camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
89.46.108.68301 Moved Permanently 168 B URL HTTP/1.1 camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
IP 89.46.108.68:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82f04704c04c2706b1b96a73be2ff3a9
8cd210a378b7f54ce8945cdf1c7ce1f696171eee
ede97dbf06b3e703cd950b3591a29351ce9b24eccab58b1a913b3c7e4571bf02
Analyzer Verdict Alert openphish GMX Mail
fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/indexx.htm HTTP/1.1
Host: camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
X-ServerName: ipvsproxy162.ad.aruba.it
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11130
Expires: Wed, 08 Feb 2023 06:52:25 GMT
Date: Wed, 08 Feb 2023 03:46:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8263
Expires: Wed, 08 Feb 2023 06:04:38 GMT
Date: Wed, 08 Feb 2023 03:46:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 03:34:12 GMT
content-type: application/json
age: 763
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2732
Expires: Wed, 08 Feb 2023 04:32:27 GMT
Date: Wed, 08 Feb 2023 03:46:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6TdiHvJz1120bjpzTk6LmhHfUEId11GNQKcGAPDR25jDzWTzkyu/WrRuSNZ/TcCtmrFXQEsmzCo=
x-amz-request-id: 74KK9YKG39VAXT58
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 03:45:49 GMT
age: 66
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 03:46:55 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
89.46.108.68200 OK 71 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
IP 89.46.108.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2725)
Hash b0988a05665a1861dc80e4dad2760453
2f7df0685a10b7aba41d48794f91e7db73b05b3c
da1b75c82f7e4bcd2b9a3e7696142e0fb3aa6fae202dfbddbdf487f8a38b6cf2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/indexx.htm HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/homepage.css
89.46.108.68200 OK 34 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/homepage.css
IP 89.46.108.68:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 24fc8a9d25bf0f7ba91ad9a9d0a7d56b
0cc4f6b261f0422ec7d38f363a71235ec9b587ad
39172ecaf8328be6fd4edbe537615e6172794afb0e594f8cb0dc2421e239713b
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/homepage.css HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-4colborder.css
89.46.108.68200 OK 1.5 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-4colborder.css
IP 89.46.108.68:0
File type ASCII text, with very long lines (7546)
Hash 7777e460504f5414066418caea9209e4
01ad8f5605b252555345e38105b8c235625a541a
158acfd21a474f03c89cf532dc5fdf6be94e08e82fdbd66854c35c11b00ed8fd
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/adaptive-4colborder.css HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:07 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx.js
89.46.108.68200 OK 4.7 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx.js
IP 89.46.108.68:0
File type Unicode text, UTF-8 text, with very long lines (604)
Hash 9f534da14fdbc6600d8a77734d4ba95e
92fb77075d296e71869f9c9ab081c24c46e4a01e
0520a968f579c062ea3c110322e25e82950f52aaa57f189423c197f06a764253
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/gmx.js HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/lt_004
89.46.108.68200 OK 3.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/lt_004
IP 89.46.108.68:0
File type ASCII text, with very long lines (3034), with no line terminators
Hash 4c6ee0dcaf8d063325f0b79d8af99956
709eba56042ec7669afcb0ed9b25f139bd5a3b4e
c0eb854eb5324483c00c98c13dd9e60d9da038576f61c0582b464ab6da834d57
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/lt_004 HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Length: 3034
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adition.js
89.46.108.68200 OK 7.2 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adition.js
IP 89.46.108.68:0
File type ASCII text, with very long lines (21245)
Hash c0a200e7162deb6f88363c61f4d82cd3
439e22517667f5939046e1347b2614bb6430412c
22d85386193b817228ba9a913ce22447360f8aba01e483aaf13d5529b2c1a488
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/adition.js HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:07 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/lt
89.46.108.68200 OK 1.2 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/lt
IP 89.46.108.68:0
File type ASCII text, with very long lines (1239), with no line terminators
Hash 0c9fb8541309183f9af225d9698d2379
527f156f2eb53d1b7cb8d0afea260717a2c5702a
ec7767fe2415743c3f338f8d0219f81b62744ed9dfe9b0ee4f32772ad3bf717e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/lt HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Length: 1239
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/2690.js
89.46.108.68200 OK 8.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/2690.js
IP 89.46.108.68:0
File type ASCII text, with very long lines (838)
Hash 5e428bdabd2742638e8c743aaab65908
110fedef7324dc459f07f16ab95a3abc041312b3
ed9813f052560ca4e68deff894afc614a7f784bba62727272cd0e84444c21407
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/2690.js HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/lt_003
89.46.108.68200 OK 12 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/lt_003
IP 89.46.108.68:0
File type Unicode text, UTF-8 text, with very long lines (11588), with no line terminators
Hash 4be0a0f6e07fd102abae064082a4addd
0fe210f34134a5c2841ced43d10e694bb41c55e1
16033e109800931bf780a0eccaa370c6d5e69a0ad5227d2b1422a31e27373afd
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/lt_003 HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Length: 11593
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/lt_002
89.46.108.68200 OK 38 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/lt_002
IP 89.46.108.68:0
File type Unicode text, UTF-8 text, with very long lines (37916), with no line terminators
Hash 9ad58adae552f7bc0679b535570e5968
a4a0126a61c41f201d3362b31d889f37432256f8
886f7125865c71299c5d3956d343c0715eb236628dd3bfc49c5bb7066d3b2f61
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/lt_002 HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Length: 37936
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 03:14:52 GMT
age: 1923
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/homepage.js
89.46.108.68200 OK 122 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/homepage.js
IP 89.46.108.68:0
File type Unicode text, UTF-8 text, with very long lines (31971)
Size 122 kB (122512 bytes)
Hash 6d17d0f327cb56ff17bdb386ebb2d4e3
ec68afddedfb967b599fbd45e1368c0110006af1
9633fb687bbeed4b72937f652af05f68d13f05d1599783c089603f4abcb45755
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/homepage.js HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-left.css
89.46.108.68200 OK 318 B URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-left.css
IP 89.46.108.68:0
File type ASCII text, with very long lines (569)
Hash 8be9680647df1970d6a8c16a7e9ef564
551b1b5e939d1323aa0da1858eee5f46bad9ce01
9dcfd7b786617cedc8e540d434f423d4e7b6933571c73c60e499bff51fd8209a
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/adaptive-left.css HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:07 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-2col.css
89.46.108.68200 OK 3.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-2col.css
IP 89.46.108.68:0
File type ASCII text, with very long lines (14766)
Hash 15c9a70e4352cf6da7abb52aaf5384d4
bf46e0181d4564c3c25f9f990c3f811891e2eb1b
848e05cb088946de2083e4798827d8ebee61a2d835eff304aed6770ad08c6eaa
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/adaptive-2col.css HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:07 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-3col.css
89.46.108.68200 OK 2.7 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-3col.css
IP 89.46.108.68:0
File type ASCII text, with very long lines (14747)
Hash 7e89418347e019cadc37bf5dd537cf43
64eca3cce9c497c3f2b41cddbc1822b8558bd12e
dcbfd22643236dc106ee569c363db94407bd3009574e91a3df45a2a11e2e7725
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/adaptive-3col.css HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:07 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/BonPrix_Logo_64x16.jpg
89.46.108.68200 OK 14 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/BonPrix_Logo_64x16.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop Elements 7.0 Windows, datetime=2017:12:20 15:35:18], baseline, precision 8, 64x16, components 3\012- data
Hash 2bc322d418dd10fc6e1af1b4972910ef
32da5659b86b945af7911f2fc2747de9f72be8cb
3f986474d0989ec4659efeedfcb8aa803fcae00dadb0b24ee8865846c1dc5fb8
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/BonPrix_Logo_64x16.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: image/jpeg
Content-Length: 14174
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-3colborder.css
89.46.108.68200 OK 3.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-3colborder.css
IP 89.46.108.68:0
File type ASCII text, with very long lines (17477)
Hash 8792959f8b99ecba9571e06a423e545c
4f9349e728e2e27132b14e546edd8c18c0cbab52
69d898d6fcc5e9480a659d8d4d66bd12f8a22dc833006c96de636707fd866801
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/adaptive-3colborder.css HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:07 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-4col.css
89.46.108.68200 OK 720 B URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/adaptive-4col.css
IP 89.46.108.68:0
File type ASCII text, with very long lines (2691)
Hash 021c7f633e97486fa25cef211aee4d9d
9011d6d5457be4ed5afe53411f3392cd75c0e8bd
84b778039ab6bccb60568d2fb8a1dd369ba7808675cd0cce75ceb5a16ff5a447
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/adaptive-4col.css HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:07 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx_all-net_oms-modul_32x32.png
89.46.108.68200 OK 1.7 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx_all-net_oms-modul_32x32.png
IP 89.46.108.68:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 94c6ca38988c4007d5d188ae30dd0a19
adfe30cbd3c5a002f20f119320137fbd43aae6c9
72130e48714ed9f413d8f97c7e216b3a0c087b8bf3df98d5baf6aa781c4a3775
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/gmx_all-net_oms-modul_32x32.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 1717
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/180328_UIM_64x16_Logo.jpg
89.46.108.68200 OK 2.2 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/180328_UIM_64x16_Logo.jpg
IP 89.46.108.68:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 64x16, components 3\012- data
Hash 461293c0af16fd794f2a17109a31d0b0
f7ac17463799454292f92ea676854a73c12c28b9
fff6181a141516d47d1e040a891ff459337cb912409fc288f4fde4992e601038
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/180328_UIM_64x16_Logo.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 2177
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/Otto_Logo_64x16.gif
89.46.108.68200 OK 638 B URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/Otto_Logo_64x16.gif
IP 89.46.108.68:0
File type GIF image data, version 89a, 64 x 16\012- data
Hash 01656bfd63ea928899cc5e085d1d826c
cf05eeafda62a9e2767a2bc6059ca73d8cd88431
13dd65117e2424b228fcbd1b419ca3e655d4d1a339afe0e4a0540f285e03e82b
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/Otto_Logo_64x16.gif HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/gif
Content-Length: 638
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:22 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx_all-net_oms-modul_48x32.png
89.46.108.68200 OK 2.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx_all-net_oms-modul_48x32.png
IP 89.46.108.68:0
File type PNG image data, 48 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 328f918667741d513eb60f262e884b3c
33ce1b6d046c4908a04b9d4b211ffe664e18962b
afee7e4632eb5102c1e07f4b3932b88c966f051fcbc606174e204f5d726f6858
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/gmx_all-net_oms-modul_48x32.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 2003
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx_onlinespeicher_lm_s.png
89.46.108.68200 OK 1.4 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx_onlinespeicher_lm_s.png
IP 89.46.108.68:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash baec53669dc2a0b754fda76ab6bab92d
6cb011966b828bf66581877d961a51a222979078
dff0018da657f28fb6cee37e6de4e5e24e733cc9b5e10d73aa2dee3679de60de
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/gmx_onlinespeicher_lm_s.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 1428
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx_onlinespeicher_lm_l.png
89.46.108.68200 OK 1.6 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx_onlinespeicher_lm_l.png
IP 89.46.108.68:0
File type PNG image data, 48 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 6931e452c0dc47a50542be80e335ea04
5100b5e946bb1973355041c9b835230571c22c0f
c07c6aad052518ddfb41afdb68e017d648afbf763b99ce5c665753263509ed1e
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/gmx_onlinespeicher_lm_l.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 1629
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33109268pd2h250w475.jpg
89.46.108.68200 OK 16 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33109268pd2h250w475.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 475x250, components 3\012- data
Hash bddd1873a2dcbddac070af3c95a0012d
2f16a0a34099ed6f8beab2741bb715bcdc380737
cdbbc33a2362eead2fc52417cf36b49140433df3ec49971a2bc21480a7efe862
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33109268pd2h250w475.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 16305
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108362pd2h250w475.jpg
89.46.108.68200 OK 11 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108362pd2h250w475.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 475x250, components 3\012- data
Hash 5fedeb593ccff216b60ec9a8d568ed19
869816452936c7e534340caf640254d55a2067f0
70390edca2fa77aee86d967aa6f6948cff3b039df33ca873588bcaf201f48e59
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108362pd2h250w475.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 10912
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107928pd2h250w475.jpg
89.46.108.68200 OK 15 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107928pd2h250w475.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 475x250, components 3\012- data
Hash 91f7bf49b609ce87cbc43f3fc33a5550
3c18f5398c4cfb44c54f77042d6c940b3c9dee5d
f38a03e9d229d94ee84fdb77b7ab71b9773b29658864bdec92786d7717f4eaa6
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33107928pd2h250w475.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 14969
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108498pd1h250w475.jpg
89.46.108.68200 OK 34 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108498pd1h250w475.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 475x250, components 3\012- data
Hash d62f0a5245b8b99334aacdb189a9dbe6
17257ba2c90c5849429da2a9b94e7bc1d60ce73b
91f61989b120190975a6f1004b5509653f38a3bcb563e583fc48d62ff4d07530
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108498pd1h250w475.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 33698
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108368pd3h250w475.jpg
89.46.108.68200 OK 14 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108368pd3h250w475.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 475x250, components 3\012- data
Hash 321e913b0c9668ec3045441c50a9946a
e579c391865e45df7697819dbf1e33a046da1cb9
4e54e9c5a78f8602c3126046851393d4a3da646a7ed4269727a3383806762b87
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108368pd3h250w475.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 14319
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108824pd1h250w475.jpg
89.46.108.68200 OK 13 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108824pd1h250w475.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 475x250, components 3\012- data
Hash 5d808ddbfa2e36d44a825f96a79e41a9
4c2968f3578403e6f61c1bc6fc1ed0a45f2e7e2a
73635f503ecb3dfabf9b9d6121967cb61b33e57ace68a65fa590707ad985d207
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108824pd1h250w475.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 13394
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33109268pd2h70w140.jpg
89.46.108.68200 OK 2.8 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33109268pd2h70w140.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x70, components 3\012- data
Hash e2b6db3c6a9cfccf3c615baadf60eea3
e2e4dabcda9c007a5635a5a448751a81ea4077e6
22ce979cd4f195360e85f29e29d98470c7268ab27e17a98189241d91e0bd6b02
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33109268pd2h70w140.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 2829
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:07 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108362pd2h70w140.jpg
89.46.108.68200 OK 2.2 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108362pd2h70w140.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x70, components 3\012- data
Hash 8e248873226be78a38fc79819d1cb498
9f92fc4750fc8818fc717ef5514aa8634600b182
5d72fa5246824aa8f985ca4a07d429e00d2fd7e034076a329b9e33fb9e0ae0ec
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108362pd2h70w140.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 2200
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108498pd1h70w140.jpg
89.46.108.68200 OK 3.2 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108498pd1h70w140.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x70, components 3\012- data
Hash 743ee8b9844c34daed2cbde3449ad9a1
3d36774d48c9407c39a9ce311dde76ce4a9d474f
2114a2cb59ca114245086960067b542dd93d02c98cdb131862418a61ef4c917e
