementeaser/cruise-3991937_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "19339-5cac1e06541ab"
accept-ranges: bytes
content-length: 103225
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/GdP/Team/Schachler.jpg
5.175.22.217200 OK 50 kB URL HTTP/2 www.gdp.reisen/images/GdP/Team/Schachler.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash 4647a907a00b8b370958a1c5b9e8e596
42dbd011f06cef98c8c5ff019511a09e8aa1fbc1
13fdc8e82a2d705eccfd783b4d615aca7a27de99da0cb83265982c2ae57bdb9c
GET /images/GdP/Team/Schachler.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Thu, 24 Mar 2022 17:25:22 GMT
etag: "c25d-5dafa2183fad0"
accept-ranges: bytes
content-length: 49757
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Thementeaser/summer-3571092_1920.jpg
5.175.22.217200 OK 57 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Thementeaser/summer-3571092_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash ea8e354ec38f641f0c31dd5986e272bc
e08fe4bc4c51a91bb5b91f1825307254ede6e8dd
25dc8af8cd8236c721853d1fc67d2314f41ed19f467ffd5bb6279a9b2e8f2653
GET /images/BilderPool/Thementeaser/summer-3571092_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Tue, 19 Oct 2021 14:18:23 GMT
etag: "dd68-5ceb555905a14"
accept-ranges: bytes
content-length: 56680
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/zoll_reise_passport-3127934_1920.jpg
5.175.22.217200 OK 57 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/zoll_reise_passport-3127934_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 600x300, components 3\012- data
Hash d588a2d2f1b2bc526deb785966b59e79
f71a3d3cbb55fb1a0e1b9c436adf566bba5e96d4
978941952311e019f83e410641bee96b74dfa6ec80fdf65463493e526b9e1512
GET /images/BilderPool/zoll_reise_passport-3127934_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 27 Jun 2022 16:02:32 GMT
etag: "ddf8-5e2700c382955"
accept-ranges: bytes
content-length: 56824
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/auswaertiges_amt_passport-3127934_1920.jpg
5.175.22.217200 OK 87 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/auswaertiges_amt_passport-3127934_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 600x300, components 3\012- data
Hash 223454d684cc91e73ff53c423449273b
9dc213694402c850a220c20bac41ed77addfad19
5c78da96df1dc34d3d0a4e773dcad3943ed9a941845997a641ee77202917c466
GET /images/BilderPool/auswaertiges_amt_passport-3127934_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 27 Jun 2022 16:02:32 GMT
etag: "15461-5e2700c395a89"
accept-ranges: bytes
content-length: 87137
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 40fa6c3d029e02e23f80f1a53e797513
c7472370c80cdca79315952b74f493a5fa7b0591
e486a8def7c03525b48e3620c4b02b5f7e17d467101cb0084f6ef60f1317659c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E486A8DEF7C03525B48E3620C4B02B5F7E17D467101CB0084F6EF60F1317659C"
Last-Modified: Thu, 22 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17256
Expires: Thu, 22 Sep 2022 18:20:30 GMT
Date: Thu, 22 Sep 2022 13:32:54 GMT
Connection: keep-alive
www.paxconnect.de/js/meinereiseangebote_iframe_v1.1.0.js
83.169.3.220200 OK 653 B URL HTTP/1.1 www.paxconnect.de/js/meinereiseangebote_iframe_v1.1.0.js
IP 83.169.3.220:0
ASN #8972 Host Europe GmbH
Hash f5bf508542930203b6d507c968670502
b2a0ed3ceeb796f0aa21b6efe84bf6d6a710c0f8
6c3a3bb55c78ea17e0b9e1b9e821e509b94d2dc67e20b32515e1f3b9b423211c
GET /js/meinereiseangebote_iframe_v1.1.0.js HTTP/1.1
Host: www.paxconnect.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 13:32:54 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 May 2022 09:37:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"628df8db-72b"
X-FRAME-OPTIONS: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' paxconnect.de *.paxconnect.de *.smartberatung.com *.meinereiseangebote.de youtube.com *.youtube.com
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
X-Powered-By: PleskLin
Content-Encoding: br
www.gdp.reisen/assets/js/core.min.js
5.175.22.217200 OK 64 kB URL HTTP/2 www.gdp.reisen/assets/js/core.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65512)
Hash 21485a5c91a6e030255faa364281aa40
69e8f4ae330ece58c4c9dc6fa319187d907bc2bd
af79c3c862f29c5011444e6c6a4259961c61f414202b97559225b92339095f84
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/core.min.js HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Thu, 09 Jul 2020 18:02:01 GMT
etag: "4432f-5aa0605764a50-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 64543
content-type: application/javascript
X-Firefox-Spdy: h2
www.gdp.reisen/assets/css/core.min.css
5.175.22.217200 OK 41 kB URL HTTP/2 www.gdp.reisen/assets/css/core.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (65516)
Hash 06249bcfa64e75d0dd5d3e77f960cdd9
078839991c838dd732613ae7a8b4d1201aca8017
99fae1a53fa84932d6a5c938f27b7e776b99c7b27e3709a51f28d84ca65b9306
GET /assets/css/core.min.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:44 GMT
etag: "50315-5a67923b6f600-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 41057
content-type: text/css
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab1b98568c06439a1af7e6839c92f4f6
a5b270ea635cd9570c1228c2a9e3821dd74061e0
52756d5ac24db7a73d03520d6b1d3ca486e5a832609910cd52a27dbbb3107352
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52756D5AC24DB7A73D03520D6B1D3CA486E5A832609910CD52A27DBBB3107352"
Last-Modified: Thu, 22 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 22 Sep 2022 19:32:54 GMT
Date: Thu, 22 Sep 2022 13:32:54 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.253.52101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.253.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bBgS822164OQhSMN/Gebeg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DDZRw1eN62HLN97hYQmscwp4rzI=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab1b98568c06439a1af7e6839c92f4f6
a5b270ea635cd9570c1228c2a9e3821dd74061e0
52756d5ac24db7a73d03520d6b1d3ca486e5a832609910cd52a27dbbb3107352
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52756D5AC24DB7A73D03520D6B1D3CA486E5A832609910CD52A27DBBB3107352"
Last-Modified: Thu, 22 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 22 Sep 2022 19:32:54 GMT
Date: Thu, 22 Sep 2022 13:32:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab1b98568c06439a1af7e6839c92f4f6
a5b270ea635cd9570c1228c2a9e3821dd74061e0
52756d5ac24db7a73d03520d6b1d3ca486e5a832609910cd52a27dbbb3107352
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52756D5AC24DB7A73D03520D6B1D3CA486E5A832609910CD52A27DBBB3107352"
Last-Modified: Thu, 22 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Thu, 22 Sep 2022 19:32:12 GMT
Date: Thu, 22 Sep 2022 13:32:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab1b98568c06439a1af7e6839c92f4f6
a5b270ea635cd9570c1228c2a9e3821dd74061e0
52756d5ac24db7a73d03520d6b1d3ca486e5a832609910cd52a27dbbb3107352
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52756D5AC24DB7A73D03520D6B1D3CA486E5A832609910CD52A27DBBB3107352"
Last-Modified: Thu, 22 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 22 Sep 2022 19:32:54 GMT
Date: Thu, 22 Sep 2022 13:32:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab1b98568c06439a1af7e6839c92f4f6
a5b270ea635cd9570c1228c2a9e3821dd74061e0
52756d5ac24db7a73d03520d6b1d3ca486e5a832609910cd52a27dbbb3107352
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52756D5AC24DB7A73D03520D6B1D3CA486E5A832609910CD52A27DBBB3107352"
Last-Modified: Thu, 22 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 22 Sep 2022 19:32:54 GMT
Date: Thu, 22 Sep 2022 13:32:54 GMT
Connection: keep-alive
backend.tcautor.de/www/_data/1008/files/BilderPool/Siegel/DER_Touristik_Partner_4C.png
5.175.22.217200 OK 5.0 kB URL HTTP/2 backend.tcautor.de/www/_data/1008/files/BilderPool/Siegel/DER_Touristik_Partner_4C.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 253 x 284, 8-bit colormap, non-interlaced\012- data
Hash 6cfa5757073c810990a30df5a3a5c142
f3929708377b03ea028621abfd7cc33e2cfdf3c0
42508c7e75bbaaf132edb306339680c86694005e71e2ea2c1c8cb0736949c5b8
GET /www/_data/1008/files/BilderPool/Siegel/DER_Touristik_Partner_4C.png HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Thu, 03 Mar 2022 07:25:15 GMT
etag: "1391-5d94b4ca70b47"
accept-ranges: bytes
content-length: 5009
content-type: image/png
X-Firefox-Spdy: h2
www.gdp.reisen/assets/js/jquery-3.4.1_plusUI.min.js
5.175.22.217200 OK 85 kB URL HTTP/2 www.gdp.reisen/assets/js/jquery-3.4.1_plusUI.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash d12f6a571f27f8f789cf30b5b17bfeea
6b61e7dbdb4fe26ca656015704e4e0270f2e3c05
1f278360aad59de34a97aeebd39d19149d60ccacb878ee9ebc3cbb398bd75437
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery-3.4.1_plusUI.min.js HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Sat, 04 Jul 2020 16:32:09 GMT
etag: "53745-5a9a02ed31440-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 85178
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U
IP 142.250.74.3:0
Hash d6da357df380d99f33f26d8f1ae55bcb
541683dd8fb3dc09708487a0b798897bef97d4f5
89563b69181fa3867fc228cc31c46c08aaa1704c8a849d1809a5f836a5609733
POST /s/gts1d4/tkhg_zkCU7U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg
5.175.22.217200 OK 53 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash 2074572132e9f3e6743aa540110cc27c