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108498pd1h70w140.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 3208
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3.htm
89.46.108.68200 OK 6.6 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3.htm
IP 89.46.108.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (566)
Hash 5f640bca6a6f2fba01a6e7e496c72484
19e05fe14f2b9b4b2e7f3fcb683e8cac6fc54f46
975ebb038b9cbd0735e585e4f9d4af75883f8eb63cf334df231e789e6258d3ee
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3.htm HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:22 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107928pd2h70w140.jpg
89.46.108.68200 OK 2.2 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107928pd2h70w140.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x70, components 3\012- data
Hash 33c546da57adeca4bd49d85f4c632b03
fead5e47b75e4dd00b262e6455dd0acd51143528
48d9e8a6dd40f0281dc3ae8877c17070b6cadf4eaa80e6bb7143e42fe36723ff
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33107928pd2h70w140.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 2175
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108368pd3h70w140.jpg
89.46.108.68200 OK 2.8 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108368pd3h70w140.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x70, components 3\012- data
Hash bd31323e71eb7da84cc2e5e075718481
a30c2c42b8120a7b5c7b8de96735928bbd29a216
3dbc39fa1c98412c3c7da3907c34639171bd3dc960de2b1fdcb677ef6b1484da
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108368pd3h70w140.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 2750
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33075332pd1h54w72.jpg
89.46.108.68200 OK 1.5 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33075332pd1h54w72.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 72x54, components 3\012- data
Hash 4d3913a461ab88dde39e04109bfb3332
9cc0713fe96c72b2fbdee11fe25784525989683d
da0140b30206a9812c5a8e22e05bf587e84caebf983e7e92a65b89c3e190a90a
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33075332pd1h54w72.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 1486
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108312pd1h192w300.jpg
89.46.108.68200 OK 8.3 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108312pd1h192w300.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x192, components 3\012- data
Hash ee6e73818a61be1ed1684170786d7d6e
bd185a3d11cf1536a3da344327146ae94736cb6b
c1262bc4f821a4d0a5e5be5acbe1e24ad313f850af56c58c48d2abd7401daf50
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108312pd1h192w300.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 8287
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.bodyStarted.1&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=456&_c=0&ts=1675828068711
82.165.229.54200 OK 43 B URL HTTP/1.1 nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.bodyStarted.1&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=456&_c=0&ts=1675828068711
IP 82.165.229.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gmx/gmx/s?name=homepage.startseite.event.performance.bodyStarted.1&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=456&_c=0&ts=1675828068711 HTTP/1.1
Host: nct.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:46:56 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
P3P: CP="this is not a p3p policy"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: image/gif
nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.loginReady.2&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=470&_c=0&ts=1675828068726
82.165.229.54200 OK 43 B URL HTTP/1.1 nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.loginReady.2&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=470&_c=0&ts=1675828068726
IP 82.165.229.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gmx/gmx/s?name=homepage.startseite.event.performance.loginReady.2&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=470&_c=0&ts=1675828068726 HTTP/1.1
Host: nct.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:46:56 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
P3P: CP="this is not a p3p policy"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: image/gif
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33109044pd1h250w300.jpg
89.46.108.68200 OK 19 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33109044pd1h250w300.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash d85a7d6e64ee042245594688b1b8ec8b
bcf6e5d4b97ac9df31eb5168198022c51bd26434
e1fcdf99f6430493b63f7df0e2468930ddd6a29c785290f57b629843b8fba599
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33109044pd1h250w300.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 18706
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107348pd2h54w72.jpg
89.46.108.68200 OK 1.6 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107348pd2h54w72.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 72x54, components 3\012- data
Hash be52d11a375a5ccbf9dc4969d9e88ccd
cbfafdcb6239fca4e9c5607e1e2f87889890af95
d81f2e06c1a3390ade2862a3f37970bf6a16f4ebf6e65e446fc232cc27a48c16
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33107348pd2h54w72.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 1589
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107008pd1h192w300.jpg
89.46.108.68200 OK 11 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107008pd1h192w300.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x192, components 3\012- data
Hash 3dad588c6cd0c9957d5eb8cafafc1296
4799818181c87f148bdda8063598b00efb838aee
c2c30bdc6b5518cd9ec3639f69d9e6e39a32a5722adab4185b9db7806d465062
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33107008pd1h192w300.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 11315
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33104394pd4h54w72.jpg
89.46.108.68200 OK 1.7 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33104394pd4h54w72.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 72x54, components 3\012- data
Hash 47667a24d87361411d6acac1e7f35e82
b5a9bc0f08e894415336ebcc3a5a341f77be9440
fa2e35273e65760d9361a46b7f766138527475e6da51df796f8dc6d7a8f6ffe2
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33104394pd4h54w72.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 1746
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_620x115_01_nszram_03.png
89.46.108.68200 OK 2.9 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_620x115_01_nszram_03.png
IP 89.46.108.68:0
File type PNG image data, 110 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f1e2fb6f61708c2fe2362a1c927cec3
ff00d41ecbad879e6c81bde73486b1e41ec9581a
98111ef53934413ee50efc0bcebe5e6b88074f9b25fd14914794e1eb5d97ec9d
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_620x115_01_nszram_03.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 2907
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_300x115_01_side_03.png
89.46.108.68200 OK 2.9 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_300x115_01_side_03.png
IP 89.46.108.68:0
File type PNG image data, 85 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash c1c238103a3c2656762c38e909dc89db
ac2361ba056032bf3a53c98ae11b0663f1a75df1
37d4e2baec1abbd06818e201ce6745a9637fa041b61b19c97ea6554ba43d45ff
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_300x115_01_side_03.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 2859
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/apstag.js
89.46.108.68200 OK 16 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/apstag.js
IP 89.46.108.68:0
File type ASCII text, with very long lines (55843)
Hash 1b2998f62bab91f2ba4255e5237a9b15
b42d0ecb7ea8641f5ceedae053829bf0158dced3
2593557f38b8e3f1541a549d63411b854290896cd6822aab7ad85007b413c2f3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/apstag.js HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3.htm
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:18 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
img.ui-portal.de/homepage/img/gmx/icons/close-16x16.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/close-16x16.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/close-16x16.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/close-16x16.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=592
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/consent.js
89.46.108.68200 OK 2.9 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/consent.js
IP 89.46.108.68:0
File type ASCII text, with very long lines (7584)
Hash c83ee90a46a9b28eca6db62b238f5bef
6cc5fb92b846a17ea09956dd0e48413ecda3c74c
bdcb9cfe2d9edc797b83b93f11423cb77035beea16dbf2bc5ceeda329eda89e0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/consent.js HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3.htm
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:18 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/prebid_5.js
89.46.108.68200 OK 34 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/prebid_5.js
IP 89.46.108.68:0
File type ASCII text, with very long lines (65487)
Hash 3f34d1635685c64df0c1e8f0d19c69f8
aa871493d8da383c28b6596738fa72049df7d9f9
bf5d00615f1f594b8c7d9b273cfbc7e66f8c915ea2e17333c61ee4de90456878
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/prebid_5.js HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3.htm
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:18 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
img.ui-portal.de/homepage/img/gmx/icons/notification/close_bg_black.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/notification/close_bg_black.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/notification/close_bg_black.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/notification/close_bg_black.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=544
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/connector.js
89.46.108.68200 OK 489 B URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/connector.js
IP 89.46.108.68:0
Hash a80e9ef5e4a6cc86258e6961e215290e
e817ccfc6c4472fecc3d1e43a7ac23bee9957db0
4d7e11ee079a48f787782c34001de881924080a067555fbf9937a5d00d273bb8
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3_data/connector.js HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/pbjs_iframe_3.htm
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:18 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
img.ui-portal.de/homepage/img/gmx/icons/alle-inhalte.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/alle-inhalte.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/alle-inhalte.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/alle-inhalte.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=600
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/border-2018.gif
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/border-2018.gif
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/border-2018.gif HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/border-2018.gif
Server: BigIP
Content-Length: 0
Cache-Control: max-age=600
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/icons/suche.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/suche.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/suche.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/suche.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=569
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/icons/notification/topper_default_24x24.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/notification/topper_default_24x24.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/notification/topper_default_24x24.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/notification/topper_default_24x24.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=553
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/logo.svg
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/logo.svg
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/logo.svg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/logo.svg
Server: BigIP
Content-Length: 0
Cache-Control: max-age=600
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
i0.gmx.net/image/850/33097850,pd=2.gif
2.18.172.165404 Not Found 0 B URL HTTP/2 i0.gmx.net/image/850/33097850,pd=2.gif
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image/850/33097850,pd=2.gif HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Apache
access-control-allow-origin: *
content-length: 0
content-type: text/plain
cache-control: no-cache
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/close-16x16.png
2.18.172.165200 OK 659 B URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/close-16x16.png
IP 2.18.172.165:0
File type PNG image data, 16 x 112, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fcd90e16077ac070debb26830a1baa0
1ea8828cc73e33208412d60c4c3a6c6a2ca6f398
88d4b465390914fbe2cd5998ee7f36e0b714f34a64d0b1893cd6afd096ae2e66
GET /homepage/img/gmx/icons/close-16x16.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "293-5661c4192ad73"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 659
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/search/suchen-mit-goggle.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/search/suchen-mit-goggle.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/search/suchen-mit-goggle.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/search/suchen-mit-goggle.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=600
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108824pd1h70w140.jpg
89.46.108.68200 OK 2.3 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108824pd1h70w140.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 140x70, components 3\012- data
Hash 4aa8dedec52e234a2c8d6a1c02cad5b7
72d64dd18b258d03b55db32bdd9b917bfc65403a
df057cf9121b2217e475e31534728215f3dbbbb33e82e5dff1712e73ab61f97e
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108824pd1h70w140.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 2292
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
img.ui-portal.de/homepage/img/gmx/icons/home.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/home.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/home.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/home.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=590
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/icons/weather-small-2017.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/weather-small-2017.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/weather-small-2017.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/weather-small-2017.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=576
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/icons/startseite/ff.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/startseite/ff.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/startseite/ff.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/startseite/ff.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=570
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/login/icons.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/login/icons.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/login/icons.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/login/icons.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=600
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
54.230.111.210200 OK 2.6 kB URL HTTP/1.1 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 54.230.111.210:0
File type ASCII text, with very long lines (6482), with no line terminators
Hash ab4c74eb45f8615b380ac70156142072
dadeb1d1c135ea69b989c8742ceafa45c7d08f88
28ade5fededab0423a238b6cd35295bdcd8642ece956707132db4f621edb04ea
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.camperpuro.com
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 07 Feb 2023 14:45:30 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Last-Modified: Fri, 03 Feb 2023 23:37:41 GMT
ETag: W/"a4d296427fc806b21335359e398c025c"
Cache-Control: public, max-age=86400
x-amz-version-id: UbKifkjYJEpp9kioi5dZ9KFE2QW1MpFD
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZeRBrE3V50Mk7KHmaMipeQNELV0j-i-OZ-kb9ktPRFEpDijpi3_slg==
Age: 46887
uir.uimserv.net/id/?_=1675828068672
195.20.250.183200 19 B URL HTTP/1.1 uir.uimserv.net/id/?_=1675828068672
IP 195.20.250.183:0
File type ASCII text, with no line terminators
Hash 199e34c2e5430c54cc0ac4e0bca1bfe9
700bb60f94e1122b3a0436c8ea8b1397ba246d25
372f9f973ac86d96502ba1cc27312f3674672793791498a955628eb54b2ef6ec
GET /id/?_=1675828068672 HTTP/1.1
Host: uir.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Expires: Wed, 20 Oct 2010 20:10:20 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Pragma: no-cache
TS-UUID: 149ccb21-85fd-49f1-b631-5fa024f41104
Content-Type: application/javascript;charset=utf-8
Content-Length: 19
Date: Wed, 08 Feb 2023 03:46:56 GMT
Keep-Alive: timeout=60
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5197
Expires: Wed, 08 Feb 2023 05:13:33 GMT
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107672pd2h192w300.jpg
89.46.108.68200 OK 12 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107672pd2h192w300.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x192, components 3\012- data
Hash f6ccaa6e927f7e4e695d2d37d8f88b60
bba7fd17f1a4a9cfd007733316816297308283ea
3d3595befbc230f38a9267d3da4b2ee5607e7ee99a44ac91302957463e50d9a6
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33107672pd2h192w300.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 11511
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
img.ui-portal.de/homepage/img/gmx/icons/notification/close_bg_black.png
2.18.172.165200 OK 1.1 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/notification/close_bg_black.png