965ceb90356ad01c37a5d68f032b7e0e99540f9a
193322064111e8baec20884ca8df731e5a3f99bf8fb326a0915694381613eb17
GET /www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "ceb2-5ca8ae539421c"
accept-ranges: bytes
content-length: 52914
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/assets/js/vendor_bundle.min.js
5.175.22.217200 OK 101 kB URL HTTP/2 www.gdp.reisen/assets/js/vendor_bundle.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65514)
Size 101 kB (101220 bytes)
Hash eb1235ec9c4c6300e795fdf0be02224f
d3f8f421bdfc1938f6dbdd41b76b0eb01c3a0bcd
37fe01d6f5a8a0bcf91568940e0202f4728b966b15f2e3141d3729dce8cb2a34
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/vendor_bundle.min.js HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:42:21 GMT
etag: "66b1b-5a67925eb8940-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:54 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 101220
content-type: application/javascript
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Wandern_adventure-1850912_1920.jpg
5.175.22.217200 OK 90 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Wandern_adventure-1850912_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash ac44101d561116730371c1343172071d
afdff97118095955176579f7794b71138c19309a
109ad27c67d19b6f67e163da947235fa0694b36a094de075dc25c966264bce13
GET /www/_data/1009/files/BilderPool/Thementeaser/Wandern_adventure-1850912_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "15f64-5ca8ae539421c"
accept-ranges: bytes
content-length: 89956
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/www/fonts/montserrat.css
5.175.22.217404 Not Found 196 B URL HTTP/2 www.gdp.reisen/www/fonts/montserrat.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /www/fonts/montserrat.css HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg
5.175.22.217200 OK 54 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash a62681ce6032d22369be9e6edcd304b4
9cc14704c06f89d69474ab17d94ac43ef8f11888
6c425443ec0cbf396b7b07fdcea74c95702cef69f15f7305c3eeebf115afe762
GET /www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "d4e5-5ca8ae5390525"
accept-ranges: bytes
content-length: 54501
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg
5.175.22.217200 OK 79 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash 192a66bef59226d6ab6b3a5097bb2d4d
5d4ef05d8529e310115d7ee15724985469343319
f014df907df2ab80a94cd71c2267a0896ec6c7831308e92a3c726c8592a81eb1
GET /www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1335f-5cac1e06418a1"
accept-ranges: bytes
content-length: 78687
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Reisethemen/Kreuzfahrt/two-2413470_1920.jpg
5.175.22.217200 OK 338 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Reisethemen/Kreuzfahrt/two-2413470_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1440, components 3\012- data
Size 338 kB (338400 bytes)
Hash 90bf8f98930e3869ad8938842b24d550
1f682dd5dbfb9ea7c5a8608a5bd4d859c891cc4c
0dd99222cb68f835d5757dd9b66e97fc4ea19905dab5bf6b747d8b5785617407
GET /images/BilderPool/Reisethemen/Kreuzfahrt/two-2413470_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
last-modified: Thu, 24 Jun 2021 07:48:28 GMT
etag: "529e0-5c57e3fafff00"
accept-ranges: bytes
content-length: 338400
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:55 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/assets/fonts/flaticon/Flaticon.woff2
5.175.22.217200 OK 37 kB URL HTTP/2 www.gdp.reisen/assets/fonts/flaticon/Flaticon.woff2
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Hash ae2dd4b29a7c28b5cc6e9364c7a69983
602976fc50a9aa00adc99bc2d93888db7a81d2fc
0ebd2de93302226f320140f8051d5cff7c3752be9700d0d598e498bbe0dde638
Analyzer Verdict Alert fortinet Phishing
GET /assets/fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.gdp.reisen/assets/css/core.min.css
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800"
accept-ranges: bytes
content-length: 36732
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:55 GMT
vary: Accept-Encoding
x-cache: MISS from www.gdp.reisen
content-type: font/woff2
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg
5.175.22.217200 OK 114 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 114 kB (114078 bytes)
Hash 7d47e7c0e4644bdb9f6390233fa64b5d
309923c63deee1d97fb8dd2e70a902ee6faf7ac7
653e3553dd08d47e5a964311149365a582a90dfde032adaa54097e17882843f7
GET /www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1bd9e-5cac1e0664f6e"
accept-ranges: bytes
content-length: 114078
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg
5.175.22.217200 OK 124 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 124 kB (123987 bytes)
Hash 4d620151c765ed8bdd1ddd6193f9e244
475c4f9ce545458df2a3c53b3f9767508d2b325d
3629b868912b11d754f948b8f297b7ba056e82256ee83c85fc41e401ea0dc1a6
GET /www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1e453-5cac1e06691e6"
accept-ranges: bytes
content-length: 123987
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif
5.175.22.217200 OK 489 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type GIF image data, version 89a, 2000 x 400\012- data
Size 489 kB (488926 bytes)
Hash 5d4acf5c3a2b71be434b261b76b7e6a9
d9e2645d08cec0a26fe80d30e973de6a4a0b7455
05655f50624596e80672653afde7d5ff99e5efa933bab177057a92812cb659f5
GET /www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:54 GMT
server: Apache
last-modified: Tue, 23 Aug 2022 16:09:31 GMT
etag: "775de-5e6eaca279e6a"
accept-ranges: bytes
content-length: 488926
content-type: image/gif
X-Firefox-Spdy: h2
www.gdp.reisen/assets/js/scripts.min.js?_=1663853574699
5.175.22.217200 OK 3.2 kB URL HTTP/2 www.gdp.reisen/assets/js/scripts.min.js?_=1663853574699
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (5449), with CRLF line terminators
Hash 1d16ebc0b3c66d6a10a2f844da041250
0bfc5df3e06ecc3af5ea0e5e4ec0c277d887c58f
7ddfb4f8b171063568c5f9d506d3777cfc061d6eff3deff43fcb5af2b6e38f11
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/scripts.min.js?_=1663853574699 HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
last-modified: Sun, 05 Jul 2020 10:17:52 GMT
etag: "2541-5a9af1222b05b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:55 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 3166
content-type: application/javascript
X-Firefox-Spdy: h2
www.gdp.reisen/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1663853574700
5.175.22.217200 OK 2.8 kB URL HTTP/2 www.gdp.reisen/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1663853574700
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text
Hash ff02a0dc373adfb3ebe39af4c7eef961
dac0bdc76620735d11975d970215c5d70207334c
7cdb80f8f5dea5cabf2936d0241e5d8a4b07f1cddaa5123a0c83b764c8f2c798
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1663853574700 HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
last-modified: Sat, 18 Jul 2020 18:48:04 GMT
etag: "2936-5aabbb6b6819b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:55 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 2824
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1b9f75e3eebef73a9670d48ba44c3a25
e038c78a9dbf1158f461d7ff8e70540058d64ddd
c68e16551e3ecea7ac0f1645440f50a2ec98ef01633299b6b886488e1f7a03cc
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3917
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:55 GMT
Last-Modified: Thu, 22 Sep 2022 12:27:38 GMT
Server: ECS (amb/6BAB)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f8eabc7d3bd1993a468151a274ff946
0184d4671487558b11ad5a4e5e8a6445a7cf723d
bcf74566035bc3def0a2a4ca21bba06ca3f0b9285e41a203b72194a7d178685c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:55 GMT
Last-Modified: Thu, 22 Sep 2022 12:33:13 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f8eabc7d3bd1993a468151a274ff946
0184d4671487558b11ad5a4e5e8a6445a7cf723d
bcf74566035bc3def0a2a4ca21bba06ca3f0b9285e41a203b72194a7d178685c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:55 GMT
Last-Modified: Thu, 22 Sep 2022 12:33:13 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f8eabc7d3bd1993a468151a274ff946
0184d4671487558b11ad5a4e5e8a6445a7cf723d
bcf74566035bc3def0a2a4ca21bba06ca3f0b9285e41a203b72194a7d178685c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3981
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:55 GMT
Last-Modified: Thu, 22 Sep 2022 12:26:34 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2498.2870985380646!2d6.859414415509898!3d51.23220723860794!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47b8ceaa57304cb5%3A0x7d02a6a7a2f33a1a!2sGdP-Reise-Service-GmbH%20NRW!5e0!3m2!1sde!2sde!4v1641464365986!5m2!1sde!2sde
142.250.74.164200 OK 1.6 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2498.2870985380646!2d6.859414415509898!3d51.23220723860794!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47b8ceaa57304cb5%3A0x7d02a6a7a2f33a1a!2sGdP-Reise-Service-GmbH%20NRW!5e0!3m2!1sde!2sde!4v1641464365986!5m2!1sde!2sde
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3265)
Hash 97bd61c4f7edc245dad3eb4e256ef876
2e83e671995f461bd6c44870830176805c5b80b7
c305a9f9343482dd557f957cff184872da0ef45bb13ba61db24bd7c03655e0a0