IP 2.18.172.165:0
File type PNG image data, 24 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 3576f57c43867cfa9e2e455f1b953e91
0c483bb732dd08a414868dbe788a345cbc175b4e
87244edbcb11869e13ae07aa62617a34c508e09fea28740f55a280ba95bdb249
GET /homepage/img/gmx/icons/notification/close_bg_black.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 30 Apr 2013 12:36:21 GMT
etag: "430-4db933fa07b40"
accept-ranges: bytes
content-length: 1072
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1797
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/alle-inhalte.png
2.18.172.165200 OK 136 B URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/alle-inhalte.png
IP 2.18.172.165:0
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 595a3de7c7911eab39e7812c0679bcc3
9849dc4f7c2fba62ea2a0f62c6034dfdaffdfa83
f9b726f4aeb6a2f1df52cb9ae7acdc541572e704a83cb3039333fbefc74e1ec5
GET /homepage/img/gmx/icons/alle-inhalte.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "88-5661c41928e2c"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 136
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33075332pd1h192w300.jpg
89.46.108.68200 OK 6.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33075332pd1h192w300.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x192, components 3\012- data
Hash 16f93ae20908609f5d2c651dac5ce516
29ee6295bc1585fec68bed223863d2b3b22dd857
807f0719ef7c9a01122f7f60436167f59fab2bac8ecc0055f03586d9814fd1be
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33075332pd1h192w300.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 6002
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
img.ui-portal.de/homepage/img/gmx/icons/suche.png
2.18.172.165200 OK 353 B URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/suche.png
IP 2.18.172.165:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5dfb94414c5b325b45f0df4d560835c5
f640e9093e12fad9ef7216bc9e5a184074a829cb
e7cbbf18b4eaa334c6b544776d9a61cbf94a339b70878471e910707abd6c2d68
GET /homepage/img/gmx/icons/suche.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "161-5661c4192ceac"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 353
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/notification/topper_default_24x24.png
2.18.172.165200 OK 1.2 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/notification/topper_default_24x24.png
IP 2.18.172.165:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e89aa03ce03038a3a7bbbf4cbbe2fab8
51dad84f3fdee911f0061d700830c26d3707b633
0eecaf9fe49f9f36691e85f4606e542e18d5f1507b59650e9da963f20918d8d9
GET /homepage/img/gmx/icons/notification/topper_default_24x24.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "495-4db933f913900"
last-modified: Tue, 30 Apr 2013 12:36:20 GMT
accept-ranges: bytes
content-length: 1173
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/search/suchen-mit-goggle.png
2.18.172.165200 OK 2.1 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/search/suchen-mit-goggle.png
IP 2.18.172.165:0
File type PNG image data, 141 x 21, 8-bit/color RGBA, non-interlaced\012- data
Hash d949340a11cf6d5a9b6ce2734ed94d59
bfff1de78a515f5bbbe4f18bac40d9d59cda5209
c219f4cf6415e3616cbb839edd04f86e92b79c0243a75c26ba887bd8fd0092df
GET /homepage/img/gmx/search/suchen-mit-goggle.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "853-5661c41930b43"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 2131
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1748
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108312pd1h54w72.jpg
89.46.108.68200 OK 1.6 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108312pd1h54w72.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 72x54, components 3\012- data
Hash c35ea00667051d39a3f5557f9353348c
48c3056d5d832794d5dac33511b0533242b84ce4
b3134bcec4844b5b6e935254a3658264796fc550cd9ef192a6ad412d2e679a5f
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108312pd1h54w72.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 1557
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108456pd1h54w72.jpg
89.46.108.68200 OK 2.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108456pd1h54w72.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 72x54, components 3\012- data
Hash 8aed05be1f193c5ca7c3ef6dcdff4d46
c29d80b41d2aac9d59c5385a97e6348f5b675f89
75afafad171f12aa93b2706f06d50770e3458cc97533647dd85e9bab14f67766
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108456pd1h54w72.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 1991
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108284pd4h54w72.jpg
89.46.108.68200 OK 1.9 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108284pd4h54w72.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 72x54, components 3\012- data
Hash 9a7450b8789dd4970658020cf43227a1
cb207b0fcc98886241ab5c07c8b0875bfdcb4cae
faa5d16186a32f2b723f1cdc2f34a6b7cd3fbb39cba86ebb24183f91d3752a1b
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108284pd4h54w72.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 1928
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107348pd2h192w300.jpg
89.46.108.68200 OK 9.1 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107348pd2h192w300.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x192, components 3\012- data
Hash 1344d867dae8d7ac4af6f6dceae01dd4
cc9fa3ace0b5d58ed68318a97b44b01314833247
0e8040b92503a902781f5e7c92bbe9a5048baede3f9413eb1ea7232c89219bde
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33107348pd2h192w300.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 9076
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108804pd2h250w300.jpg
89.46.108.68200 OK 14 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108804pd2h250w300.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash 8dcb996a7e255535f618abdf4be0a510
0187a9962b0ecd52d8d6cfdf546ddf5bc818f5c0
05691fbf1112723d1e797b89f0692ab323a250f8a722e9584fc21e0b5a1b4510
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108804pd2h250w300.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 13484
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_300x115_02_nszram_03.png
89.46.108.68200 OK 2.5 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_300x115_02_nszram_03.png
IP 89.46.108.68:0
File type PNG image data, 85 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash e4344eb6532a6cc87fce70297b82b593
7b189224356b1ee18f4a78315bbdc4eacfc526f1
0128d3002673aff484a659f8a026d0b65d744b6e92523302b5514224e6666c5e
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_300x115_02_nszram_03.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 2478
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
img.ui-portal.de/homepage/img/gmx/logo.svg
2.18.172.165200 OK 453 B URL HTTP/2 img.ui-portal.de/homepage/img/gmx/logo.svg
IP 2.18.172.165:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (681), with CRLF line terminators
Hash bbfe4a327f71e619c251f3b2583c6ab3
0075738a9d349020e3e8e18e9eab773733348c98
25fdabdb964d0e86f42b7c91125dfba131c1fd99970a8f2bae437fb2b8bb127e
GET /homepage/img/gmx/logo.svg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "2ab-5661c4192ea09"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
content-length: 453
content-type: image/svg+xml
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/home.png
2.18.172.165200 OK 529 B URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/home.png
IP 2.18.172.165:0
File type PNG image data, 16 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e0b19ad38097341998419f5c4debda6
8fabe72dc5f1890f7da3ccbd72b41e5f887608b3
e0433e6e728af385af3d191fa3016168fd2ce648e52062668377e82f742d92f2
GET /homepage/img/gmx/icons/home.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
etag: "211-5661c4192c2f3"
accept-ranges: bytes
content-length: 529
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/startseite/ff.png
2.18.172.165200 OK 3.0 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/startseite/ff.png
IP 2.18.172.165:0
File type PNG image data, 150 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash f0e7ebee6b61eeb4a692b68ad8b62817
663fb63359f4a447d0a94e7ad1014d3dbd7fe3ab
3bf1b7a5212bc1864d762739f2503655dc9128ac226dadf63e6a0d2f8fd43373
GET /homepage/img/gmx/icons/startseite/ff.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "bac-4ff54a2b5c5c0"
last-modified: Tue, 29 Jul 2014 13:01:19 GMT
accept-ranges: bytes
content-length: 2988
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1797
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/weather-small-2017.png
2.18.172.165200 OK 19 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/weather-small-2017.png
IP 2.18.172.165:0
File type PNG image data, 32 x 864, 8-bit/color RGBA, non-interlaced\012- data
Hash c8db97dfe53da60609a0423e2ad3a5f0
e18a3a92106977d3358508ddb02d7171003678ee
23bfd25d1937e537710cefd11f4d90935650808604c582326c83b3e6d84c3034
GET /homepage/img/gmx/icons/weather-small-2017.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "49f1-54f8cb43734a4"
last-modified: Mon, 15 May 2017 09:30:21 GMT
accept-ranges: bytes
content-length: 18929
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107008pd1h54w72.jpg
89.46.108.68200 OK 1.7 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107008pd1h54w72.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 72x54, components 3\012- data
Hash 545b06292861bc5365c2712229c652ce
19a049f180d0b671c9c4c16da7ea336148a7d389
dadcffaccb13615f284143e5bd8619c6f56535f4cda2f6ba6dd43bf21d4d1858
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33107008pd1h54w72.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 1727
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138712pd4.png
89.46.108.68200 OK 4.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138712pd4.png
IP 89.46.108.68:0
File type PNG image data, 140 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 74d954cdd2fc72910fb748f64a0a6f2b
e8e44a88b5911d74bc75063508c2b244f5a341f5
5ba13bd98a2b639ea7867fb1ff7d3ce3d91c1b51b018062fee228c16b2afd825
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/32138712pd4.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 4021
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33104394pd4h192w300.jpg
89.46.108.68200 OK 11 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33104394pd4h192w300.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x192, components 3\012- data
Hash f33a27c8ff484db8687adba1db2dd334
b6d8a7d96eb16bf0e1cf34bcbb784d8cefc9fc52
77cbe370577527a3a6847dac5511fe6baf8884bea194387c4470c4008e29ca3e
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33104394pd4h192w300.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 10865
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_620x115_02_nszram_03.png
89.46.108.68200 OK 2.7 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_620x115_02_nszram_03.png
IP 89.46.108.68:0
File type PNG image data, 110 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 92bf099f731b560cbc019c0f4eb36bd5
6d514d1597ed1a22ef1222902b11d764d5de012f
ada628134eb079a188a4a1f59380e35a4718d4c4bf33e3a73484ce6e72dfa936
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/MMSGK-2724_oms_modul_620x115_02_nszram_03.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 2670
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:22 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx_allnet_vw_medrec_300x250.jpg
89.46.108.68200 OK 32 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/gmx_allnet_vw_medrec_300x250.jpg
IP 89.46.108.68:0
File type JPEG image data, baseline, precision 8, 300x250, components 3\012- data
Hash 2d6df47a717b2617fcb6ad96027f693f
3303e1c5f5b1b399320609d4b9ef1174b4b86ace
e7748828c0153e3c2a251a21167531d0ab0bed2c5cf2563dfb57bd3c94002a6c
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/gmx_allnet_vw_medrec_300x250.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 32112
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138734pd3.png
89.46.108.68200 OK 3.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138734pd3.png
IP 89.46.108.68:0
File type PNG image data, 140 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash de5b93baedf84299028f5e55f13b0d34
1dc742f1a84a17c73866318d074b5295e1169ad2
2585c97a2c2e196563ca6ac7534dd5c958595cb0d4cedc7e9786360cbdb83bd6
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/32138734pd3.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 3031
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/vorteilswelt_gmx_300x250_neu.jpg
89.46.108.68200 OK 14 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/vorteilswelt_gmx_300x250_neu.jpg
IP 89.46.108.68:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Hash de6db0a5619bc7dfe74e79df1b9ca955
0f79332deb0cb02969a03cd1ae3df7cd2501d0fb
f35a969f0d324897b532a1405b1ecbc16e175307454c742b728a7d8b860e0e8b
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/vorteilswelt_gmx_300x250_neu.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 13886
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:22 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
img.ui-portal.de/homepage/img/gmx/login/icons.png
2.18.172.165200 OK 3.9 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/login/icons.png
IP 2.18.172.165:0
File type PNG image data, 24 x 583, 8-bit/color RGBA, non-interlaced\012- data
Hash cb39a8e1ea1f2bf5dac5f71f612b5bea
df74a5b9b76ca7e3b4d6497f392f96c1ea63d5bb
2510a071cf65c2dbde6922de6776c6c1202e20cc56077e7aa1165091b35fd314
GET /homepage/img/gmx/login/icons.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "f51-5661c4192d873"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 3921
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1778
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/ff.png
89.46.108.68200 OK 3.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/ff.png
IP 89.46.108.68:0
File type PNG image data, 150 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash f0e7ebee6b61eeb4a692b68ad8b62817
663fb63359f4a447d0a94e7ad1014d3dbd7fe3ab
3bf1b7a5212bc1864d762739f2503655dc9128ac226dadf63e6a0d2f8fd43373
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/ff.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 2988
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:12 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
uim.tifbs.net/js/2690.js
195.20.250.111200 OK 12 kB IP 195.20.250.111:0
File type ASCII text, with very long lines (916)
Hash 68aad51eb79583bd5c75c20031a211f6
12f8e363653d5b5cd165aeeb5d9fcc9cce27ad30
10be229af03fb062aa9acd83373d04dcc78757905e4578ada5370b3a6d6c1145
GET /js/2690.js HTTP/1.1
Host: uim.tifbs.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:46:56 GMT
Server: Apache
Last-Modified: Mon, 04 Apr 2022 08:10:06 GMT
ETag: "8105-5dbcfa7f33380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86400, public
Content-Length: 11595
Connection: close
Content-Type: application/javascript
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108456pd1h192w300.jpg
89.46.108.68200 OK 16 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108456pd1h192w300.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x192, components 3\012- data
Hash 14d7b2b9913044fa48bf38e06de11557
815cb89cb77e2efd93869896dd623c431afeb073
22ea5960dde7e95508a42e21027d7d1924400a17bd47ef6363abca5d83371fe6
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108456pd1h192w300.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 15969
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108284pd4h192w300.jpg
89.46.108.68200 OK 12 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33108284pd4h192w300.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x192, components 3\012- data
Hash 7ce55d43d3758c4c3815cbc92e0cef18
2fe243b5c33ab605add9214217c6b1f56370e742
9887da208a2d7b80ab6e5de4ee234cfda95be724cd568806bef964e57f013757
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33108284pd4h192w300.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 11971
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
push.services.mozilla.com/
52.88.143.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.143.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9G1grJZWOtKAMByYSihgtg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: d31Ol1Cqn+S/qdd/qSWWosEK9Jk=
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/TD-2473_gmx_strom_vw_medrec_01_rabo.jpg
89.46.108.68200 OK 23 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/TD-2473_gmx_strom_vw_medrec_01_rabo.jpg
IP 89.46.108.68:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 300x250, components 3\012- data
Hash f52e351f14cf7ffba1bf33243ff05b6f
3e0659788f72ce7923815f164c660819d89587f0
88e88b176bdf5d2f15fba9dec9afd62540db17c859270072e94732db9bf6d480
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/TD-2473_gmx_strom_vw_medrec_01_rabo.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 23258
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:22 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107672pd2h54w72.jpg
89.46.108.68200 OK 1.8 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33107672pd2h54w72.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 72x54, components 3\012- data
Hash 80e6d19378582358e890f417fa718bbc
358d5d265ccb6506c8b43e2e7f18b35765ef80cf
bc3b2b9c04114977f99b357e84c62d3f0d22593572b1d95e19eccad117c153b5
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33107672pd2h54w72.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 1828
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:05 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138762pd3.png
89.46.108.68200 OK 3.8 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138762pd3.png
IP 89.46.108.68:0
File type PNG image data, 140 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash fc2ce0fc2daabb4132f09f5dfc3cf21d
cc91b77de45437ff903321d99b2dc7501d684073