GET /maps/embed?pb=!1m18!1m12!1m3!1d2498.2870985380646!2d6.859414415509898!3d51.23220723860794!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47b8ceaa57304cb5%3A0x7d02a6a7a2f33a1a!2sGdP-Reise-Service-GmbH%20NRW!5e0!3m2!1sde!2sde!4v1641464365986!5m2!1sde!2sde HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 13:32:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-3u11mJE7nTxMTpNL0i4prg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1611
x-xss-protection: 0
server-timing: gfet4t7; dur=181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css
104.18.23.52200 OK 4.5 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css
IP 104.18.23.52:0
Hash 6a6057fd3534cb21f392276c8679e499
a0e7828c3a0ca344bfb4cb778173f3f35db9bb12
5304e98065700f4de74d51031a88d44e3f35ef89f6d7fcc42cb945501532a5af
GET /releases/latest/css/pro-v4-shims.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
content-type: text/css
x-amz-id-2: iT8ZupnOxWpWMAKwfkDwtp9P1xcr8oXnn2QOTNUaLIoyQ5jAD2cANg1mJrCWG1nyuIiPehlhVh0=
x-amz-request-id: V9KX785VYZEKCMK4
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"715826d7cea0f100c00238e5e5dc92b4"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1190
expires: Thu, 22 Sep 2022 14:02:55 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb68ce39f90b45-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.gdp.reisen/assets/js/vendor.swiper.min.js
5.175.22.217200 OK 32 kB URL HTTP/2 www.gdp.reisen/assets/js/vendor.swiper.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash ed605729945876db2c8be9bb08804fe7
afc15092fc62fe09bbca09167410dac0f69f4b2e
a635d2fe17bba098e4d878bb51bd01c7e04655d1ace2b4164b65c9b209b14f2a
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/vendor.swiper.min.js HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:50 GMT
etag: "22538-5a67924128380-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:55 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-length: 31466
content-type: application/javascript
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/css/pro.min.css
104.18.23.52200 OK 54 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/css/pro.min.css
IP 104.18.23.52:0
Hash 72f90227b9feee38a689b6b7a89f0ccd
1d5cfe1f8821676002bed5c0b8f7f43f81da5bc3
2c810636e7fd94377c85e3201b22e58e5ea80b95994d2d1e687dcdf4839ebb6c
GET /releases/latest/css/pro.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
content-type: text/css
x-amz-id-2: AMRPnx/gGPWzkxpEroVSLO8Pi8J0vSGXWBOtNi24DEDy+QaEMCfu0MKQ1eDa2E4MPiKMDx3QOVg=
x-amz-request-id: Q09J8QG0HPK0XNQC
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"486b13730aafe2a39cdaf1666679fa5b"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1540
expires: Thu, 22 Sep 2022 14:02:55 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb68ce4a010b45-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de®ion=de&callback=onApiLoad
142.250.74.106200 OK 57 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de®ion=de&callback=onApiLoad
IP 142.250.74.106:0
File type ASCII text, with very long lines (2479)
Hash 0e4b5c7c0774ba81ad02d48fbe182d3b
53be50e83128cf76bb6b79e870b98d090ee2ffd9
f9c5b19f061c69b770f15e6bde445d41063423d438da4d82e7b09c4c44c1d3f2
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de®ion=de&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 57320
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=14
date: Thu, 22 Sep 2022 13:23:03 GMT
expires: Thu, 22 Sep 2022 13:53:03 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 592
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/50/6/intl/de_ALL/init_embed.js
142.250.74.163200 OK 71 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/6/intl/de_ALL/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash 06c085538f238121c368868b0b98da85
c786a1a545c56337c1eb00acc27b862d1b21b7f3
47a4d8e8c188930a327694c69ec1af256f87d7946c71f9137c5688c3094b6128
GET /maps-api-v3/embed/js/50/6/intl/de_ALL/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 70769
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 20:02:40 GMT
expires: Thu, 21 Sep 2023 20:02:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 19:19:29 GMT
content-type: text/javascript
age: 63015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Reisethemen/Ferienwohnung/caimari-596180_1920.jpg
5.175.22.217200 OK 896 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Reisethemen/Ferienwohnung/caimari-596180_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1436, components 3\012- data
Size 896 kB (895653 bytes)
Hash 5a442903782bc49f02e705d518e66d74
1c102cf20e60fb8b2ca6ec3f8fda251ba44debc5
61809823524216e6b8c32a8b95e43f83e9219b87d4b7d17eb1e1783d1b59e850
GET /images/BilderPool/Reisethemen/Ferienwohnung/caimari-596180_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
last-modified: Fri, 05 Nov 2021 16:10:44 GMT
etag: "daaa5-5d00ce2a49b14"
accept-ranges: bytes
content-length: 895653
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:55 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg
5.175.22.217200 OK 298 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 298 kB (297622 bytes)
Hash 3b79d15ffab5a3bf79230f1267583e04
d52e852edaafb33ae8685188a9e8cdaae25a3a22
b1b7249a0435d37be3a8b06e71afafe1f56962a9c3fd167b7b5136efdc25cd8d
GET /images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
last-modified: Thu, 24 Jun 2021 07:47:06 GMT
etag: "48a96-5c57e3ac51ad4"
accept-ranges: bytes
content-length: 297622
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:55 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gdp.reisen/images/BilderPool/Reisethemen/Relax/blue-2705642_1920.jpg
5.175.22.217200 OK 488 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Reisethemen/Relax/blue-2705642_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 488 kB (487802 bytes)
Hash 886544d893ff2ff8f7cded8eb0256d9a
8d848f51813b293f66fd3aefc51dfd3784e54e12
9675959a3e3aec30120c6ce6a74e3dc033f66b5a863de9347fab80ec90f17cec
GET /images/BilderPool/Reisethemen/Relax/blue-2705642_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
last-modified: Mon, 18 Oct 2021 11:46:24 GMT
etag: "7717a-5ce9f182cebfc"
accept-ranges: bytes
content-length: 487802
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:55 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.gdp.reisen/images/BilderPool/Reisethemen/Camping/camping-4609961_1920.jpg
5.175.22.217200 OK 671 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Reisethemen/Camping/camping-4609961_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1730x1920, components 3\012- data
Size 671 kB (671299 bytes)
Hash db6c770d12554baf44a0261b818e866e
1491537397956ae32f06bfdb02167eab2c2ce7fe
358de6bb14d9c1e991f38fb32322dc5eaf575316b8939825660bed16231a3f9a
GET /images/BilderPool/Reisethemen/Camping/camping-4609961_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
last-modified: Fri, 05 Nov 2021 16:10:27 GMT
etag: "a3e43-5d00ce1a90e75"
accept-ranges: bytes
content-length: 671299
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:55 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2
104.18.23.52200 OK 17 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2
IP 104.18.23.52:0
File type Web Open Font Format (Version 2), TrueType, length 17168, version 331.-31196\012- data
Hash 8a43eb7db323b6a82d87a458c34cbe82
968367a39a575ffe38f1cfda07eea12eff885831
2bbaabc785383c5d90abc17e6703ac6a057b9644c6ebdfe9e15709c6ffac9c71
GET /releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gdp.reisen
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
content-type: font/woff2
content-length: 17168
x-amz-id-2: u/AyeB5QDtIMAFDCPSF9eSohvq/qzyK94UephyDMpIU0qsvPgxL0AYwuVE+6EytKD+sCtPLUFHk=
x-amz-request-id: M73Q8HE44KG6FQZH
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "8a43eb7db323b6a82d87a458c34cbe82"
cache-control: public, max-age=1800
cf-cache-status: REVALIDATED
expires: Thu, 22 Sep 2022 14:02:55 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 74eb68cf0ade0b45-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2
104.18.23.52200 OK 25 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2
IP 104.18.23.52:0
File type Web Open Font Format (Version 2), TrueType, length 24800, version 331.-31196\012- data
Hash 4abe94f1746789f39110d3ebac7ebd96
bdc3b41f3cc3e5e3e87ca020eeddc2b288f0dd91
299dc8e16be2ab2214e279b5536efd387d17fd3d364f397ce9f1fed602384fea
GET /releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gdp.reisen
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
content-type: font/woff2
content-length: 24800
x-amz-id-2: imsN5m9iAMRp2eDollTCy82zCW70AWqdrYoiW7K44ITefr29dOZ5ZQGC1Ewcz4lcoLtZHtUDGZs=
x-amz-request-id: M73X7A6F4XP1QCVT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:40 GMT
etag: "4abe94f1746789f39110d3ebac7ebd96"
cache-control: public, max-age=1800
cf-cache-status: REVALIDATED
expires: Thu, 22 Sep 2022 14:02:55 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 74eb68cf0adf0b45-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2
104.18.23.52200 OK 16 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2
IP 104.18.23.52:0
File type Web Open Font Format (Version 2), TrueType, length 15748, version 331.-31196\012- data
Hash 1894bebba876a67d0cb7cd7351ab6ae4
0c2e2d2e73311bbd4c429e33e4e4c4036207b4b1
ec540bd82697b5fb43f1584f25446b7d58a0cf0a51e1544b0b278a2aaa5f1e77
GET /releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gdp.reisen