acd9128cdccfa54cf8d46c677f978908fe01e6197269bb1b764c3036a002d460
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/32138762pd3.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 3755
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33109142pd1h250w300.jpg
89.46.108.68200 OK 21 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/33109142pd1h250w300.jpg
IP 89.46.108.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash 0c06b267063b14b3d4137341063f80f7
2f0f638ed468d57f6ed1790fd3f2e26228c1cdae
d997d821e4d400e6f6d6e50818424bd8afc0fd65a8fc6d6e6526138bdfd36b9c
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/33109142pd1h250w300.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 20550
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138792pd4.png
89.46.108.68200 OK 4.1 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138792pd4.png
IP 89.46.108.68:0
File type PNG image data, 140 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 120ff8c8c2db6c5a72c176a724a64193
d13c578301e66437eb2254fe4e1680ddfe029d38
31133f6b5c6da7f988cb99d6b56e095dacd2d44f726d3cbe86bbcae81fac5010
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/32138792pd4.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 4086
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138706pd4.png
89.46.108.68200 OK 3.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138706pd4.png
IP 89.46.108.68:0
File type PNG image data, 140 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash fcf24d9b3462ce35a609e6d7f5cc4607
0d6d243db5cd9c41ee8fedca4a88b002f8ae8ffe
88c056ec4377d706ebfa44c58cd68727a4d8bbb1db0d51f56566a37ea67d4363
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/32138706pd4.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 3034
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138816pd3.png
89.46.108.68200 OK 4.4 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138816pd3.png
IP 89.46.108.68:0
File type PNG image data, 140 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a446c33a745ed2c2ee056ac68813b69
7ec827c93feab55df39aa249100e2618f895c10c
15adf900314bff9d3ac3f00477aa4f8ad64746f7a166798858d503a7d050788a
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/32138816pd3.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 4425
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/toprubriken.png
89.46.108.68200 OK 1.2 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/toprubriken.png
IP 89.46.108.68:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 59cb481685b05131961e31252ab8e47f
eed8476972c351352067dc1e59427e6ae3fffa63
359678881626d6d8cf1ab5b607d1d1bdc34e21da97b164353960955f5be41b0a
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/toprubriken.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 1239
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:22 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138774pd6.png
89.46.108.68200 OK 2.8 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138774pd6.png
IP 89.46.108.68:0
File type PNG image data, 140 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 4fd91389e0e15a21c8796a47a8519178
b845732156af52949f03fff0163babf81ace8198
60b6b6c911b40ac74b7cb59cf7aae3e9f4200ffa2a3e375b80b28e73272f1bae
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/32138774pd6.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 2751
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(available)layoutclass(b)&ac=1&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=available&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Bpos%5D=1
85.114.159.112200 OK 603 B URL HTTP/1.1 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(available)layoutclass(b)&ac=1&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=available&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Bpos%5D=1
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type ASCII text, with very long lines (1238), with no line terminators
Hash 2fb73e6c08cafc465b6de9ca56d79b0c
77f5b2d41bdad6ef9735b18ca494e2274cc4b33f
566af985c7bbd97d0944d5578f8e56041c7873bae06c3d2b55469054b3351dbe
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(available)layoutclass(b)&ac=1&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=available&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Bpos%5D=1 HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: ADITIONSERVER v1.0
Date: Wed, 08 Feb 2023 04:46:56 +0100
Cache-Control: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pragma: no-cache
Set-Cookie: UserID1=7197626522446725651; expires=Tue, 09-May-2023 04:46:56 GMT; path=/; domain=.adfarm1.adition.com
Content-Encoding: gzip
wa.ui-portal.de/gmx/gmx/s?name=homepage.startseite.pi.default&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=view&category=homepage&error=none&screenres=1280x1024&viewres=1280x939&click1=undefined&click2=undefined&click3=undefined&click4=undefined&title=GMX%3A%20E-Mail-Adresse%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten&pageurl=http%3A%2F%2Fwww.camperpuro.com%2Flogin.gmx.net%2Fapps%2FCustomerService%2Findexx.htm&wa_extra=undefined&prv_mode=false&tb_kid=undefined&tb_mode=undefined&tb_var=undefined&tb_brand=test&tb_bbrowser=undefined&tb_version=undefined&tb_accc=undefined&lvts=20180809&segment=1&consentLevel=0&ts=1675828069172
82.165.229.54200 OK 43 B URL HTTP/1.1 wa.ui-portal.de/gmx/gmx/s?name=homepage.startseite.pi.default&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=view&category=homepage&error=none&screenres=1280x1024&viewres=1280x939&click1=undefined&click2=undefined&click3=undefined&click4=undefined&title=GMX%3A%20E-Mail-Adresse%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten&pageurl=http%3A%2F%2Fwww.camperpuro.com%2Flogin.gmx.net%2Fapps%2FCustomerService%2Findexx.htm&wa_extra=undefined&prv_mode=false&tb_kid=undefined&tb_mode=undefined&tb_var=undefined&tb_brand=test&tb_bbrowser=undefined&tb_version=undefined&tb_accc=undefined&lvts=20180809&segment=1&consentLevel=0&ts=1675828069172
IP 82.165.229.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gmx/gmx/s?name=homepage.startseite.pi.default&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=view&category=homepage&error=none&screenres=1280x1024&viewres=1280x939&click1=undefined&click2=undefined&click3=undefined&click4=undefined&title=GMX%3A%20E-Mail-Adresse%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten&pageurl=http%3A%2F%2Fwww.camperpuro.com%2Flogin.gmx.net%2Fapps%2FCustomerService%2Findexx.htm&wa_extra=undefined&prv_mode=false&tb_kid=undefined&tb_mode=undefined&tb_var=undefined&tb_brand=test&tb_bbrowser=undefined&tb_version=undefined&tb_accc=undefined&lvts=20180809&segment=1&consentLevel=0&ts=1675828069172 HTTP/1.1
Host: wa.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:46:56 GMT
Server: Apache
Set-Cookie: wa=opt-out; path=/; domain=.wa.ui-portal.de; expires=Thu, 08-Feb-2024 03:46:56 GMT; secure; HttpOnly
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
P3P: CP="this is not a p3p policy"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: image/gif
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/tagging.gif
89.46.108.68200 OK 68 B URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/tagging.gif
IP 89.46.108.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 93e65182fe45341563c2f18f13987dc9
2dfd85967b0ac77f85697b05de2c1aca1b31e934
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/tagging.gif HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/gif
Content-Length: 68
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:22 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138806pd4.png
89.46.108.68200 OK 4.2 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/32138806pd4.png
IP 89.46.108.68:0
File type PNG image data, 140 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ca3dda8aa657d64b7b97e8b16b9aba11
8b8bfdddc92b1843818388792fd6180143cf9789
f2628444a1d5b93bef4c5b96d37b3100848f6be91d166d3cfa36bd170da1886f
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/32138806pd4.png HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/png
Content-Length: 4227
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:06 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/vorteilswelt_modul_banner_300x250.jpg
89.46.108.68200 OK 1.1 MB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/vorteilswelt_modul_banner_300x250.jpg
IP 89.46.108.68:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2018:02:22 10:30:44 DIY-Thermocam raw data\012- (Lepton 2.x), scale 30064-18756, spot sensor temperature 1125978593735313417306112.000000, unit celsius, color scheme 0, calibration: offset 41470991316060239209120661504.000000, slope 17484988483781565937090560.000000], baseline, precision 8, 300x250, components 3\012- data
Size 1.1 MB (1066092 bytes)
Hash 1d465b45a70a24e2b54fea441da1a4c7
8304e4c99951c49fd82a58271fc6d9e2dde1accc
86398e4f790a31b299ca6c36015df7f6122121e096b0831171c1edc2352cfd51
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/vorteilswelt_modul_banner_300x250.jpg HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: image/jpeg
Content-Length: 1066092
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:22 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
img.ui-portal.de/homepage/img/gmx/border-2018.gif
2.18.172.165200 OK 1.2 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/border-2018.gif
IP 2.18.172.165:0
File type GIF image data, version 89a, 1 x 20\012- data
Hash 3b265ee71768074eb2f8cfcd8414591a
a21c080bfc083920c0c43d94ba8ec90552684e64
ff0450dc484768ae141037ca8c94ba56aac97327d76dcbfc020d3086327d87dd
GET /homepage/img/gmx/border-2018.gif HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "48d-5661c419249c3"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 1165
x-robots-tag: noindex
content-type: image/gif
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:56 GMT
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(billboard)layoutclass(b)&ac=2&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=billboard&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bpos%5D=1&prf%5Bbusterid%5D=2188480&prf%5Bpb_timeout%5D=700
85.114.159.112404 Not Found 54 B URL HTTP/1.1 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(billboard)layoutclass(b)&ac=2&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=billboard&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bpos%5D=1&prf%5Bbusterid%5D=2188480&prf%5Bpb_timeout%5D=700
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type ASCII text, with no line terminators
Hash 74425774cff0c554d7dc2e7d6c890f5a
b2a5542a4323246a031c010169699c41e06d6fe1
09a9250bc31f438bb1535529c50219ebfb656774a3b20aca1f4ca741db1a3532
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(billboard)layoutclass(b)&ac=2&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=billboard&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bpos%5D=1&prf%5Bbusterid%5D=2188480&prf%5Bpb_timeout%5D=700 HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 404 Not Found
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: ADITIONSERVER v1.0
Date: Wed, 08 Feb 2023 04:46:56 +0100
Content-Encoding: gzip
t.uimserv.net/traffic_p/?md=gmx&et=CP&agof=264&sc=homepage&brand=gmx®ion=de&dclass=desktop&lclass=b&dclient=browser&ff=b&category=homepage&tif=2690&d=58133&r=
195.20.250.183200 42 B URL HTTP/1.1 t.uimserv.net/traffic_p/?md=gmx&et=CP&agof=264&sc=homepage&brand=gmx®ion=de&dclass=desktop&lclass=b&dclient=browser&ff=b&category=homepage&tif=2690&d=58133&r=
IP 195.20.250.183:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /traffic_p/?md=gmx&et=CP&agof=264&sc=homepage&brand=gmx®ion=de&dclass=desktop&lclass=b&dclient=browser&ff=b&category=homepage&tif=2690&d=58133&r= HTTP/1.1
Host: t.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Expires: Wed, 20 Oct 2010 20:10:20 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Pragma: no-cache
TS-UUID: 6ea428bd-e44e-457f-ac1a-3158a017557b
Set-Cookie: NGUserID=0a4a320a-244-1675828016-0; Domain=.uimserv.net; Expires=Thu, 08-Feb-2024 03:46:56 GMT; Path=/; Secure; SameSite=None
Content-Type: image/gif
Content-Length: 42
Date: Wed, 08 Feb 2023 03:46:55 GMT
Keep-Alive: timeout=60
Connection: keep-alive
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2.htm
89.46.108.68200 OK 4.1 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2.htm
IP 89.46.108.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1599)
Hash b4b20862bf4e7adc4c3b11d85f660010
6636ab23c7120c60551e4de67622dc917ea6943d
67c3fd0f21bef65d3a9521d1c79470c92874dd12f17a759ff748626e192a5b44
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2.htm HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/indexx.htm
Connection: keep-alive
Cookie: NGUserID=; iom_consent=0000000000&1675828069175
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:22 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.ovk&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&adb=0&_c=0&ts=1675828069355
82.165.229.54200 OK 43 B URL HTTP/1.1 nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.ovk&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&adb=0&_c=0&ts=1675828069355
IP 82.165.229.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gmx/gmx/s?name=homepage.startseite.event.ovk&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&adb=0&_c=0&ts=1675828069355 HTTP/1.1
Host: nct.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:46:56 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
P3P: CP="this is not a p3p policy"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/gif
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(billboard_x)layoutclass(b)&ac=3&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=billboard_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=default_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bpos%5D=2&prf%5Bbusterid%5D=2188480&prf%5Bpb_timeout%5D=700
85.114.159.112404 Not Found 54 B URL HTTP/1.1 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(billboard_x)layoutclass(b)&ac=3&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=billboard_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=default_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bpos%5D=2&prf%5Bbusterid%5D=2188480&prf%5Bpb_timeout%5D=700
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type ASCII text, with no line terminators
Hash 74425774cff0c554d7dc2e7d6c890f5a
b2a5542a4323246a031c010169699c41e06d6fe1
09a9250bc31f438bb1535529c50219ebfb656774a3b20aca1f4ca741db1a3532
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(billboard_x)layoutclass(b)&ac=3&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=billboard_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=default_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bpos%5D=2&prf%5Bbusterid%5D=2188480&prf%5Bpb_timeout%5D=700 HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 404 Not Found
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: ADITIONSERVER v1.0
Date: Wed, 08 Feb 2023 04:46:56 +0100
Content-Encoding: gzip
nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.afterPrioad.3&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=1107&_c=0&ts=1675828069362
82.165.229.54200 OK 43 B URL HTTP/1.1 nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.afterPrioad.3&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=1107&_c=0&ts=1675828069362
IP 82.165.229.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gmx/gmx/s?name=homepage.startseite.event.performance.afterPrioad.3&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=1107&_c=0&ts=1675828069362 HTTP/1.1
Host: nct.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:46:56 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
P3P: CP="this is not a p3p policy"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/gif
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1.htm
89.46.108.68200 OK 1.3 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1.htm
IP 89.46.108.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (438)
Hash 7107e699627894e0d745437a571f4462
38f2709ad8319db015b7c8ebacbc6d6a36ce37e7
9c5381a84620b6ef087b0d67573106a5aaa4cdf0ad3d32da22ed48d7dccfa282
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1.htm HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2.htm
Cookie: NGUserID=; iom_consent=0000000000&1675828069175
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:18 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.afterPrioad.3&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=1210&_c=0&ts=1675828069465
82.165.229.54200 OK 43 B URL HTTP/1.1 nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.afterPrioad.3&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=1210&_c=0&ts=1675828069465
IP 82.165.229.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gmx/gmx/s?name=homepage.startseite.event.performance.afterPrioad.3&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=1210&_c=0&ts=1675828069465 HTTP/1.1
Host: nct.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:46:56 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
P3P: CP="this is not a p3p policy"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: image/gif
dl.gmx.net/uim/bidding/pbjs_iframe_3.html?loadprioad=0&portal=gmx&category=homepage§ion=homepage&layoutclass=b&external_uid=&optout=0&consentlevel=0&prioad=default&wi=0050665097&timeout=700&ts=1675828069356&hpeventid=2188480
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 dl.gmx.net/uim/bidding/pbjs_iframe_3.html?loadprioad=0&portal=gmx&category=homepage§ion=homepage&layoutclass=b&external_uid=&optout=0&consentlevel=0&prioad=default&wi=0050665097&timeout=700&ts=1675828069356&hpeventid=2188480