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
content-type: font/woff2
content-length: 15748
x-amz-id-2: uvsBy8Ph4+8TwNJzp3kOEZSZ+EdlykXlGXMLJoP5M//tut5vup8zBbH/I3BqE0TPEZLU5+pONsM=
x-amz-request-id: M73XCGEHYG19B0E3
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "1894bebba876a67d0cb7cd7351ab6ae4"
cache-control: public, max-age=1800
cf-cache-status: REVALIDATED
expires: Thu, 22 Sep 2022 14:02:55 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 74eb68cf0adc0b45-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3250
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 13:32:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3250
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 13:32:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3250
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 13:32:56 GMT
Connection: keep-alive
www.meinereiseangebote.de/AZUY-2760?supressCookieConsent&output_content=iframe
13.69.68.38200 OK 10 kB URL HTTP/1.1 www.meinereiseangebote.de/AZUY-2760?supressCookieConsent&output_content=iframe
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1613), with CRLF, LF line terminators
Hash 7cad18fbdbfe4da37bfc283407d5464b
774dd67d1cfd4ef1e7bdda5dec6b727c87558937
555ae6b73d88548e3ae88e9e6d6e32cfc403ba90639acccb73601db0b3a65628
GET /AZUY-2760?supressCookieConsent&output_content=iframe HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 10289
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Sep 2022 13:32:55 GMT
Server: Apache
Cache-Control: no-store, must-revalidate, no-cache
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=d8f6c72b4a27b21185c4e9715dcca0e3; path=/; secure; HttpOnly; SameSite=Strict
ARRAffinity=11a8016699cfc7f02a71b1dcc7167bc48c9f1d1eaecce21a8c4e027e0921cdd8;Path=/;HttpOnly;Secure;Domain=www.meinereiseangebote.de
ARRAffinitySameSite=11a8016699cfc7f02a71b1dcc7167bc48c9f1d1eaecce21a8c4e027e0921cdd8;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.meinereiseangebote.de
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Security-Policy: default-src 'none';frame-src 'self' *.trustyou.com *.youtube.com *.google.com review.holidaycheck.com;media-src 'self' static.gebeco.de *.studiosus.com;font-src 'self' https://fonts.gstatic.com *.smartberatung.com;img-src * 'self' data:;object-src 'none';script-src 'strict-dynamic' 'nonce-CFHhhYpN3fQ0lq6P89ig4V62STQ=' *.smartberatung.com ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.core.windows.net cdn.smartberatung.com;frame-ancestors *;base-uri 'self';form-action 'self';connect-src *;
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 57527
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 56669
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gZ8I075ljJuPvMcsyyRU3m09P9z7mL3WNBiex99pwXtoWDzt_jWP0A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:25:13 GMT
age: 54463
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 57527
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce3e9d330cc9b9c84fb7846bf0d8c7a0
134720f07ffdbef5ff551bdb3c3743c806d1512d
0724f7ca2de62c8086e80b527aec78de6b63996107b32c7e9990bd472e64a347
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9233
x-amzn-requestid: f90a9ed8-b4e7-4786-887a-90f24cc4f432
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1HZSG1IoAMFwxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b85d4-7a75336f316aa6450e3369b4;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PEhEMNxyamS4_x8DPhIeX2bEkaVWzS4foO7vPQX8KgWpm1KjsSvRxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:21:48 GMT
age: 54668
etag: "134720f07ffdbef5ff551bdb3c3743c806d1512d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92f202bddcfee6efac41bcc25be5745
9d297544318ff34f839678d8b358290ab6bd62a8
f471aaff7c08c60905cff5b1c9d4b669a3179574493d23d27e681110688af6b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 69e8f4d4-2360-4124-a9e9-9cce3dd43da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0NWEgmIAMFusQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a33ee-0f4861c226117d70664b8612;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kj4FQUvvo13Yrwu_bKqee64IMn6X0UXlOJQ3fh40qejOi-3dtCrEYg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:59:09 GMT
age: 56027
etag: "9d297544318ff34f839678d8b358290ab6bd62a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.meinereiseangebote.de/dist/main-5937999fc9.min.css
13.69.68.38200 OK 22 kB URL HTTP/1.1 www.meinereiseangebote.de/dist/main-5937999fc9.min.css
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash 463c6aed37c8062dfca0a575293e75fd
fbca89736ae27c5ac5c4553f03f7b3b504ee2527
ca52836646d4495163108008cee33a58986b704a585a8d61f5e99c9d89f584dc
GET /dist/main-5937999fc9.min.css HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=11a8016699cfc7f02a71b1dcc7167bc48c9f1d1eaecce21a8c4e027e0921cdd8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 22296
Content-Type: text/css
Date: Thu, 22 Sep 2022 13:32:56 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1db69-5e77288fb1e80-gzip"
Last-Modified: Tue, 30 Aug 2022 10:06:34 GMT
Vary: Accept-Encoding
basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
80.87.174.128200 OK 63 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text
Hash e9f25a07bea3d5fe03e029d2f2ce2eb5
6101e87a927ff9632a0d7545415000003a0e3c2f
f08a183ebb3c7f1b6ac60b96379a205e2cb043babb3e4070e65443870594cd0c
GET /search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-UA-Compatible: ie=edge
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
www.meinereiseangebote.de/js/iframeResizer.contentWindow.min.js
13.69.68.38200 OK 5.1 kB URL HTTP/1.1 www.meinereiseangebote.de/js/iframeResizer.contentWindow.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (13224)
Hash acf6ed4a5a0367bf4192578cd9d14af2
6cbf60125c288e9ee11cb114ef6146f433213189
16869f60747c1ed316dbf077789e13a43f9de6ea4d5319c7bb101d32b6070c74
GET /js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=11a8016699cfc7f02a71b1dcc7167bc48c9f1d1eaecce21a8c4e027e0921cdd8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5062
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 13:32:56 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "34fb-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding
www.meinereiseangebote.de/js/jquery.validate.min.js
13.69.68.38200 OK 7.9 kB URL HTTP/1.1 www.meinereiseangebote.de/js/jquery.validate.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (24350)
Hash 1460c8e944772f4b8d2f3dfe4e66c444
03ec231558da2a842fc427f05124752b71d8f5f7
5c3f9cc052e1553ea01208ae4a7f58b2da2fbe2d93f73e20b89744885f15caf7
GET /js/jquery.validate.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=11a8016699cfc7f02a71b1dcc7167bc48c9f1d1eaecce21a8c4e027e0921cdd8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 7867
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 13:32:56 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "5fa9-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding
www.meinereiseangebote.de/css/customer.css.php?c=215c39&c_text=fff&cback=ffffff&cback_text=000&cbutton=215c39&cbutton_text=fff&cattr=ff0000&cattr_text=fff
13.69.68.38200 OK 816 B URL HTTP/1.1 www.meinereiseangebote.de/css/customer.css.php?c=215c39&c_text=fff&cback=ffffff&cback_text=000&cbutton=215c39&cbutton_text=fff&cattr=ff0000&cattr_text=fff
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash da779205692d2180f5b88ccd23efc831
b356dee7db98ebf1007333146b2fc0377b792d27
06c88611208f5081913869c40af529d91d422623cc31a68419baa0091c7bba7a
GET /css/customer.css.php?c=215c39&c_text=fff&cback=ffffff&cback_text=000&cbutton=215c39&cbutton_text=fff&cattr=ff0000&cattr_text=fff HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=11a8016699cfc7f02a71b1dcc7167bc48c9f1d1eaecce21a8c4e027e0921cdd8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 816
Content-Type: text/css; charset=UTF-8
Date: Thu, 22 Sep 2022 13:32:56 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28
www.meinereiseangebote.de/js/iframeResizer.min.js
13.69.68.38200 OK 5.6 kB URL HTTP/1.1 www.meinereiseangebote.de/js/iframeResizer.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (13786)
Hash 2dbe7ca3eeeecd201e821ae3e8615fd1
6082808fe38faf7d285a4e0da66f2d23200109da
b8d2a53b285cca535708451e516647e02dfbcc2f7f45164919fb2b2408b1c38a
GET /js/iframeResizer.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=11a8016699cfc7f02a71b1dcc7167bc48c9f1d1eaecce21a8c4e027e0921cdd8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5586
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 13:32:56 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "36fc-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding
basic-light-ibe.traveltainment.de/config?v=30a1308834a9&lang=de-DE&ibe=package¤cy=EUR&sc=DE
80.87.174.128200 OK 16 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/config?v=30a1308834a9&lang=de-DE&ibe=package¤cy=EUR&sc=DE
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type Unicode text, UTF-8 text, with very long lines (34433)
Hash a086581510bb2f88025af5f50a4452db
25f89fed3d2abefc7a92fd6c1c36b76b5399baf1
77b9bd4836b84a9fefa44df211adc3ae5b43678519089110b1013f3406d741c9
GET /config?v=30a1308834a9&lang=de-DE&ibe=package¤cy=EUR&sc=DE HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.meinereiseangebote.de/dist/list.2e968065e5ba503a58dd.bundle.js