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uim/bidding/pbjs_iframe_3.html?loadprioad=0&portal=gmx&category=homepage§ion=homepage&layoutclass=b&external_uid=&optout=0&consentlevel=0&prioad=default&wi=0050665097&timeout=700&ts=1675828069356&hpeventid=2188480 HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dl.gmx.net/uim/bidding/pbjs_iframe_3.html?loadprioad=0&portal=gmx&category=homepage§ion=homepage&layoutclass=b&external_uid=&optout=0&consentlevel=0&prioad=default&wi=0050665097&timeout=700&ts=1675828069356&hpeventid=2188480
Server: BigIP
Content-Length: 0
Cache-Control: max-age=31535957
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
Server: BigIP
Content-Length: 0
Cache-Control: max-age=31536000
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/spinner-2018.gif
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/spinner-2018.gif
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/spinner-2018.gif HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/spinner-2018.gif
Server: BigIP
Content-Length: 0
Cache-Control: max-age=587
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/icons/more_bright-2017.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/more_bright-2017.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/more_bright-2017.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/more_bright-2017.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=581
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
dl.gmx.net/uim/bidding/pbjs_iframe_3.html?loadprioad=0&portal=gmx&category=homepage§ion=homepage&layoutclass=b&external_uid=&optout=0&consentlevel=0&prioad=default&wi=0050665097&timeout=700&ts=1675828069356&hpeventid=2188480
2.18.172.165200 OK 6.3 kB URL HTTP/2 dl.gmx.net/uim/bidding/pbjs_iframe_3.html?loadprioad=0&portal=gmx&category=homepage§ion=homepage&layoutclass=b&external_uid=&optout=0&consentlevel=0&prioad=default&wi=0050665097&timeout=700&ts=1675828069356&hpeventid=2188480
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (566)
Hash 65f12a9771ed5e339c45fcebb5a04812
3c8f0f0bf41efeb9ce2fcdaa40d0aabb4d89c417
50d989c44ee749a926b929fac4c01d1d163f310addc3ec21652379b24f3ca8a8
GET /uim/bidding/pbjs_iframe_3.html?loadprioad=0&portal=gmx&category=homepage§ion=homepage&layoutclass=b&external_uid=&optout=0&consentlevel=0&prioad=default&wi=0050665097&timeout=700&ts=1675828069356&hpeventid=2188480 HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 18 Sep 2018 07:06:00 GMT
etag: "9026-5761fec129068-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 6308
content-type: text/html
cache-control: public, max-age=86398
date: Wed, 08 Feb 2023 03:46:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535947
date: Wed, 08 Feb 2023 03:46:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535947
date: Wed, 08 Feb 2023 03:46:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/playbutton-2.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/playbutton-2.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/playbutton-2.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/playbutton-2.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=600
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535947
date: Wed, 08 Feb 2023 03:46:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535947
date: Wed, 08 Feb 2023 03:46:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/more-2017.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/more-2017.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/more-2017.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/more-2017.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=600
Date: Wed, 08 Feb 2023 03:46:56 GMT
Connection: keep-alive
nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.beforeRectangleBottom.4&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=1328&_c=0&ts=1675828069583
82.165.229.54200 OK 43 B URL HTTP/1.1 nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.beforeRectangleBottom.4&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=1328&_c=0&ts=1675828069583
IP 82.165.229.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gmx/gmx/s?name=homepage.startseite.event.performance.beforeRectangleBottom.4&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=1328&_c=0&ts=1675828069583 HTTP/1.1
Host: nct.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:46:56 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
P3P: CP="this is not a p3p policy"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: image/gif
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/lotto/bg-lotto.jpg
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/lotto/bg-lotto.jpg
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/lotto/bg-lotto.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/lotto/bg-lotto.jpg
Server: BigIP
Content-Length: 0
Cache-Control: max-age=570
Date: Wed, 08 Feb 2023 03:46:57 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/lotto/logo-6aus49.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/lotto/logo-6aus49.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/lotto/logo-6aus49.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/lotto/logo-6aus49.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=543
Date: Wed, 08 Feb 2023 03:46:57 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/bg/lottokugel-2.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/bg/lottokugel-2.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/bg/lottokugel-2.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/bg/lottokugel-2.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=580
Date: Wed, 08 Feb 2023 03:46:57 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/lotto/bg-eurojackpot.jpg
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/lotto/bg-eurojackpot.jpg
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/lotto/bg-eurojackpot.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/lotto/bg-eurojackpot.jpg
Server: BigIP
Content-Length: 0
Cache-Control: max-age=554
Date: Wed, 08 Feb 2023 03:46:57 GMT
Connection: keep-alive
img.ui-portal.de/homepage/img/gmx/lotto/logo-eurojackpot.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/lotto/logo-eurojackpot.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/lotto/logo-eurojackpot.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/lotto/logo-eurojackpot.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=600
Date: Wed, 08 Feb 2023 03:46:57 GMT
Connection: keep-alive
i0.gmx.net/image/798/30064798,pd=4,h=115,w=140.jpg
2.18.172.165200 OK 4.7 kB URL HTTP/2 i0.gmx.net/image/798/30064798,pd=4,h=115,w=140.jpg
IP 2.18.172.165:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 140x115, components 3\012- data
Hash 312aee872e8cdce1e729ab81e6ccd484
6c80a80b2592464085115f4918300465cf0a5de2
45dd85fcddc0bb8b95323d02adeb50a193e902e3d6bd72a60e446fd0096d386a
GET /image/798/30064798,pd=4,h=115,w=140.jpg HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
access-control-allow-origin: *
etag: "A9A1C09C37401700E72207BA509F2DD1"
last-modified: Mon, 08 Nov 2021 14:38:53 GMT
content-length: 4699
content-type: image/jpeg
cache-control: max-age=2545562
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
i0.gmx.net/image/486/30468486,pd=1,h=115,w=140.jpg
2.18.172.165200 OK 3.7 kB URL HTTP/2 i0.gmx.net/image/486/30468486,pd=1,h=115,w=140.jpg
IP 2.18.172.165:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 140x115, components 3\012- data
Hash 081e983da9d96ec33bd3b48c843ad748
aab7f8f453bd485492e38157f9f19e066087f623
f325b7362e53099fdfe32c41343bab1ae3f9b82186b6e6b16273352ee32834f5
GET /image/486/30468486,pd=1,h=115,w=140.jpg HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
access-control-allow-origin: *
etag: "77ADCCDB3165D8AA573A8995525AE645"
last-modified: Tue, 24 Feb 2015 12:06:53 GMT
content-length: 3736
content-type: image/jpeg
cache-control: max-age=2545487
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
i0.gmx.net/image/380/32893380,pd=4,h=115,w=140.jpg
2.18.172.165404 Not Found 0 B URL HTTP/2 i0.gmx.net/image/380/32893380,pd=4,h=115,w=140.jpg
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image/380/32893380,pd=4,h=115,w=140.jpg HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Apache
access-control-allow-origin: *
content-length: 0
content-type: text/plain
cache-control: no-cache
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
i0.gmx.net/image/478/30015478,pd=2,h=115,w=140.jpg
2.18.172.165404 Not Found 0 B URL HTTP/2 i0.gmx.net/image/478/30015478,pd=2,h=115,w=140.jpg
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image/478/30015478,pd=2,h=115,w=140.jpg HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Apache
access-control-allow-origin: *
content-length: 0
content-type: text/plain
cache-control: no-cache
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
i0.gmx.net/image/474/30015474,pd=2,h=115,w=140.jpg
2.18.172.165404 Not Found 0 B URL HTTP/2 i0.gmx.net/image/474/30015474,pd=2,h=115,w=140.jpg
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image/474/30015474,pd=2,h=115,w=140.jpg HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Apache
access-control-allow-origin: *
content-length: 0
content-type: text/plain
cache-control: no-cache
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
i0.gmx.net/image/476/30015476,pd=2,h=115,w=140.jpg
2.18.172.165404 Not Found 0 B URL HTTP/2 i0.gmx.net/image/476/30015476,pd=2,h=115,w=140.jpg
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image/476/30015476,pd=2,h=115,w=140.jpg HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Apache
access-control-allow-origin: *
content-length: 0
content-type: text/plain
cache-control: no-cache
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
i0.gmx.net/image/466/30015466,pd=2,h=115,w=140.jpg
2.18.172.165404 Not Found 0 B URL HTTP/2 i0.gmx.net/image/466/30015466,pd=2,h=115,w=140.jpg
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image/466/30015466,pd=2,h=115,w=140.jpg HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Apache
access-control-allow-origin: *
content-length: 0
content-type: text/plain
cache-control: no-cache
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/horoscope/horoscope-sprite.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/horoscope/horoscope-sprite.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/horoscope/horoscope-sprite.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/horoscope/horoscope-sprite.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=573
Date: Wed, 08 Feb 2023 03:46:57 GMT
Connection: keep-alive
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
i0.gmx.net/image/266/32397266,pd=3,h=115,w=140.jpg
2.18.172.165404 Not Found 0 B URL HTTP/2 i0.gmx.net/image/266/32397266,pd=3,h=115,w=140.jpg
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image/266/32397266,pd=3,h=115,w=140.jpg HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Apache
access-control-allow-origin: *
content-length: 0
content-type: text/plain
cache-control: no-cache
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
adimg.uimserv.net/TCHIBO/KW_32/2018/NF_KW3218_HVK_Bee-clean_DE_300x250_Overlay.jpg
2.18.172.165200 OK 36 kB URL HTTP/2 adimg.uimserv.net/TCHIBO/KW_32/2018/NF_KW3218_HVK_Bee-clean_DE_300x250_Overlay.jpg
IP 2.18.172.165:0
File type JPEG image data, baseline, precision 8, 300x250, components 3\012- data
Hash 789a72158fe5088f6ff1690d17177d24
8bf8d770bab00bf41b531beee2001cc4a421e822
1cdbd7c7864fde33d90b3b57c603e888516a75e84cc2149afeb78b2ab7fbf6e3
GET /TCHIBO/KW_32/2018/NF_KW3218_HVK_Bee-clean_DE_300x250_Overlay.jpg HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 26 Jul 2018 09:17:48 GMT
etag: "8c84-571e377fae700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 08 Feb 2024 03:46:57 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 35643
content-type: image/jpeg
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
2.18.172.165200 OK 870 B URL HTTP/2 dl.gmx.net/uim/container/adservice-connector_1.html?param-deviceclass=b
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b85897c7cb2a870f654d383b6de2b46e
ab9eadfd34da412db6cd86ab10e97ba1546cbb37
76f72f8c27a5fa783103641e42be21a340f4d56420b34ad126f2793f6a97d9aa
GET /uim/container/adservice-connector_1.html?param-deviceclass=b HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 17 Jul 2018 11:20:41 GMT
etag: "820-5713022e39167-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 870
content-type: text/html
cache-control: public, max-age=31535946
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/footer/pssssst_text.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/footer/pssssst_text.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/footer/pssssst_text.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/footer/pssssst_text.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=578
Date: Wed, 08 Feb 2023 03:46:57 GMT
Connection: keep-alive
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(oms)layoutclass(b)&ac=14&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=oms&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bslider%5D=1&prf%5Bvers%5D=hp4&prf%5Bpos%5D=1&prf%5Bhpevent%5D=1&prf%5Bhpeventid%5D=2188480
85.114.159.112404 Not Found 54 B URL HTTP/1.1 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(oms)layoutclass(b)&ac=14&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=oms&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bslider%5D=1&prf%5Bvers%5D=hp4&prf%5Bpos%5D=1&prf%5Bhpevent%5D=1&prf%5Bhpeventid%5D=2188480
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type ASCII text, with no line terminators
Hash 74425774cff0c554d7dc2e7d6c890f5a
b2a5542a4323246a031c010169699c41e06d6fe1
09a9250bc31f438bb1535529c50219ebfb656774a3b20aca1f4ca741db1a3532
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(oms)layoutclass(b)&ac=14&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=oms&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bslider%5D=1&prf%5Bvers%5D=hp4&prf%5Bpos%5D=1&prf%5Bhpevent%5D=1&prf%5Bhpeventid%5D=2188480 HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 404 Not Found
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: ADITIONSERVER v1.0
Date: Wed, 08 Feb 2023 04:46:57 +0100
Content-Encoding: gzip
i0.gmx.net/image/966/32326966,pd=4.png
2.18.172.165200 OK 1.1 kB URL HTTP/2 i0.gmx.net/image/966/32326966,pd=4.png
IP 2.18.172.165:0
File type PNG image data, 48 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash bc0ae2a40016884fdbd96b1fbe645bd6
24b252dd5fe31e1b254e5731c81eaf1ec92dfbd9
28fa56e514ab9f1df8f93597f535e8c5ddf9768feb00be432acee853e26ff7ed
GET /image/966/32326966,pd=4.png HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
access-control-allow-origin: *
etag: "22F3D8DA60853736CB45742D29CAF132"
last-modified: Tue, 06 Mar 2018 09:06:12 GMT
content-length: 1066
content-type: image/png
cache-control: max-age=2546063
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
i0.gmx.net/image/174/32830174,pd=2.png
2.18.172.165200 OK 2.6 kB URL HTTP/2 i0.gmx.net/image/174/32830174,pd=2.png
IP 2.18.172.165:0
File type PNG image data, 48 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash b6003f0ab6744589005a2b55227001be
6315b410ec9ae41ac8c1be49ba5a32e1d5015cd7
f5cef30afc63ebd3bf7c1b9e8990c95b080cc18aa39fe9159f364c006b1b28d3
GET /image/174/32830174,pd=2.png HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
access-control-allow-origin: *
etag: "87FCCB7090B5ECCADBB0673C032B010E"
last-modified: Tue, 06 Mar 2018 09:06:12 GMT
content-length: 2627
content-type: image/png
cache-control: max-age=2584169
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
adimg.uimserv.net/EIGENWERBUNG/GMX/Strom/2018_April/TD-2473_gmx_strom_vw_medrec_01_rabo.jpg
2.18.172.165200 OK 23 kB URL HTTP/2 adimg.uimserv.net/EIGENWERBUNG/GMX/Strom/2018_April/TD-2473_gmx_strom_vw_medrec_01_rabo.jpg
IP 2.18.172.165:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 300x250, components 3\012- data
Hash cd657bfb8c5e0ee18979df9f9bb2672a
d66c3b2f02776aa5b94fffc65e9159800ffe59c5
544aea32323bb937af236d4a477de2a9e737da3d2628aea2e08e8a9a975bed04
GET /EIGENWERBUNG/GMX/Strom/2018_April/TD-2473_gmx_strom_vw_medrec_01_rabo.jpg HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 19 Apr 2018 07:12:43 GMT
etag: "5ada-56a2e4c346855-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 08 Feb 2024 03:46:57 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 22988
content-type: image/jpeg
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
i0.gmx.net/image/958/32326958,pd=3.png
2.18.172.165200 OK 1.8 kB URL HTTP/2 i0.gmx.net/image/958/32326958,pd=3.png
IP 2.18.172.165:0
File type PNG image data, 48 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash bf5d47c4c84fc2c9eaa433e1cefc4cda
971ccb534805c59aed286ace3dad4ba8490b00fb
7d206239cbd086bba12329e13a29cf4462f73ba472889cd3cf953b7e204b97ec
GET /image/958/32326958,pd=3.png HTTP/1.1
Host: i0.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
access-control-allow-origin: *
etag: "024805318E3D40EA9B78F77664010F4C"
last-modified: Tue, 06 Mar 2018 09:06:12 GMT
content-length: 1849
content-type: image/png
cache-control: max-age=2545673
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/more_bright-2017.png
2.18.172.165200 OK 1.1 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/more_bright-2017.png
IP 2.18.172.165:0
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash 5761b5ad582e24769fecc7d88fba5842
00146186eed31c11052f6a9a191cac47b60ddd37
1ef6153336edd3c15e54a163d13ad8079b5a484643681108cb4d4ec42096330b
GET /homepage/img/gmx/icons/more_bright-2017.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "441-5482dc3e36504"
last-modified: Fri, 10 Feb 2017 14:18:00 GMT
accept-ranges: bytes
content-length: 1089
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1781
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/btn/arrows-up-down-flat.svg
2.18.172.165200 OK 575 B URL HTTP/2 img.ui-portal.de/homepage/img/gmx/btn/arrows-up-down-flat.svg