13.69.68.38200 OK 29 kB URL HTTP/1.1 www.meinereiseangebote.de/dist/list.2e968065e5ba503a58dd.bundle.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65359), with LF, NEL line terminators
Hash cbf619c88371630d37424139ee461dc3
b2cd328a2bd2aa4f0f86a8c012a85cd5812a65a6
59ae7ecd215e242b8deca320f3fb4f28fb68bbf203e00bca6c9704323a9ed6de
GET /dist/list.2e968065e5ba503a58dd.bundle.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=11a8016699cfc7f02a71b1dcc7167bc48c9f1d1eaecce21a8c4e027e0921cdd8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 28839
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 13:32:56 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "15ee6-5e7728a4ad000-gzip"
Last-Modified: Tue, 30 Aug 2022 10:06:56 GMT
Vary: Accept-Encoding
www.meinereiseangebote.de/js/jquery.min.js
13.69.68.38200 OK 31 kB URL HTTP/1.1 www.meinereiseangebote.de/js/jquery.min.js
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65447)
Hash 31d53c8cdce8012a24abc8e84aa972e5
7287b1ec5d88304ba44fc1958b8de9596274c4e3
1b72bc7f54bc9170e605f6c4bb5529668c4ee3efeee602fdb63036b45b49f41c
GET /js/jquery.min.js HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=11a8016699cfc7f02a71b1dcc7167bc48c9f1d1eaecce21a8c4e027e0921cdd8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 30902
Content-Type: application/javascript
Date: Thu, 22 Sep 2022 13:32:56 GMT
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "15d9d-1c5fc537f6900-gzip"
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Vary: Accept-Encoding
basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/js/package.min.js?v=30a1308834a9
80.87.174.128200 OK 40 B URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/js/package.min.js?v=30a1308834a9
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
Hash 491aed06dbee03ddf8135636df8180ca
92a8873b5953f0153efa5768039b608d063c2595
567ea8eeb189a630a0863732f86a0884f7f4fb0a139427540c372d01bf831997
GET /ibecustomer/customers/basic-light/dist/js/package.min.js?v=30a1308834a9 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 40
Connection: keep-alive
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 08:50:16 GMT
Accept-Ranges: bytes
www.gdp.reisen/images/BilderPool/Destinationen/Bora-Bora/bora-bora-680114_1920.jpg
5.175.22.217200 OK 20 kB URL HTTP/2 www.gdp.reisen/images/BilderPool/Destinationen/Bora-Bora/bora-bora-680114_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type gzip compressed data, from Unix\012- data
Hash a489a138f3892c6cd7e480f3434cb0f0
833fb6efed094733f67c9f1ea199857d6d8e648b
36ccf5a6da80777f525f90110963dfed1323c6518ba2d1b9efb4f409ce617371
GET /images/BilderPool/Destinationen/Bora-Bora/bora-bora-680114_1920.jpg HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
last-modified: Mon, 18 Oct 2021 11:45:32 GMT
etag: "639e3-5ce9f151a5a8c"
accept-ranges: bytes
content-length: 408035
cache-control: max-age=86400
expires: Fri, 23 Sep 2022 13:32:55 GMT
x-cache: MISS from www.gdp.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/css/package.min.css?v=30a1308834a9
80.87.174.128200 OK 0 B URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/css/package.min.css?v=30a1308834a9
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibecustomer/customers/basic-light/dist/css/package.min.css?v=30a1308834a9 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 08:48:57 GMT
Accept-Ranges: bytes
basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/css/package.min.css?v=30a1308834a9
80.87.174.128200 OK 11 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/css/package.min.css?v=30a1308834a9
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type ASCII text, with very long lines (27527)
Hash 9bb21ee200cb5240e1613033dd900fd2
7863aea688f742c1e20435e61ec0db36ca8cece3
fedc08478fa2ffc5288728f7b13ce4d8c57482a7c432f11007b9f5d71fdf94f5
GET /ibecustomer/whitelabel/dist/css/package.min.css?v=30a1308834a9 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 08:49:29 GMT
Content-Encoding: gzip
basic-light-ibe.traveltainment.de/ibeclient/dist/css/package.min.css?v=30a1308834a9
80.87.174.128200 OK 1.1 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibeclient/dist/css/package.min.css?v=30a1308834a9
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type Unicode text, UTF-8 text, with very long lines (1075), with no line terminators
Hash ad786596a9f61e81adcabbdb9c2c7f53
538049ce424ac71fe56f80629f345c7ebc73dafa
7b3d9d24a858d95708ea3f33e3fa958998d4692fa3fd3c2a30430bd18e3d2418
GET /ibeclient/dist/css/package.min.css?v=30a1308834a9 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 1077
Connection: keep-alive
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Sep 2022 11:54:54 GMT
Accept-Ranges: bytes
cdn.smartberatung.com/portal/7157/banner_small.png?ts=20220504_153352&ts=20220504_153352
13.107.213.53200 OK 19 kB URL HTTP/2 cdn.smartberatung.com/portal/7157/banner_small.png?ts=20220504_153352&ts=20220504_153352
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 185 x 168, 8-bit/color RGB, non-interlaced\012- data
Hash 8f0387edcea6bf7df204f59695988f7a
33605762d0ba2eac60cc88f626eb352c3caf83de
fc8af6db74770111d77678fbde4131870f0d081a9afd82321894fc707bb41f44
GET /portal/7157/banner_small.png?ts=20220504_153352&ts=20220504_153352 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 18918
content-type: image/png
content-md5: jwOH7c6mv33yBPWWlZiPeg==
last-modified: Wed, 02 Sep 2020 09:47:31 GMT
accept-ranges: bytes
etag: "0x8D84F2536050E2C"
x-cache: TCP_HIT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 36b35735-701e-00bd-244d-ce4642000000
x-ms-version: 2018-03-28
x-azure-ref: 0CGQsYwAAAAC/CZ1K/TwFRbUI8LnBX2+qTE9OMjFFREdFMTYxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Thu, 22 Sep 2022 13:32:56 GMT
X-Firefox-Spdy: h2
basic-light-ibe.traveltainment.de/lang/de-DE?v=30a1308834a9
80.87.174.128200 OK 45 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/lang/de-DE?v=30a1308834a9
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type Unicode text, UTF-8 text, with very long lines (64887)
Hash 90cf3bce436f1a9d7b00fbabec33092e
11614b3c98a32e2f6596a9db89fc17e229230682
bee743b919fd554196d81902a2c659dd79918752e1cf1a7f6eeaf1011bdd816b
GET /lang/de-DE?v=30a1308834a9 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Cache-Control: public, max-age=604800
Content-Encoding: gzip
cdn.smartberatung.com/fonts/roboto-v18-latin-regular.woff2
13.107.213.53200 OK 15 kB URL HTTP/2 cdn.smartberatung.com/fonts/roboto-v18-latin-regular.woff2
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /fonts/roboto-v18-latin-regular.woff2 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 15344
content-type: application/octet-stream
content-md5: XUrrTl9e91TjB9f/rvaIvQ==
last-modified: Fri, 30 Apr 2021 09:58:44 GMT
accept-ranges: bytes
etag: "0x8D90BBE8A6F780F"
x-cache: TCP_HIT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a98bfc16-a01e-00bf-0b59-ce44b8000000
x-ms-version: 2018-03-28
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0CGQsYwAAAACJ5BfxyDE3TacG3shgyyDyTE9OMjFFREdFMTYxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Thu, 22 Sep 2022 13:32:56 GMT
X-Firefox-Spdy: h2
cdn.smartberatung.com/fonts/roboto-v18-latin-700.woff2
13.107.213.53200 OK 15 kB URL HTTP/2 cdn.smartberatung.com/fonts/roboto-v18-latin-700.woff2
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 15436, version 1.0\012- data
Hash 037d830416495def72b7881024c14b7b
619389190b3cafafb5db94113990350acc8a0278
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
GET /fonts/roboto-v18-latin-700.woff2 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 15436
content-type: application/octet-stream
content-md5: A32DBBZJXe9yt4gQJMFLew==
last-modified: Fri, 30 Apr 2021 09:58:44 GMT
accept-ranges: bytes
etag: "0x8D90BBE8A57F2BB"
x-cache: TCP_HIT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9934b6ea-b01e-0082-5a5f-cef19e000000
x-ms-version: 2018-03-28
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0CGQsYwAAAAAGYMu+QZZ5SJ87v5aeoi9RTE9OMjFFREdFMTYxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Thu, 22 Sep 2022 13:32:56 GMT
X-Firefox-Spdy: h2
cluster2.images.traveltainment.eu/images/content/va_logos/small/DER.gif
185.64.96.3200 OK 559 B URL HTTP/1.1 cluster2.images.traveltainment.eu/images/content/va_logos/small/DER.gif
IP 185.64.96.3:0
ASN #8469 CANCOM Managed Services GmbH
File type GIF image data, version 89a, 75 x 21\012- data
Hash 62139173ab45d3cc09065e353fa0fa28
a8330272bf0d6f0eb08f1ddb67c3fd5279efb5c6
54aeab4c762baa12f147ba66d3b95bc724c742306bbf3cfc46b0a0f3fef360cb
GET /images/content/va_logos/small/DER.gif HTTP/1.1
Host: cluster2.images.traveltainment.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: image/gif
Content-Length: 559
Last-Modified: Tue, 08 Nov 2016 08:07:39 GMT
Connection: keep-alive
ETag: "582187cb-22f"
Expires: Thu, 22 Sep 2022 14:32:56 GMT
Cache-Control: max-age=3600
X-TT-Cluster: op-image-p103-X_content-https
Vary: Accept-Encoding
Accept-Ranges: bytes
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 7ffeaaa8ea2a64a99411953aac113bae
70bd4372f9d871a05a22ea7bc8fc1281442bb50b
3b61860280fd107698bda2ef9e2a48586c59a2ec41cc210dbde1e35f6a7f3be4
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 21 Sep 2022 22:24:13 GMT