IP 2.18.172.165:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ba9db68b7d401ff958798c2db85018cc
e21cb6cb69649b633483a0c0096247bee697e0a4
2cba1d819e2ebd1bf0e68fa8b81accd2ebe63b703902114f5ccd879b2ca26834
GET /homepage/img/gmx/btn/arrows-up-down-flat.svg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "6d0-53ea61ab9ab61"
last-modified: Wed, 12 Oct 2016 07:40:17 GMT
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
content-length: 575
content-type: image/svg+xml
cache-control: public, max-age=1741
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/spinner-2018.gif
2.18.172.165200 OK 3.2 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/spinner-2018.gif
IP 2.18.172.165:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash ab4dec5b122bc5d59f2ef65330f86087
8886faa157b015fd0d34ecc59d8b0a0548b45381
bb2d0beb7d6fd8a3cd1ae0c86040a2be851a61b396a11709024b20274d9f7444
GET /homepage/img/gmx/spinner-2018.gif HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "c88-5661c41930f2c"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 3208
x-robots-tag: noindex
content-type: image/gif
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/playbutton-2.png
2.18.172.165200 OK 6.4 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/playbutton-2.png
IP 2.18.172.165:0
File type PNG image data, 60 x 460, 8-bit/color RGBA, non-interlaced\012- data
Hash 06f63f40ab205ec2cc88ed3be97fd3b0
d8e66a9e657afcf1efd7831686f38f247d93a249
6d5b94295e82c351f641fdd23c8bc7cc60490ba1e2f840b0023b8af01cda5ba2
GET /homepage/img/gmx/icons/playbutton-2.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "1931-54a2633984e96"
last-modified: Tue, 07 Mar 2017 16:06:58 GMT
accept-ranges: bytes
content-length: 6449
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1795
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/lotto/bg-lotto.jpg
2.18.172.165200 OK 4.2 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/lotto/bg-lotto.jpg
IP 2.18.172.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x230, components 3\012- data
Hash 5c6c37977b486b03a6be8352d18ec50e
bea1037204cc6115885e6f72c2922b813171ce4f
7deceebea0fbf2a9c8e8fbc8958d6564cbc9c03b5288f384d75ad4a934df6142
GET /homepage/img/gmx/lotto/bg-lotto.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "103c-5661c4192f9ac"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 4156
x-robots-tag: noindex
content-type: image/jpeg
cache-control: public, max-age=1786
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/bg/lottokugel-2.png
2.18.172.165200 OK 420 B URL HTTP/2 img.ui-portal.de/homepage/img/gmx/bg/lottokugel-2.png
IP 2.18.172.165:0
File type PNG image data, 23 x 23, 8-bit colormap, non-interlaced\012- data
Hash b74714e612124eae820355ee245d9e2b
657e150f2d2978697639395b284fe7a7a7b78368
8a11e08e66834f5b40a13b247a23d1f24f46c3330d8a09f02a1a9aa86090e53e
GET /homepage/img/gmx/bg/lottokugel-2.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 05 Nov 2015 13:46:18 GMT
etag: "1a4-523cb5a010bc2"
accept-ranges: bytes
content-length: 420
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/lotto/logo-eurojackpot.png
2.18.172.165200 OK 5.1 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/lotto/logo-eurojackpot.png
IP 2.18.172.165:0
File type PNG image data, 131 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash a35ed0d535421bb8495483a6d9082b44
23b8ee5e6f799f861c995029d2e2a6bff9a15eef
f764691337484e9fd72ecb14374dd4771727b4701bc26ce268873f083cc9d8b9
GET /homepage/img/gmx/lotto/logo-eurojackpot.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "13d5-5661c4193017d"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 5077
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
dl.gmx.net/uim/bidding/connector.js
2.18.172.165200 OK 488 B URL HTTP/2 dl.gmx.net/uim/bidding/connector.js
IP 2.18.172.165:0
Hash 74a87fd92086dec61425f022dac123aa
6d30ebca1cbc98b7893fafd51df9dcf16eaeaee2
16920c9d396e9dab3ebfd6602f81960f3cd02b34212d536368f0300e4b41db41
GET /uim/bidding/connector.js HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/uim/bidding/pbjs_iframe_3.html?loadprioad=0&portal=gmx&category=homepage§ion=homepage&layoutclass=b&external_uid=&optout=0&consentlevel=0&prioad=default&wi=0050665097&timeout=700&ts=1675828069356&hpeventid=2188480
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 Apr 2018 10:03:16 GMT
etag: "530-56a44cc005716"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 488
content-type: application/javascript
cache-control: public, max-age=22297
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/lotto/bg-eurojackpot.jpg
2.18.172.165200 OK 9.5 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/lotto/bg-eurojackpot.jpg
IP 2.18.172.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x230, components 3\012- data
Hash 3ec78fa9e414e50fb2dea6f4798b1e73
8402ea02f9bd797294dfb7177eff3b92c37c8aeb
2e7255ce175fb0b03a76521a502c79225a991778959b0e8c304cbf87966bdbab
GET /homepage/img/gmx/lotto/bg-eurojackpot.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "254a-5661c4192f3cf"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 9546
x-robots-tag: noindex
content-type: image/jpeg
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/horoscope/horoscope-sprite.png
2.18.172.165200 OK 14 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/horoscope/horoscope-sprite.png
IP 2.18.172.165:0
File type PNG image data, 160 x 960, 8-bit/color RGBA, non-interlaced\012- data
Hash 8886cdbb43f06c8813bf5eb6349b42a3
15c0ea62cb7e78c8b35acd853dad445f6a616365
b445ba1981d57262dce55afc32c0180f58f99614dc25c7a488dfeef4f72317ee
GET /homepage/img/gmx/horoscope/horoscope-sprite.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "3664-5661c41928a43"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 13924
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1766
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/more-2017.png
2.18.172.165200 OK 1.1 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/more-2017.png
IP 2.18.172.165:0
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash 8cf47393e661b1425322aa4ba3c1a1b3
a6c6c6044486c2903a54bef4044b1e5ba2314136
ecc57129d821c8c687c585c00c406e1a22f946594cf37d18851d62955e4afe20
GET /homepage/img/gmx/icons/more-2017.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "449-5482dc3e36504"
last-modified: Fri, 10 Feb 2017 14:18:00 GMT
accept-ranges: bytes
content-length: 1097
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1_data/lt
89.46.108.68200 OK 2.0 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1_data/lt
IP 89.46.108.68:0
File type ASCII text, with very long lines (1961), with no line terminators
Hash 8bc9bd72aa18934a7de9b96858618966
6fe992926e5c466855a03bd1f552b0f1662acc99
e3deaabcb94f8f87b85714f4fee2f00470832e083568b46e4d3d4205f2895066
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1_data/lt HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1.htm
Cookie: NGUserID=; iom_consent=0000000000&1675828069175
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:57 GMT
Content-Length: 1961
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:25 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1_data/ad-rightColumn.css
89.46.108.68200 OK 3.7 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1_data/ad-rightColumn.css
IP 89.46.108.68:0
Hash 65a0622d08ab07b79c4c20f7579b0227
a0b0b7e6ecae1306d065913ce6add4e18b6633b8
14299d66152859b4b978e691c7c0440e580b5c66bcbe9ab796eeaafa35e11482
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1_data/ad-rightColumn.css HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1.htm
Cookie: NGUserID=; iom_consent=0000000000&1675828069175
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:57 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2019 13:55:25 GMT
X-ServerName: ipvsproxy162.ad.aruba.it
Content-Encoding: gzip
img.ui-portal.de/homepage/img/gmx/lotto/logo-6aus49.png
2.18.172.165200 OK 2.6 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/lotto/logo-6aus49.png
IP 2.18.172.165:0
File type PNG image data, 178 x 25, 8-bit colormap, non-interlaced\012- data
Hash 2f4eb89ecf87ce1d99e3b694ad58fcb8
22f73247f06efbaaa3a3863332ac99869d682cb0
44ac8c2cce09c429456b5e61f5d0b32a34a19b28c5e5b9dfe5445fc0eecc00d9
GET /homepage/img/gmx/lotto/logo-6aus49.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "a3a-5661c41943843"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 2618
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1777
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
dl.gmx.net/uim/bidding/consent.js
2.18.172.165200 OK 3.2 kB URL HTTP/2 dl.gmx.net/uim/bidding/consent.js
IP 2.18.172.165:0
File type ASCII text, with very long lines (14965), with no line terminators
Hash aa95dd99cb935ed97964d1ace667de19
b2b06f7b124e2d037a2ab88d0dc6f11f7c7773fe
b1c007968f9c71212d219d0bfc8a0b017dca967288d24626f295a087ae3e9864
GET /uim/bidding/consent.js HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/uim/bidding/pbjs_iframe_3.html?loadprioad=0&portal=gmx&category=homepage§ion=homepage&layoutclass=b&external_uid=&optout=0&consentlevel=0&prioad=default&wi=0050665097&timeout=700&ts=1675828069356&hpeventid=2188480
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 17 Aug 2020 07:48:37 GMT
etag: "3a75-5ad0dff8c1439-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 3199
content-type: application/javascript
cache-control: public, max-age=86364
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dl.gmx.net/uim/container/prebid_5.js
2.18.172.165200 OK 34 kB URL HTTP/2 dl.gmx.net/uim/container/prebid_5.js
IP 2.18.172.165:0
File type ASCII text, with very long lines (65487)
Hash 58989701c6d34e07fb6ca3f50d923f94
87b4faf4daa754f2d739a7400ece38214f0cadfe
e47d2d964346ea9ce21a98ff4bdbd0784ca5027a56cb8161585be30c0192c199
GET /uim/container/prebid_5.js HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/uim/bidding/pbjs_iframe_3.html?loadprioad=0&portal=gmx&category=homepage§ion=homepage&layoutclass=b&external_uid=&optout=0&consentlevel=0&prioad=default&wi=0050665097&timeout=700&ts=1675828069356&hpeventid=2188480
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 26 Jul 2018 15:31:45 GMT
etag: "1b079-571e8b161af4f-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 33592
content-type: application/javascript
cache-control: public, max-age=31536000
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash 9f5bac954830f5630aa3bf6db575f464
cca822b8da9a4e0e931f0ac222c8352f9e8175e7
6328317461bf89a8e52bc7daf6e0b5345b4b11be8ea8caf899d6b7226f7b8046
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 12 Feb 2023 00:37:24 GMT
ETag: "cca822b8da9a4e0e931f0ac222c8352f9e8175e7"
Last-Modified: Wed, 08 Feb 2023 00:37:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 08 Feb 2023 03:46:57 GMT
Age: 1275
X-Served-By: cache-qpg1227-QPG, cache-bma1656-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 35, 2
X-Timer: S1675828018.529504,VS0,VE0
www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1_data/gmx_allnet_billboard_dyn.gif
89.46.108.68200 OK 38 kB URL HTTP/1.1 www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1_data/gmx_allnet_billboard_dyn.gif
IP 89.46.108.68:0
File type GIF image data, version 89a, 970 x 250\012- data
Hash eb08d37eb4517477c2f3e46d7be08989
2347a1b194139925ce8aa3b844716bcad9a91d84
9b2c73bf76bace4be9a22c81ebd3c118c0b644964e4ab4d855fd67ce41bdd09d
Analyzer Verdict Alert quad9 Sinkholed
GET /login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1_data/gmx_allnet_billboard_dyn.gif HTTP/1.1
Host: www.camperpuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/login.gmx.net/apps/CustomerService/1_files/rtb_billboard_2_data/generic_adition_simple_1.htm
Cookie: NGUserID=; iom_consent=0000000000&1675828069175
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 08 Feb 2023 03:46:57 GMT
Content-Type: image/gif
Content-Length: 38106
Connection: keep-alive
Last-Modified: Thu, 11 Jul 2019 13:55:25 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy162.ad.aruba.it
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash 9f5bac954830f5630aa3bf6db575f464
cca822b8da9a4e0e931f0ac222c8352f9e8175e7
6328317461bf89a8e52bc7daf6e0b5345b4b11be8ea8caf899d6b7226f7b8046
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 12 Feb 2023 00:37:24 GMT
ETag: "cca822b8da9a4e0e931f0ac222c8352f9e8175e7"
Last-Modified: Wed, 08 Feb 2023 00:37:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 08 Feb 2023 03:46:57 GMT
Age: 1275
X-Served-By: cache-qpg1227-QPG, cache-bma1656-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 35, 3
X-Timer: S1675828018.543073,VS0,VE0
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash 9f5bac954830f5630aa3bf6db575f464
cca822b8da9a4e0e931f0ac222c8352f9e8175e7
6328317461bf89a8e52bc7daf6e0b5345b4b11be8ea8caf899d6b7226f7b8046
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 12 Feb 2023 00:37:24 GMT
ETag: "cca822b8da9a4e0e931f0ac222c8352f9e8175e7"
Last-Modified: Wed, 08 Feb 2023 00:37:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 08 Feb 2023 03:46:57 GMT
Age: 1274
X-Served-By: cache-qpg1227-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 35, 2
X-Timer: S1675828018.557345,VS0,VE0
img.ui-portal.de/homepage/img/gmx/footer/pssssst_text.png
2.18.172.165200 OK 1.3 kB URL HTTP/2 img.ui-portal.de/homepage/img/gmx/footer/pssssst_text.png
IP 2.18.172.165:0
File type PNG image data, 252 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b9d26e3c8ae23ab3a0f27ea6b190ee38
e494f36bba94c2b9cbb15d18e6faa029fac51582
c370e71b0948756d462400ed96c676d197e927c368c8de0144aa03582847abcb
GET /homepage/img/gmx/footer/pssssst_text.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "52a-5661c419272cf"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 1322
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1799
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash 9f5bac954830f5630aa3bf6db575f464
cca822b8da9a4e0e931f0ac222c8352f9e8175e7
6328317461bf89a8e52bc7daf6e0b5345b4b11be8ea8caf899d6b7226f7b8046
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 12 Feb 2023 00:37:24 GMT
ETag: "cca822b8da9a4e0e931f0ac222c8352f9e8175e7"
Last-Modified: Wed, 08 Feb 2023 00:37:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 08 Feb 2023 03:46:57 GMT
Age: 1275
X-Served-By: cache-qpg1227-QPG, cache-bma1656-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 35, 4
X-Timer: S1675828018.561588,VS0,VE0
adimg.uimserv.net/Promoline_Homepage/BonPrix_Logo_64x16.jpg
2.18.172.165200 OK 7.5 kB URL HTTP/2 adimg.uimserv.net/Promoline_Homepage/BonPrix_Logo_64x16.jpg
IP 2.18.172.165:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop Elements 7.0 Windows, datetime=2017:12:20 15:35:18], baseline, precision 8, 64x16, components 3\012- data
Hash c43694feaf2bcf673142b4ef367fead7
d07d96a6068e6c840e25cb5e6893ae044f7c0603
c71e904b3aad9698025e4de9edfce7757776f423b89b8f3439264f2d50bfd48f
GET /Promoline_Homepage/BonPrix_Logo_64x16.jpg HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 20 Dec 2017 14:35:21 GMT
etag: "375e-560c67e45549b-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 08 Feb 2024 03:46:57 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 7482
content-type: image/jpeg
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
adimg.uimserv.net/Promoline_Homepage/Otto_Logo_64x16.gif
2.18.172.165200 OK 661 B URL HTTP/2 adimg.uimserv.net/Promoline_Homepage/Otto_Logo_64x16.gif
IP 2.18.172.165:0
File type GIF image data, version 89a, 64 x 16\012- data
Hash 949595ea17ce332373bbe7a57b05ecc7
8187d239537a37e5daaf368db0633a19f2c972bd
3874761a2524f97432daa0e49558e8d379be84c61b8697fc1e175c9db20c013b
GET /Promoline_Homepage/Otto_Logo_64x16.gif HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 20 Dec 2017 14:37:51 GMT
etag: "27e-560c6872e272d-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 08 Feb 2024 03:46:57 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 661
content-type: image/gif
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
adimg.uimserv.net/EIGENWERBUNG/GMX/Onlinespeicher/gmx_onlinespeicher_lm_s.png
2.18.172.165200 OK 1.1 kB URL HTTP/2 adimg.uimserv.net/EIGENWERBUNG/GMX/Onlinespeicher/gmx_onlinespeicher_lm_s.png
IP 2.18.172.165:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fb9c843985be68a5f4a900d335942ff
ba0f82c1309eb1bf13a0149dd7338a1ad50a02a7
075661ca59e9c8388cf689eb55e785049716cd72ab97475f62ae4f3bf5b82fbd
GET /EIGENWERBUNG/GMX/Onlinespeicher/gmx_onlinespeicher_lm_s.png HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 05 Mar 2018 10:50:41 GMT
etag: "594-566a818e47370-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 08 Feb 2024 03:46:57 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 1137
content-type: image/png
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
adimg.uimserv.net/EIGENWERBUNG/GMX/Onlinespeicher/gmx_onlinespeicher_lm_l.png
2.18.172.165200 OK 1.3 kB URL HTTP/2 adimg.uimserv.net/EIGENWERBUNG/GMX/Onlinespeicher/gmx_onlinespeicher_lm_l.png
IP 2.18.172.165:0
File type PNG image data, 48 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1789685523058c3e3b32e1bc21d9ce2c
208b6e9da95d8bec45be9646fa4f8860c7b76a98
7652140dec647da86ee37bdc3d1658645f4e6af6852258c7422490c52f2f8419
GET /EIGENWERBUNG/GMX/Onlinespeicher/gmx_onlinespeicher_lm_l.png HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 05 Mar 2018 10:51:18 GMT
etag: "65d-566a81b10340c-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 08 Feb 2024 03:46:57 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 1344
content-type: image/png
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
adimg.uimserv.net/Lidl_Direct/180328_UIM_64x16_Logo.jpg
2.18.172.165200 OK 1.8 kB URL HTTP/2 adimg.uimserv.net/Lidl_Direct/180328_UIM_64x16_Logo.jpg
IP 2.18.172.165:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 64x16, components 3\012- data
Hash 391f5dc683fdf0e6c4996e681cb18357
dbadf0a5fb9357b57194abb387585ff0e899615a
1f236429faddd85f13084b53818a90d369d7008d6a97fd7eb7a157eeb3e9740f
GET /Lidl_Direct/180328_UIM_64x16_Logo.jpg HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 28 Mar 2018 08:43:00 GMT
etag: "881-56874fe9d19b9-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 08 Feb 2024 03:46:57 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 1795
content-type: image/jpeg
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
adimg.uimserv.net/EIGENWERBUNG/GMX/AllNetFlat/2017/Oktober/OMS/gmx_all-net_oms-modul_48x32.png
2.18.172.165200 OK 2.0 kB URL HTTP/2 adimg.uimserv.net/EIGENWERBUNG/GMX/AllNetFlat/2017/Oktober/OMS/gmx_all-net_oms-modul_48x32.png
IP 2.18.172.165:0
File type PNG image data, 48 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 47dd1a1ce1949dbb5f297d9710521b09
f923fd4dc6fd505ff58eaf581f5f704086ff8d7c
f2b819a1f7b358b389a80cd9bc9951463a7bf45d0b2cb4f8706ec80660f19402
GET /EIGENWERBUNG/GMX/AllNetFlat/2017/Oktober/OMS/gmx_all-net_oms-modul_48x32.png HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 30 Jul 2018 10:54:02 GMT
etag: "7d3-5723547855493-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 08 Feb 2024 03:46:57 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 2026
content-type: image/png
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_300x115_02_nszram_03.png
2.18.172.165200 OK 2.5 kB URL HTTP/2 img.ui-portal.de/cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_300x115_02_nszram_03.png
IP 2.18.172.165:0
File type PNG image data, 85 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash e4344eb6532a6cc87fce70297b82b593
7b189224356b1ee18f4a78315bbdc4eacfc526f1
0128d3002673aff484a659f8a026d0b65d744b6e92523302b5514224e6666c5e
GET /cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_300x115_02_nszram_03.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "9ae-56a1e5478762e"
last-modified: Wed, 18 Apr 2018 12:09:42 GMT
accept-ranges: bytes
content-length: 2478
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_620x115_01_nszram_03.png
2.18.172.165200 OK 2.9 kB URL HTTP/2 img.ui-portal.de/cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_620x115_01_nszram_03.png
IP 2.18.172.165:0
File type PNG image data, 110 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f1e2fb6f61708c2fe2362a1c927cec3
ff00d41ecbad879e6c81bde73486b1e41ec9581a
98111ef53934413ee50efc0bcebe5e6b88074f9b25fd14914794e1eb5d97ec9d
GET /cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_620x115_01_nszram_03.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 18 Apr 2018 11:40:36 GMT
etag: "b5b-56a1dec70c814"
accept-ranges: bytes
content-length: 2907
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1792
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_620x115_02_nszram_03.png
2.18.172.165200 OK 2.7 kB URL HTTP/2 img.ui-portal.de/cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_620x115_02_nszram_03.png
IP 2.18.172.165:0
File type PNG image data, 110 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 92bf099f731b560cbc019c0f4eb36bd5
6d514d1597ed1a22ef1222902b11d764d5de012f
ada628134eb079a188a4a1f59380e35a4718d4c4bf33e3a73484ce6e72dfa936
GET /cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_620x115_02_nszram_03.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 18 Apr 2018 12:10:15 GMT
etag: "a6e-56a1e56752440"
accept-ranges: bytes
content-length: 2670
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1797
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_300x115_01_side_03.png
2.18.172.165200 OK 2.9 kB URL HTTP/2 img.ui-portal.de/cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_300x115_01_side_03.png
IP 2.18.172.165:0
File type PNG image data, 85 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash c1c238103a3c2656762c38e909dc89db
ac2361ba056032bf3a53c98ae11b0663f1a75df1
37d4e2baec1abbd06818e201ce6745a9637fa041b61b19c97ea6554ba43d45ff
GET /cms/gmx/produkte/freemail/homepage/MMSGK-2724_oms_modul_300x115_01_side_03.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "b2b-56a1ded14c566"
last-modified: Wed, 18 Apr 2018 11:40:47 GMT
accept-ranges: bytes
content-length: 2859
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:57 GMT
X-Firefox-Spdy: h2
adimg.uimserv.net/EIGENWERBUNG/GMX/AllNetFlat/2017/Oktober/OMS/gmx_all-net_oms-modul_32x32.png
2.18.172.165200 OK 1.7 kB URL HTTP/2 adimg.uimserv.net/EIGENWERBUNG/GMX/AllNetFlat/2017/Oktober/OMS/gmx_all-net_oms-modul_32x32.png
IP 2.18.172.165:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a61ac0fd7acecba85aa1a218a320d2c
b293f9e6ba7fff8499d01e87436fca5daabf6937
ff15034280ca2da4c710df8fd0b84764c3bd2232910708032391d9524be3403d
GET /EIGENWERBUNG/GMX/AllNetFlat/2017/Oktober/OMS/gmx_all-net_oms-modul_32x32.png HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 25 Sep 2017 11:11:16 GMT
etag: "6b5-55a019e0abf05-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 08 Feb 2024 03:46:57 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 1740
content-type: image/png
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_5)layoutclass(b)&ac=8&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_5&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 999 B URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_5)layoutclass(b)&ac=8&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_5&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type ASCII text, with very long lines (2025), with no line terminators
Hash 2d1b9df94b4498552dd3060d1f69cc72
b537a4ae78e772681191a200a19156a0ce5be44d
3e034820c6550677fab7f4a3586b690a73551eb2caed405ca2cd324b9b143ec1
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_5)layoutclass(b)&ac=8&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_5&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526741103123; expires=Tue, 09-May-2023 04:46:56 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_5)layoutclass(b)&ac=9&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_5&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 1.0 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_5)layoutclass(b)&ac=9&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_5&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type ASCII text, with very long lines (2119), with no line terminators
Hash 33bd1ff9d38670c03d62a9f8bf3f7485
c9916438754d39cac36d535c17f96be6d4141fc8
9f80d01659cd10ef199138f1f49e1d01eaba19dd0933c04e41b668e21204a80d
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_5)layoutclass(b)&ac=9&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_5&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526741168659; expires=Tue, 09-May-2023 04:46:56 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_6)layoutclass(b)&ac=9&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_6&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 2.0 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_6)layoutclass(b)&ac=9&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_6&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2650)
Hash 32085d9ea2aca6cd49e53d9f52354a39
a949e82d32741c1e7260a3532e34322bb9e4b504
f413c291e08801eba9bc0e5f7999d759757c2de9fb4beec6f41add5e90784776
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_6)layoutclass(b)&ac=9&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_6&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526741299731; expires=Tue, 09-May-2023 04:46:56 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_1)layoutclass(b)&ac=7&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_1&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 3.8 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_1)layoutclass(b)&ac=7&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_1&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type ASCII text, with very long lines (4738), with CRLF line terminators
Hash 8234364bed30edce8d020397db24d51b
be9250856f84f602d82d1604acb837e2a7bfbea7
e471789d8992122bf33ba4e2d4009eb52ba62d3da7a15b4d4ff2327ba7b88037
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_1)layoutclass(b)&ac=7&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_1&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526742675987; expires=Tue, 09-May-2023 04:46:57 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
img.ui-portal.de/fallback/anf/2023/Januar/hw/g/mr.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526741627411%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526741168659%26sid%3D3590327%26kid%3D3040622%26bid%3D17367672%26c%3D5707%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D
2.18.172.165200 OK 850 B URL HTTP/2 img.ui-portal.de/fallback/anf/2023/Januar/hw/g/mr.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526741627411%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526741168659%26sid%3D3590327%26kid%3D3040622%26bid%3D17367672%26c%3D5707%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (540)
Hash 0a2ec55eaf727a51ed8e79c333115cf7
f603c1109e982eb5f8117c2d9b3af9af0ba04381
d6a4fa21f73c993d77f682aaeba2e11875edf9d5f214043a585c57790f65818f
GET /fallback/anf/2023/Januar/hw/g/mr.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526741627411%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526741168659%26sid%3D3590327%26kid%3D3040622%26bid%3D17367672%26c%3D5707%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 30 Jan 2023 12:35:36 GMT
etag: "63d-5f37a73af9600"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 850
content-type: text/html
cache-control: public, max-age=872
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/fallback/lotto/2022/04_2022_lo/mr_c_lotto_gmx.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526741824019%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526741234195%26sid%3D3840582%26kid%3D2215476%26bid%3D16005615%26c%3D14456%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D
2.18.172.165200 OK 1.6 kB URL HTTP/2 img.ui-portal.de/fallback/lotto/2022/04_2022_lo/mr_c_lotto_gmx.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526741824019%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526741234195%26sid%3D3840582%26kid%3D2215476%26bid%3D16005615%26c%3D14456%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (464), with CRLF line terminators
Hash 5b99c644266d7d74b5bed7f2a6a19d57
b70f2751806ae2f4193e6c0afc06ebb51980f581
40a85070359f6435dc30b73a4b3f1009ec6e534340328fd8f2a81e0996f3de32
GET /fallback/lotto/2022/04_2022_lo/mr_c_lotto_gmx.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526741824019%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526741234195%26sid%3D3840582%26kid%3D2215476%26bid%3D16005615%26c%3D14456%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 09:31:13 GMT
etag: "13ee-5e292d070d71b"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 1575
content-type: text/html
cache-control: public, max-age=518
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6622
Expires: Wed, 08 Feb 2023 05:37:19 GMT
Date: Wed, 08 Feb 2023 03:46:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6622
Expires: Wed, 08 Feb 2023 05:37:19 GMT
Date: Wed, 08 Feb 2023 03:46:57 GMT
Connection: keep-alive
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_4)layoutclass(b)&ac=5&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_4&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112404 Not Found 1.7 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_4)layoutclass(b)&ac=5&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_4&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Hash 0310e8ac625f27c2e1678f53e38cd170
8fc7e462b3462f448aa3b0522a315b50cf660729
cd75a5145f6fbf97b26080868bb781e7c278d5bcb5940aad6a8e6f4d439647f9
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_4)layoutclass(b)&ac=5&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_4&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/plain
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_6)layoutclass(b)&ac=10&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_6&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 9.7 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_6)layoutclass(b)&ac=10&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_6&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Hash dfb1c2c639be9878743ad198a02bba08
8c2ea45607eeb068e477b417c5f9e69fae123c4b
62d5b2c31615b98cb54de8655c7867508b356acbd9d382f5a2d3b0627110d199
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_6)layoutclass(b)&ac=10&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_6&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526741234195; expires=Tue, 09-May-2023 04:46:56 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
dl.gmx.net/uim/bidding/pbjs_tgp.html?profiletype=cookie&profiledata=ts%3D6587716302866219919%26deviceclass%3Db
2.18.172.165200 OK 552 B URL HTTP/2 dl.gmx.net/uim/bidding/pbjs_tgp.html?profiletype=cookie&profiledata=ts%3D6587716302866219919%26deviceclass%3Db
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 32ea11e025eda88c3bb77ea28c5ab824
803760b4efeada5bc49cb3c48c9844ca64d036ce
0d07a3c9945dbda983969230bc33a360e11f200965c58da03bb4dd88ac14cd4d
GET /uim/bidding/pbjs_tgp.html?profiletype=cookie&profiledata=ts%3D6587716302866219919%26deviceclass%3Db HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Fri, 27 Apr 2018 12:20:23 GMT
etag: "49a-56ad38741b879-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 552
content-type: text/html
cache-control: public, max-age=86400
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
adimg.uimserv.net/EIGENWERBUNG/GMX/Mailcheck/2018/gmx_medrec_mailcheck_default.jpg
2.18.172.165200 OK 16 kB URL HTTP/2 adimg.uimserv.net/EIGENWERBUNG/GMX/Mailcheck/2018/gmx_medrec_mailcheck_default.jpg
IP 2.18.172.165:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Hash 0e5438962f8d6aa26e5e2d75968e50e9
741636c3182106766db932303355fc48bbc6756c
140694503d4a8c746c4bae512d717d1aacac0de08746bbf9a2d70b9cbe9bf7c3
GET /EIGENWERBUNG/GMX/Mailcheck/2018/gmx_medrec_mailcheck_default.jpg HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 08 Feb 2018 15:23:29 GMT
etag: "4a6e-564b4fe70e264-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Wed, 23 Nov 2022 15:43:47 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 16483
content-type: image/jpeg
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/faba/prodigy/lotto/2022/EB/gmx/mr.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526742872595%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526742479379%26sid%3D3840591%26kid%3D5069780%26bid%3D15487947%26c%3D44441%26keyword%3D%26sr%3D5%26gk%3D0%26mdev%3D0%26clickurl%3D
2.18.172.165200 OK 11 kB URL HTTP/2 img.ui-portal.de/faba/prodigy/lotto/2022/EB/gmx/mr.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526742872595%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526742479379%26sid%3D3840591%26kid%3D5069780%26bid%3D15487947%26c%3D44441%26keyword%3D%26sr%3D5%26gk%3D0%26mdev%3D0%26clickurl%3D
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13823)
Hash 65cefa49be33d7130594a2e5ad3b5c29
f50594be72c8e63bf83f1e13b6391fdc2e613a8b
e86a092fa7d43dfef835019b32db15e528f3232eb20b7b350b85dc63546a018e
GET /faba/prodigy/lotto/2022/EB/gmx/mr.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526742872595%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526742479379%26sid%3D3840591%26kid%3D5069780%26bid%3D15487947%26c%3D44441%26keyword%3D%26sr%3D5%26gk%3D0%26mdev%3D0%26clickurl%3D HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Jun 2022 13:33:25 GMT
etag: "70f2-5e2aa506fac94"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 10767
content-type: text/html
cache-control: public, max-age=53
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6622
Expires: Wed, 08 Feb 2023 05:37:19 GMT
Date: Wed, 08 Feb 2023 03:46:57 GMT
Connection: keep-alive
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_8)layoutclass(b)&ac=10&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_8&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 1.6 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_8)layoutclass(b)&ac=10&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_8&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Hash 1bc55a61316b5fcf70378e826cec8584
04bd7b11138c37e16b8dbfce741f6828ee362417
cbda4f7f46139a61ca9102581bdfa6542e2cd9af76ab6a88862654230cf5d69c
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_8)layoutclass(b)&ac=10&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_8&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526741365267; expires=Tue, 09-May-2023 04:46:56 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
dl.gmx.net/uim/bidding/pbjs_config_7.html?portal=gmx&wc=2&wt=33
2.18.172.165200 OK 1.8 kB URL HTTP/2 dl.gmx.net/uim/bidding/pbjs_config_7.html?portal=gmx&wc=2&wt=33
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fb9dec385b3598657a68a09fe53516b7
be29fb030c9de43ff67fa5b6dabc15aea3003368
a4f1b59f21c91dfd642c5da491309c739d7696700f2768f0ce5fb0e020377476
GET /uim/bidding/pbjs_config_7.html?portal=gmx&wc=2&wt=33 HTTP/1.1
Host: dl.gmx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "4dfa-583e274b2f157"
last-modified: Tue, 12 Mar 2019 09:38:47 GMT
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 1827
content-type: text/html
cache-control: public, max-age=86400
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_4)layoutclass(b)&ac=5&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_4&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112404 Not Found 9.8 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_4)layoutclass(b)&ac=5&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_4&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Hash acaf134a09939c95471644fed76881e7
09773ccb9ed3298022a4bebe4fe71530a94ad648
e355052900683d663963abb748473c3e91f5ab4a2cba004bd58bd98463874e63