Expires: Thu, 22 Sep 2022 22:24:13 GMT
ETag: "70bd4372f9d871a05a22ea7bc8fc1281442bb50b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.meinereiseangebote.de/images/map-pointer.svg
13.69.68.38200 OK 520 B URL HTTP/1.1 www.meinereiseangebote.de/images/map-pointer.svg
IP 13.69.68.38:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash ac3b43d0d75a0c358464b8c81b168ba0
a8de09edc55ab38a335e7c883b480c0602089e8a
128a253d55271bb538fa48869e9ccb3374f64267e0f7559fa749d37fa83e8abf
GET /images/map-pointer.svg HTTP/1.1
Host: www.meinereiseangebote.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ARRAffinitySameSite=11a8016699cfc7f02a71b1dcc7167bc48c9f1d1eaecce21a8c4e027e0921cdd8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 520
Content-Type: image/svg+xml
Date: Thu, 22 Sep 2022 13:32:56 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "208-5e772878ce880"
Last-Modified: Tue, 30 Aug 2022 10:06:10 GMT
cdn.smartberatung.com/portal/7157/banner.jpg?ts=20220504_153352&ts=20220504_153352
13.107.213.53404 Not Found 27 B URL HTTP/2 cdn.smartberatung.com/portal/7157/banner.jpg?ts=20220504_153352&ts=20220504_153352
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash c708d5758d499da94935ae02ac09dedb
172bb35ad6588430a1899ccd3219fef5289b3b56
334c6bf99d6725ed65037289839724f47c9bd66aee547ad8fa312facb918ef53
GET /portal/7157/banner.jpg?ts=20220504_153352&ts=20220504_153352 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-length: 27
content-type: text/html
x-cache: TCP_MISS
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 5086cefc-501e-0083-0187-cef063000000
x-ms-version: 2018-03-28
x-azure-ref: 0CGQsYwAAAABO4yn1nfijSZSB9BJxLmHsTE9OMjFFREdFMTYxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Thu, 22 Sep 2022 13:32:56 GMT
X-Firefox-Spdy: h2
basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/js/package.min.js?v=30a1308834a9
80.87.174.128200 OK 33 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/js/package.min.js?v=30a1308834a9
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash deddcade5b84ca14ff21f1e3da3206f1
775c55793d2b7dc29a3b3c079fc9b05de61f2304
d53522e83c39c89af6c5adec0462bb0789fc2eb427b96934844e629265c74d47
GET /ibecustomer/whitelabel/dist/js/package.min.js?v=30a1308834a9 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 08:50:16 GMT
Content-Encoding: gzip
basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/html/package.js?v=30a1308834a9
80.87.174.128200 OK 81 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/customers/basic-light/dist/html/package.js?v=30a1308834a9
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type HTML document, Unicode text, UTF-8 text, with very long lines (5531)
Hash a20a7b9060fa47db1eb41885eba72cbc
6dbbcf05e68ced5e523d49ed9ca8f6ca4f48fb5e
0a27effb36cdd7291a420885ec9fdbcf2459f95ec6dc17564922c25de97ec1fa
GET /ibecustomer/customers/basic-light/dist/html/package.js?v=30a1308834a9 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Sep 2022 08:48:57 GMT
Content-Encoding: gzip
cdn.smartberatung.com/agents/12898563/small.png?ts=20220126_093440
13.107.213.53200 OK 23 kB URL HTTP/2 cdn.smartberatung.com/agents/12898563/small.png?ts=20220126_093440
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash 93bdb99e692f56edcf687e1c170c0336
eaf636a8997a01c2e23a2dc3584e09775e4b804a
5ca5dd576acae0ab606bb5e743d87d6fe035540c736c009f7d764e424c7b2f50
GET /agents/12898563/small.png?ts=20220126_093440 HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 22759
content-type: image/png
content-md5: k725nmkvVu3PaH4cFwwDNg==
last-modified: Thu, 03 Sep 2020 08:41:10 GMT
accept-ranges: bytes
etag: "0x8D84FE51BA1EA34"
x-cache: TCP_HIT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 627a5e0b-701e-0053-3b4d-ce4cc1000000
x-ms-version: 2018-03-28
x-azure-ref: 0CGQsYwAAAABjtgVE094iT7s6nJ26DWOkTE9OMjFFREdFMTYxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Thu, 22 Sep 2022 13:32:56 GMT
X-Firefox-Spdy: h2
media.xmlteam.de/files/aida-cruises/logo/aida-logo-cymk.png
162.55.39.184200 OK 134 kB URL HTTP/2 media.xmlteam.de/files/aida-cruises/logo/aida-logo-cymk.png
IP 162.55.39.184:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 2995 x 818, 8-bit/color RGBA, non-interlaced\012- data
Size 134 kB (134019 bytes)
Hash 10d73476c4b2bd4ff65de85bceadb8cd
1cc72eac173f6ae7a61a6d4db7b73340f0bfa4aa
086ecb0e42edf27f3421e756b8041636e8c6c739f74ecd9d3b9a82eb50259e93
GET /files/aida-cruises/logo/aida-logo-cymk.png HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Mar 2018 11:06:53 GMT
etag: "20b83-568126bedcd40"
accept-ranges: bytes
content-length: 134019
content-type: image/png
date: Thu, 22 Sep 2022 13:32:56 GMT
server: Apache
X-Firefox-Spdy: h2
media.xmlteam.de/files/tuicruises/tui-cruises-logo.png
162.55.39.184200 OK 11 kB URL HTTP/2 media.xmlteam.de/files/tuicruises/tui-cruises-logo.png
IP 162.55.39.184:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 500 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash d8881664aef8e5ab38a8b1ca5d1399cd
13d53a9293150319a7ba0584f64c88107ed5d810
853ce8e5b907b1e60f5e6ae0f49f0745a013951436023cd43c8a41932b732357
GET /files/tuicruises/tui-cruises-logo.png HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 26 Sep 2019 18:20:28 GMT
etag: "2b40-59378d2f23300"
accept-ranges: bytes
content-length: 11072
content-type: image/png
date: Thu, 22 Sep 2022 13:32:56 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 34c422e25b0a4c2cdab332616c52f2cb
fdfd352068b70ff91b2c1827e0aa648fc44fc72e
98df8c62c6a09e894e20c5f40511c97d1e617ee0cb938b7efe85ba6a71ee4bf9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98DF8C62C6A09E894E20C5F40511C97D1E617EE0CB938B7EFE85BA6A71EE4BF9"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Thu, 22 Sep 2022 15:17:50 GMT
Date: Thu, 22 Sep 2022 13:32:56 GMT
Connection: keep-alive
cdn.smartberatung.com/fonts/paxbooking.ttf?gi1j3r
13.107.213.53200 OK 4.7 kB URL HTTP/2 cdn.smartberatung.com/fonts/paxbooking.ttf?gi1j3r
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, paxbooking \012- data
Hash d597dd375e765299c4abc4c352440575
e16fc220bdbf2a32890ad447d1c9f3e3ec7ef0e2
6a00306b4e545f95146167837a17960b45ef9c155d8548856841dabb9e776b68
GET /fonts/paxbooking.ttf?gi1j3r HTTP/1.1
Host: cdn.smartberatung.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Referer: https://www.meinereiseangebote.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 4676
content-type: application/octet-stream
content-md5: 1ZfdN152UpnEq8TDUkQFdQ==
last-modified: Tue, 27 Apr 2021 07:22:53 GMT
accept-ranges: bytes
etag: "0x8D9094D45A20D0E"
x-cache: TCP_HIT
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8924b5e4-901e-0059-1035-ce5548000000
x-ms-version: 2018-03-28
access-control-allow-origin: *
access-control-allow-headers: *
pax-rule-engine-rule: AllowSpecificFileExtensions
x-azure-ref: 0CGQsYwAAAACD3CK3hvXBQ7bvwhPkMSBzTE9OMjFFREdFMTYxMQBkNTM3NWQ5Yy1jYzU5LTQ4YTctYmZhYy0zOWM5ZjgwYTIyNmQ=
date: Thu, 22 Sep 2022 13:32:56 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 34c422e25b0a4c2cdab332616c52f2cb
fdfd352068b70ff91b2c1827e0aa648fc44fc72e
98df8c62c6a09e894e20c5f40511c97d1e617ee0cb938b7efe85ba6a71ee4bf9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98DF8C62C6A09E894E20C5F40511C97D1E617EE0CB938B7EFE85BA6A71EE4BF9"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Thu, 22 Sep 2022 15:17:50 GMT
Date: Thu, 22 Sep 2022 13:32:56 GMT
Connection: keep-alive
basic-light-ibe.traveltainment.de/ibeclient/dist/js/package.min.js?v=30a1308834a9
80.87.174.128200 OK 628 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibeclient/dist/js/package.min.js?v=30a1308834a9
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 628 kB (628310 bytes)
Hash 387c5523b111bfa3892450ed506bc228
717e9e72fac71ed595263300d494bb67b9614615
9b97d7751aa4f875c110b43f9037053938bb2a3f20e54811bfef3a8ef0950693
GET /ibeclient/dist/js/package.min.js?v=30a1308834a9 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=604800
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Sep 2022 11:54:04 GMT
Content-Encoding: gzip
media.xmlteam.de/files/tuicruises/mein-schiff-4/schiff/191.jpeg
162.55.39.184200 OK 132 kB URL HTTP/2 media.xmlteam.de/files/tuicruises/mein-schiff-4/schiff/191.jpeg
IP 162.55.39.184:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x683, components 3\012- data
Size 132 kB (131577 bytes)
Hash c3ed5766c53b6b9e552a9e3f5b5fe972
ef830ba1d58090a654d03d953af28c0fec0d0d45
6416e28ac824218f5a53bc2c4eaede57e3a98194b37507b0836ce83aa2984bfc
GET /files/tuicruises/mein-schiff-4/schiff/191.jpeg HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jul 2020 16:09:06 GMT
etag: "201f9-5a9dc35ea4c80"
accept-ranges: bytes
content-length: 131577
content-type: image/jpeg
date: Thu, 22 Sep 2022 13:32:56 GMT
server: Apache
X-Firefox-Spdy: h2
media.xmlteam.de/files/aida-cruises/aidacosma/schiff/2w09d6gwgl8u0vp8-original.png
162.55.39.184200 OK 993 kB URL HTTP/2 media.xmlteam.de/files/aida-cruises/aidacosma/schiff/2w09d6gwgl8u0vp8-original.png
IP 162.55.39.184:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1000 x 563, 8-bit/color RGB, non-interlaced\012- data
Size 993 kB (992637 bytes)
Hash 18fdf341613dc48a11522d5bc3a3a2fa
44d5108ab40b80fa69c28ddefdaf3d36ffa79b30
069b37ad19f51bd645a027eaeda7e2459ee5e9b7ff0e7ac94de7b2c12d2541ba
GET /files/aida-cruises/aidacosma/schiff/2w09d6gwgl8u0vp8-original.png HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 14:15:38 GMT
etag: "f257d-5d76e3c15f680"
accept-ranges: bytes
content-length: 992637
content-type: image/png
date: Thu, 22 Sep 2022 13:32:56 GMT
server: Apache
X-Firefox-Spdy: h2
media.xmlteam.de/files/tuicruises/mein-schiff-3/schiff/ms3.png
162.55.39.184200 OK 1.0 MB URL HTTP/2 media.xmlteam.de/files/tuicruises/mein-schiff-3/schiff/ms3.png
IP 162.55.39.184:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1000 x 640, 8-bit/color RGB, non-interlaced\012- data
Size 1.0 MB (1010001 bytes)
Hash d83ca59ef8091681566bb280c7ae7c79
03f1b4a9837420b81224856933c1a9b968bd31e7
bc9065437775b1717eb4f811c7741ec0cacef13f9fd48e026fe78e9f11f6f8b6
GET /files/tuicruises/mein-schiff-3/schiff/ms3.png HTTP/1.1
Host: media.xmlteam.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Jan 2022 15:08:10 GMT
etag: "f6951-5d5dca3222a80"
accept-ranges: bytes
content-length: 1010001
content-type: image/png
date: Thu, 22 Sep 2022 13:32:56 GMT
server: Apache
X-Firefox-Spdy: h2
i21.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22837&iid=53253465
168.119.13.30200 OK 87 kB URL HTTP/1.1 i21.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22837&iid=53253465
IP 168.119.13.30:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x533, components 3\012- data
Hash a14738ba4388cac031fd9c87dd2c0248
b18af2ca04011af1bfb38ae67ffb35c1e260e97c
85eb4d701f563718537a4310976bff94bdd64cf65193ed28c26f63b90ad09529
GET /s.php?uid=180322&source=xml&size=800&cid=22837&iid=53253465 HTTP/1.1
Host: i21.giatamedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com
i29.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22815&iid=85146452
176.9.26.26200 OK 131 kB URL HTTP/1.1 i29.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22815&iid=85146452
IP 176.9.26.26:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x533, components 3\012- data
Size 131 kB (131109 bytes)
Hash 2ba475d48a75150d074f05f10e702e12
ed2d6fc8feac17e35eb8f6351ae60b7e2904851c
8cd906456f16fc264115e102cf9a10edb05d9a13f0114cafd8f0887e121849ba
GET /s.php?uid=180322&source=xml&size=800&cid=22815&iid=85146452 HTTP/1.1
Host: i29.giatamedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com
i22.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22815&iid=58094427
88.99.60.107200 OK 157 kB URL HTTP/1.1 i22.giatamedia.com/s.php?uid=180322&source=xml&size=800&cid=22815&iid=58094427
IP 88.99.60.107:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x532, components 3\012- data
Size 157 kB (157168 bytes)
Hash be568b0cfd6c9642d602146d5f97e5b0
c2d0485c89e2c9e776fd2dc82b21896fec467dfa
27171f033435d054a27cf3d1a863422929d26c400d0c9c545fd6b7ca939354be
GET /s.php?uid=180322&source=xml&size=800&cid=22815&iid=58094427 HTTP/1.1
Host: i22.giatamedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 13:32:56 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.19
X-GIATA-FN: Picture=800/1
X-GIATA-SERVERNAME: i.giatamedia.com
pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
20.50.2.10204 No Content 0 B URL HTTP/1.1 pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
IP 20.50.2.10:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /ContentServer/negotiate HTTP/1.1
Host: pax-smartberatung-signalr.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 22 Sep 2022 13:32:56 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.meinereiseangebote.de
Vary: Origin
Request-Context: appId=cid-v1:331e6aed-06ec-49ad-ad4b-0e18e6e4cfd1
X-Powered-By: ASP.NET
pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
20.50.2.10200 OK 573 B URL HTTP/1.1 pax-smartberatung-signalr.azurewebsites.net/ContentServer/negotiate
IP 20.50.2.10:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (474), with no line terminators
Hash 63a8261c0e74ab8b76951f5abcdd7516
b461e9256712e171dc15c72101b23efc1fac180b
39db64f7b34c250256a7c605729499a29779bee8c45294bc0a7cf3f4c475fe31
POST /ContentServer/negotiate HTTP/1.1
Host: pax-smartberatung-signalr.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Date: Thu, 22 Sep 2022 13:32:56 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.meinereiseangebote.de
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Origin,Accept-Encoding
Request-Context: appId=cid-v1:331e6aed-06ec-49ad-ad4b-0e18e6e4cfd1
X-Powered-By: ASP.NET
basic-light-ibe.traveltainment.de/meta/fields?v=30a1308834a9
80.87.174.128200 OK 7.7 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/meta/fields?v=30a1308834a9
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (30306), with no line terminators
Hash e36c14724e91d3744e8469329baf826d
229e9f7737e73a1dd96cff8e8425b9a49f6261f3
b011670c2d4a589d83681dd94fed0b5a2722a2f991938de682da9e4247c13a8c
GET /meta/fields?v=30a1308834a9 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
If-Modified-Since: Mon, 26 Jul 1997 06:06:06 GMT
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:57 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=604800
Content-Encoding: gzip
basic-light-ibe.traveltainment.de/meta/holidays?v=30a1308834a9
80.87.174.128200 OK 25 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/meta/holidays?v=30a1308834a9
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65531), with no line terminators
Hash e44efecdfcdb4c63dda0851b8b04f02a
59768c8db44913219ddc7e8d6eb53e005e8b97b8
8b591498c79b28625bc7a1697acf30a5aeb6fc7e410f726f587dc7f88a763162
GET /meta/holidays?v=30a1308834a9 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
If-Modified-Since: Mon, 26 Jul 1997 06:06:06 GMT
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:57 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=604800
Content-Encoding: gzip
basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/fonts/ttIconsWhitelabel.woff
80.87.174.128200 OK 68 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/fonts/ttIconsWhitelabel.woff
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type Web Open Font Format, TrueType, length 68284, version 1.0\012- data
Hash 2e577b2e54cc3d361a0da17b0eef041c
cb00ee1394a1f23d927230512fcba90ac212999f
897290a01c736577473e884c22a4a16a851962353d9a8af048d54094de70f3b5
GET /ibecustomer/whitelabel/dist/fonts/ttIconsWhitelabel.woff HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/css/package.min.css?v=30a1308834a9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:57 GMT
Content-Type: font/woff
Content-Length: 68284
Connection: keep-alive
Cache-Control: public, max-age=0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
ETag: W/"819676557327"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Last-Modified: Tue, 20 Sep 2022 08:49:29 GMT
basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/fonts/font-awesome-4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
80.87.174.128200 OK 57 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/fonts/font-awesome-4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /ibecustomer/whitelabel/dist/fonts/font-awesome-4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/ibecustomer/whitelabel/dist/css/package.min.css?v=30a1308834a9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:57 GMT
Content-Type: font/woff2
Content-Length: 56780
Connection: keep-alive
Cache-Control: public, max-age=0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
ETag: W/"400473131188"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Last-Modified: Tue, 20 Sep 2022 08:48:57 GMT
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d52f359b05add27272a7080b5c98648d
59ca01451061521e33c450a1712bc2b9e510a41b
9c47f9d7e874d5f2387b2b3891bd72b8fd95452c4d5853fc026fa4d9c6cb3679
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Mon, 26 Sep 2022 19:49:05 GMT
Last-Modified: Wed, 21 Sep 2022 13:09:34 GMT
ETag: "9c47f9d7e874d5f2387b2b3891bd72b8fd95452c4d5853fc026fa4d9c6cb3679"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: C2CE9AA736704D3782A2791C2B7A8514 Ref B: OSL30EDGE0421 Ref C: 2022-09-22T13:32:57Z
Date: Thu, 22 Sep 2022 13:32:57 GMT
pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=wGzSSJUHAAA%3D
20.61.102.70204 No Content 0 B URL HTTP/2 pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=wGzSSJUHAAA%3D
IP 20.61.102.70:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=wGzSSJUHAAA%3D HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,x-requested-with
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 22 Sep 2022 13:32:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://www.meinereiseangebote.de
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
oneocsp.microsoft.com/ocsp
204.79.197.203200 OK 1.8 kB URL HTTP/1.1 oneocsp.microsoft.com/ocsp
IP 204.79.197.203:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d52f359b05add27272a7080b5c98648d
59ca01451061521e33c450a1712bc2b9e510a41b
9c47f9d7e874d5f2387b2b3891bd72b8fd95452c4d5853fc026fa4d9c6cb3679
POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1777
Content-Type: application/ocsp-response
Expires: Mon, 26 Sep 2022 19:49:05 GMT
Last-Modified: Wed, 21 Sep 2022 13:09:34 GMT
ETag: "9c47f9d7e874d5f2387b2b3891bd72b8fd95452c4d5853fc026fa4d9c6cb3679"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 7C61563777AA45B3A426E0B55B6EC378 Ref B: OSL30EDGE0210 Ref C: 2022-09-22T13:32:57Z
Date: Thu, 22 Sep 2022 13:32:57 GMT
basic-light-ibe.traveltainment.de/api/gettravelagencies?v=30a1308834a9&accol=168207&adult=2&bgcol=t&ddate=2022-09-24&ibe=package&prcl=294888&rdate=2022-11-08&taid=gdpreiseservice
80.87.174.128200 OK 19 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/api/gettravelagencies?v=30a1308834a9&accol=168207&adult=2&bgcol=t&ddate=2022-09-24&ibe=package&prcl=294888&rdate=2022-11-08&taid=gdpreiseservice
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65279), with no line terminators
Hash 951306405df97f9d5a7570367d729692
6b210874fd532e93152d28527619d8721a9960a0
3b7fa7e1b05cac63f803bcb80af828e2854dbc4f540850e59414bcddae33e5a9
GET /api/gettravelagencies?v=30a1308834a9&accol=168207&adult=2&bgcol=t&ddate=2022-09-24&ibe=package&prcl=294888&rdate=2022-11-08&taid=gdpreiseservice HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
If-Modified-Since: Mon, 26 Jul 1997 06:06:06 GMT
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:57 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=wGzSSJUHAAA%3D
20.61.102.70200 OK 282 B URL HTTP/2 pax-signalr.service.signalr.net/client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=wGzSSJUHAAA%3D
IP 20.61.102.70:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash fe00e7b4f445d7fb254962a7233f888f
de584affbaefd6f2fd451bf74e794e481347d5e8
fb32b7b3927a6c974f75f08ad3045adec977078a4705255a3963a1bf13ed58fa
POST /client/negotiate?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=wGzSSJUHAAA%3D HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: text/plain;charset=UTF-8
Authorization: Bearer eyJhbGciOiJIUzI1NiIsImtpZCI6IjExNDg0MzM5NCIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NjM4NTM1NzYsImV4cCI6MTY2Mzg1NzE3NiwiaWF0IjoxNjYzODUzNTc2LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.QGUHWA07OH76UxKqIpxgqVeHa8BvYoG2tuOapVitapk
Content-Length: 0
Origin: https://www.meinereiseangebote.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:57 GMT
content-type: application/json
content-length: 282
access-control-allow-credentials: true
access-control-allow-origin: https://www.meinereiseangebote.de
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
pax-signalr.service.signalr.net/client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=wGzSSJUHAAA%3D&id=vFC6R8MrGkjuDxNthxQbhwac8227611&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjExNDg0MzM5NCIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NjM4NTM1NzYsImV4cCI6MTY2Mzg1NzE3NiwiaWF0IjoxNjYzODUzNTc2LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.QGUHWA07OH76UxKqIpxgqVeHa8BvYoG2tuOapVitapk
20.61.102.70101 Switching Protocols 0 B URL HTTP/1.1 pax-signalr.service.signalr.net/client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=wGzSSJUHAAA%3D&id=vFC6R8MrGkjuDxNthxQbhwac8227611&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjExNDg0MzM5NCIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NjM4NTM1NzYsImV4cCI6MTY2Mzg1NzE3NiwiaWF0IjoxNjYzODUzNTc2LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.QGUHWA07OH76UxKqIpxgqVeHa8BvYoG2tuOapVitapk
IP 20.61.102.70:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/?hub=contentserverhub&asrs.op=%2FContentServer&asrs_request_id=wGzSSJUHAAA%3D&id=vFC6R8MrGkjuDxNthxQbhwac8227611&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjExNDg0MzM5NCIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NjM4NTM1NzYsImV4cCI6MTY2Mzg1NzE3NiwiaWF0IjoxNjYzODUzNTc2LCJhdWQiOiJodHRwczovL3BheC1zaWduYWxyLnNlcnZpY2Uuc2lnbmFsci5uZXQvY2xpZW50Lz9odWI9Y29udGVudHNlcnZlcmh1YiJ9.QGUHWA07OH76UxKqIpxgqVeHa8BvYoG2tuOapVitapk HTTP/1.1
Host: pax-signalr.service.signalr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.meinereiseangebote.de
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kQMoZRifSwEvnS/H4V1NwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 22 Sep 2022 13:32:57 GMT
Connection: upgrade
upgrade: websocket
access-control-allow-credentials: true
access-control-allow-origin: https://www.meinereiseangebote.de
sec-websocket-accept: rFEycmBo6NWJr5erP3sRfsyEml8=
Strict-Transport-Security: max-age=15724800; includeSubDomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 729 B IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash 5808fe8fc17deb7dabad4d3bc200e62e
8e5bdba90c4d342a4a1590c1aaf32d40ed2c6c59
44a79b17ce3ffa0a5a8aedd14fff8fd441494e6b888c529314efbe2848fd6ae3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 13:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:52:00 GMT
expires: Thu, 21 Sep 2023 14:52:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 81658
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 64730
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
khms0.googleapis.com/kh?v=930&hl=de&x=4252&y=2734&z=13
142.250.74.42200 OK 17 kB URL HTTP/2 khms0.googleapis.com/kh?v=930&hl=de&x=4252&y=2734&z=13
IP 142.250.74.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 620f1541d7ec746ce902959e4c7eaa1c
71c6378a03a94cdbb1425bcf9351304937ecb0e8
89919e1988f6c9861d939add0aca531b5f7f68909f51ff5334d5f0e55febc02d
GET /kh?v=930&hl=de&x=4252&y=2734&z=13 HTTP/1.1
Host: khms0.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
cache-control: public, max-age=31536000
expires: Fri, 22 Sep 2023 13:32:58 GMT
access-control-allow-credentials: true
date: Thu, 22 Sep 2022 13:32:58 GMT
access-control-allow-origin: *
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 16620
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
basic-light-ibe.traveltainment.de/api/regiontree?v=30a1308834a9¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice
80.87.174.128200 OK 7.9 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/api/regiontree?v=30a1308834a9¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (23100), with no line terminators
Hash 9d77e9c586e1311a3c5083e4539be6d8
71ebe7065c3a3fd032a06280e7dc094be1fd4363
b9488614db32edde9db10bd6e45c92754f56c2750b757410ae2ea1ffbfc5ee31
GET /api/regiontree?v=30a1308834a9¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
If-Modified-Since: Mon, 26 Jul 1997 06:06:06 GMT
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:58 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=86400
Content-Encoding: gzip
basic-light-ibe.traveltainment.de/api/touroperators?v=30a1308834a9¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice
80.87.174.128200 OK 1.6 kB URL HTTP/1.1 basic-light-ibe.traveltainment.de/api/touroperators?v=30a1308834a9¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice
IP 80.87.174.128:0
ASN #8469 CANCOM Managed Services GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7692), with no line terminators
Hash 7a7f3ca8fdc6ce466891ab1f6e748203
54238a9a1ce8bb8dcc080eb0460ba3d3b66ac4aa
c269dd48ed4e635fcc0fbc7abed8a28e2b56c6487e2819d95f0165bc0e0c9269
GET /api/touroperators?v=30a1308834a9¤cy=EUR&ibe=package&lang=de-DE&sc=DE&taid=gdpreiseservice HTTP/1.1
Host: basic-light-ibe.traveltainment.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
If-Modified-Since: Mon, 26 Jul 1997 06:06:06 GMT
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Referer: https://basic-light-ibe.traveltainment.de/search?ibe=package&prcl=294888&accol=168207&bgcol=t&taid=gdpreiseservice
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 13:32:59 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=86400
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 0 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3AE3DE3CFBE4B378D1EF11B5412DECBF707E8BFA4561463C8747B3B21C23047C"
Last-Modified: Thu, 22 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21540
Expires: Thu, 22 Sep 2022 19:31:54 GMT
Date: Thu, 22 Sep 2022 13:32:54 GMT
Connection: keep-alive
www.gdp.reisen/img/android-icon-192x192.png
5.175.22.217200 OK 0 B URL HTTP/2 www.gdp.reisen/img/android-icon-192x192.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
GET /img/android-icon-192x192.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Fri, 23 Sep 2022 13:32:55 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2
www.gdp.reisen/img/favicon-16x16.png
5.175.22.217200 OK 0 B URL HTTP/2 www.gdp.reisen/img/favicon-16x16.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
GET /img/favicon-16x16.png HTTP/1.1
Host: www.gdp.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Cookie: CFID=35912394; CFTOKEN=3f81c3e207a9208b-F602EF07-CB9E-52A5-E871F87A2CDD11A2; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Fri, 23 Sep 2022 13:32:55 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.gdp.reisen
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
104.18.23.52200 OK 0 B URL HTTP/2 kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
IP 104.18.23.52:0
GET /releases/latest/css/pro-v4-font-face.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gdp.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 13:32:55 GMT
content-type: text/css
x-amz-id-2: k3KaRweKXIxA0xKCYeCf5UV9P24XY0pZMfPFsB2YWPmVWFC5XJ7aLVDJGJuyc2Jb0mizxtGvkIM=
x-amz-request-id: 0261H8W942Y6P30A
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"1cb05a2f9541200e1fa0a2cd0abc7663"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1190
expires: Thu, 22 Sep 2022 14:02:55 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb68ce4a040b45-OSL
content-encoding: gzip
X-Firefox-Spdy: h2