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_4)layoutclass(b)&ac=5&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_4&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/plain
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5129898de057eb92808f18d120eb7a70
eb0a900843beac5c4ee46686b89b3e8b8d77f80f
7ce3e4f7be652895e93cb8c1a9019b70d699c0a9da013d311395a6440b4e9f96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7847
x-amzn-requestid: 60759e32-ac58-4dda-8ea3-fd80413c0deb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkkEpMoAMFnGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c483-61b8715a0da73f4526215649;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TCX7ZFhV73kN0UBshXeb0qdSkY-8qdeNN6EgioqOUmSAnraEhAohMQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:11 GMT
age: 21886
etag: "eb0a900843beac5c4ee46686b89b3e8b8d77f80f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_1)layoutclass(b)&ac=6&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_1&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 4.2 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_1)layoutclass(b)&ac=6&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_1&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Hash 930930708521912a933b033ded671122
129a8ff0c484b129bbc44dd4000b27a27ef0c761
2b6589ddfdcc953b728ff234e8099b619904c984801724f8c97f186a5a07fe04
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_1)layoutclass(b)&ac=6&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_1&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526742610451; expires=Tue, 09-May-2023 04:46:57 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(slider_1)layoutclass(b)&ac=15&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=slider_1&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bpos%5D=1
85.114.159.112404 Not Found 54 B URL HTTP/1.1 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(slider_1)layoutclass(b)&ac=15&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=slider_1&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bpos%5D=1
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type ASCII text, with no line terminators
Hash 74425774cff0c554d7dc2e7d6c890f5a
b2a5542a4323246a031c010169699c41e06d6fe1
09a9250bc31f438bb1535529c50219ebfb656774a3b20aca1f4ca741db1a3532
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(slider_1)layoutclass(b)&ac=15&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=slider_1&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bpos%5D=1 HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 404 Not Found
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: ADITIONSERVER v1.0
Date: Wed, 08 Feb 2023 04:46:57 +0100
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DLVp9hiUjE2w5BiukFfUMALWxvcobbJcJRO-7CdXj3cy6rAdFhPRFQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 21776
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_billboard)layoutclass(b)&ac=4&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=1&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_billboard&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=1&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Bhpeventid%5D=2188480&prf%5Badsize%5D=300x250&prf%5Bomsbillboard%5D=1&prf%5Brichmedia%5D=false
85.114.159.112404 Not Found 13 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_billboard)layoutclass(b)&ac=4&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=1&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_billboard&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=1&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Bhpeventid%5D=2188480&prf%5Badsize%5D=300x250&prf%5Bomsbillboard%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Hash a54f3c92db71602ed845d56e2d777b2b
073cbba7e8780db10362addcadf894153e64a699
0ac0c674adce2920a0ddcff35dc61253f1e442e28fc83e1bd7cb80d6dc2ebd81
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_billboard)layoutclass(b)&ac=4&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=1&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_billboard&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=1&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Bhpeventid%5D=2188480&prf%5Badsize%5D=300x250&prf%5Bomsbillboard%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/plain
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
content-encoding: gzip
X-Firefox-Spdy: h2
img.ui-portal.de/faba/prodigy/lotto/2022/EB/gmx/mr.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526744773139%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526744642067%26sid%3D3840581%26kid%3D5069780%26bid%3D15487947%26c%3D20152%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D
2.18.172.165200 OK 11 kB URL HTTP/2 img.ui-portal.de/faba/prodigy/lotto/2022/EB/gmx/mr.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526744773139%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526744642067%26sid%3D3840581%26kid%3D5069780%26bid%3D15487947%26c%3D20152%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D
IP 2.18.172.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13823)
Hash 65cefa49be33d7130594a2e5ad3b5c29
f50594be72c8e63bf83f1e13b6391fdc2e613a8b
e86a092fa7d43dfef835019b32db15e528f3232eb20b7b350b85dc63546a018e
GET /faba/prodigy/lotto/2022/EB/gmx/mr.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526744773139%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526744642067%26sid%3D3840581%26kid%3D5069780%26bid%3D15487947%26c%3D20152%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Jun 2022 13:33:25 GMT
etag: "70f2-5e2aa506fac94"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 10767
content-type: text/html
cache-control: public, max-age=53
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_11)layoutclass(b)&ac=14&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_11&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 1.0 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_11)layoutclass(b)&ac=14&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_11&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type ASCII text, with very long lines (2126), with no line terminators
Hash 5f1b0182c3aea0df914f44c3a9e06101
818a55eb79f3b76af657ca1be722bd4ce9c4fc8c
b32382f62e800b4cbc654d0f81db910abe3d3eb17e97e4e9af5a667cb759108b
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_11)layoutclass(b)&ac=14&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_11&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526744642067; expires=Tue, 09-May-2023 04:46:57 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_3)layoutclass(b)&ac=8&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_3&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 9.5 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_3)layoutclass(b)&ac=8&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_3&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Hash 3913086ec92b48f9e98a27819a390429
b0227a9b901741f3c8e34de7b36688e7a1e57ecd
0fbfb2e28c287c32fda0ebcabfb2cd750533d6aa9ff799018446a3958760bbc8
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_3)layoutclass(b)&ac=8&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_3&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526741037587; expires=Tue, 09-May-2023 04:46:56 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
adimg.uimserv.net/EIGENWERBUNG/GMX/AllNetFlat/2018/August/OMS_Module/gmx_allnet_vw_medrec_300x250.jpg
2.18.172.165200 OK 31 kB URL HTTP/2 adimg.uimserv.net/EIGENWERBUNG/GMX/AllNetFlat/2018/August/OMS_Module/gmx_allnet_vw_medrec_300x250.jpg
IP 2.18.172.165:0
File type JPEG image data, baseline, precision 8, 300x250, components 3\012- data
Hash a60fb87a1d781d6fe544115124d2636d
886c2dcd3e48107f8bdfc73e1eba53f8111b2b19
3e1c58d5541951570f0e324e7095e2e26ebf4fe71b78747d1f0d99edc719ed51
GET /EIGENWERBUNG/GMX/AllNetFlat/2018/August/OMS_Module/gmx_allnet_vw_medrec_300x250.jpg HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 25 Jul 2018 14:50:29 GMT
etag: "7d70-571d3fff7201e-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 08 Feb 2024 03:46:57 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 30898
content-type: image/jpeg
date: Wed, 08 Feb 2023 03:46:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=3206&u=https%3A%2F%2Fdl.gmx.net
54.230.111.210204 No Content 0 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=3206&u=https%3A%2F%2Fdl.gmx.net
IP 54.230.111.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/prod/config?src=3206&u=https%3A%2F%2Fdl.gmx.net HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dl.gmx.net
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://dl.gmx.net
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Tue, 07 Feb 2023 22:10:18 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KmcnPl1s3RD1KSWYIhsbHmh6F1S6XlvTOxoumNZVQwKcjQmTRMk2yw==
age: 20199
X-Firefox-Spdy: h2
wa.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.update&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&category=homepage&error=none&screenres=1280x1024&viewres=1280x939&click1=undefined&click2=undefined&click3=undefined&click4=undefined&title=GMX%3A%20E-Mail-Adresse%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten&pageurl=http%3A%2F%2Fwww.camperpuro.com%2Flogin.gmx.net%2Fapps%2FCustomerService%2Findexx.htm&wa_extra=undefined&prv_mode=false&tb_kid=undefined&tb_mode=undefined&tb_var=undefined&tb_brand=test&tb_bbrowser=undefined&tb_version=undefined&tb_accc=undefined&lvts=20180809&segment=1&consentLevel=0&size=col4&av=default&at=billboard_billboard&ts=1675828070621
82.165.229.54200 OK 43 B URL HTTP/1.1 wa.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.update&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&category=homepage&error=none&screenres=1280x1024&viewres=1280x939&click1=undefined&click2=undefined&click3=undefined&click4=undefined&title=GMX%3A%20E-Mail-Adresse%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten&pageurl=http%3A%2F%2Fwww.camperpuro.com%2Flogin.gmx.net%2Fapps%2FCustomerService%2Findexx.htm&wa_extra=undefined&prv_mode=false&tb_kid=undefined&tb_mode=undefined&tb_var=undefined&tb_brand=test&tb_bbrowser=undefined&tb_version=undefined&tb_accc=undefined&lvts=20180809&segment=1&consentLevel=0&size=col4&av=default&at=billboard_billboard&ts=1675828070621
IP 82.165.229.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gmx/gmx/s?name=homepage.startseite.event.update&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&category=homepage&error=none&screenres=1280x1024&viewres=1280x939&click1=undefined&click2=undefined&click3=undefined&click4=undefined&title=GMX%3A%20E-Mail-Adresse%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten&pageurl=http%3A%2F%2Fwww.camperpuro.com%2Flogin.gmx.net%2Fapps%2FCustomerService%2Findexx.htm&wa_extra=undefined&prv_mode=false&tb_kid=undefined&tb_mode=undefined&tb_var=undefined&tb_brand=test&tb_bbrowser=undefined&tb_version=undefined&tb_accc=undefined&lvts=20180809&segment=1&consentLevel=0&size=col4&av=default&at=billboard_billboard&ts=1675828070621 HTTP/1.1
Host: wa.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:46:58 GMT
Server: Apache
Set-Cookie: wa=opt-out; path=/; domain=.wa.ui-portal.de; expires=Thu, 08-Feb-2024 03:46:58 GMT; secure; HttpOnly
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
P3P: CP="this is not a p3p policy"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/gif
wa.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.billboard_billboard&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&teaser=hero,0,33108310|hero,1,33108496|hero,2,33106102|hero,3,33096090|hero,4,33108244|hero,5,33108838|topVideosTeaser,0,33075190|topVideosTeaser,1,33108302|topVideosTeaser,2,33107670|topVideosTeaser,3,33107092|pointOfViewTeaser,0,33109092|pointOfViewTeaser,1,33108676|pointOfViewTeaser,2,33108982&ts=1675828070628
82.165.229.54200 OK 43 B URL HTTP/1.1 wa.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.billboard_billboard&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&teaser=hero,0,33108310|hero,1,33108496|hero,2,33106102|hero,3,33096090|hero,4,33108244|hero,5,33108838|topVideosTeaser,0,33075190|topVideosTeaser,1,33108302|topVideosTeaser,2,33107670|topVideosTeaser,3,33107092|pointOfViewTeaser,0,33109092|pointOfViewTeaser,1,33108676|pointOfViewTeaser,2,33108982&ts=1675828070628
IP 82.165.229.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gmx/gmx/s?name=homepage.startseite.event.billboard_billboard&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&teaser=hero,0,33108310|hero,1,33108496|hero,2,33106102|hero,3,33096090|hero,4,33108244|hero,5,33108838|topVideosTeaser,0,33075190|topVideosTeaser,1,33108302|topVideosTeaser,2,33107670|topVideosTeaser,3,33107092|pointOfViewTeaser,0,33109092|pointOfViewTeaser,1,33108676|pointOfViewTeaser,2,33108982&ts=1675828070628 HTTP/1.1
Host: wa.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:46:58 GMT
Server: Apache
Set-Cookie: wa=opt-out; path=/; domain=.wa.ui-portal.de; expires=Thu, 08-Feb-2024 03:46:58 GMT; secure; HttpOnly
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
P3P: CP="this is not a p3p policy"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: image/gif
img.ui-portal.de/homepage/img/gmx/icons/arrow-up-24x24.png
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/arrow-up-24x24.png
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/arrow-up-24x24.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/arrow-up-24x24.png
Server: BigIP
Content-Length: 0
Cache-Control: max-age=600
Date: Wed, 08 Feb 2023 03:46:58 GMT
Connection: keep-alive
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(billboard_rotation)layoutclass(b)&ac=1&wi=3215969845&ref=&external_uid=undefined&uid_stable=undefined&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=billboard_rotation&prf%5Blayoutclass%5D=b&prf%5Bexternal_uid%5D=undefined&prf%5Bnguserid%5D=undefined&prf%5Bconsentlevel%5D=0&prf%5Boptout%5D=0&optout=0&prf%5Bbusterid%5D=2188480&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Brtb_oms%5D=1
85.114.159.112404 Not Found 4.7 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(billboard_rotation)layoutclass(b)&ac=1&wi=3215969845&ref=&external_uid=undefined&uid_stable=undefined&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=billboard_rotation&prf%5Blayoutclass%5D=b&prf%5Bexternal_uid%5D=undefined&prf%5Bnguserid%5D=undefined&prf%5Bconsentlevel%5D=0&prf%5Boptout%5D=0&optout=0&prf%5Bbusterid%5D=2188480&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Brtb_oms%5D=1
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type Unicode text, UTF-8 text, with very long lines (604)
Hash 0bf3b7a4a594506e8d3fd3c5cd68a24f
40bbf6ffd40810a028b6791380b6381e9698dcca
07b94fca2d76b2a36f7fcdb4475eadaa31b1f30d99e897c8c8783fdd762d22e0
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(billboard_rotation)layoutclass(b)&ac=1&wi=3215969845&ref=&external_uid=undefined&uid_stable=undefined&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=billboard_rotation&prf%5Blayoutclass%5D=b&prf%5Bexternal_uid%5D=undefined&prf%5Bnguserid%5D=undefined&prf%5Bconsentlevel%5D=0&prf%5Boptout%5D=0&optout=0&prf%5Bbusterid%5D=2188480&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Brtb_oms%5D=1 HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/plain
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
content-encoding: gzip
X-Firefox-Spdy: h2
js.ui-portal.de/cd/display/1.6/gmx.net/display.css
2.18.172.165200 OK 6.6 kB URL HTTP/2 js.ui-portal.de/cd/display/1.6/gmx.net/display.css
IP 2.18.172.165:0
File type Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 4b457bee04b0d216be02266e7e4debd8
53244e8cf1df364b5fa70606bb6e97432e32bd47
dab3bc226b2f4c766c7eda39427fd0b3fe561f7272567d8ea37b77d1258cac8b
GET /cd/display/1.6/gmx.net/display.css HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.ui-portal.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jul 2020 16:31:37 GMT
etag: "a101-5a98c0f1a54e5"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 6649
content-type: text/css
cache-control: public, max-age=1143
date: Wed, 08 Feb 2023 03:46:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/cat/gmx/produkte/browser/check/prodigy.png
2.18.172.165200 OK 2.6 kB URL HTTP/2 img.ui-portal.de/cat/gmx/produkte/browser/check/prodigy.png
IP 2.18.172.165:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash ae67d56e92e8fee7e4fadfb67fdcf36a
edad0a2eb2786da610bed53c5a92989c9f22de59
bd648de77ddaceff0d72c4128bbea867a47fc745c51650d74811a6c0508fb00d
GET /cat/gmx/produkte/browser/check/prodigy.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.ui-portal.de/fallback/browser/check/gmr.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526741496339%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526741037587%26sid%3D3590325%26kid%3D3039212%26bid%3D14873350%26c%3D18421%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Oct 2021 08:57:50 GMT
etag: "a2a-5cdab5738df80"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-length: 2602
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1229
date: Wed, 08 Feb 2023 03:46:58 GMT
X-Firefox-Spdy: h2
js.ui-portal.de/cd/display/1.6/gmx.net/display.js
2.18.172.165200 OK 469 B URL HTTP/2 js.ui-portal.de/cd/display/1.6/gmx.net/display.js
IP 2.18.172.165:0
File type ASCII text, with very long lines (330), with CRLF, LF line terminators
Hash 67e41000574c696552dd102250a4ea13
154f5a29b8fd007b70cb3b480adc37918ab68339
52bf5ce4816a2daf0d6c46662bb989af984b0664894b70a2165a9adf84bb5803
GET /cd/display/1.6/gmx.net/display.js HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.ui-portal.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jul 2020 16:31:37 GMT
etag: "316-5a98c0f1baca9"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 469
content-type: application/javascript
cache-control: public, max-age=1260
date: Wed, 08 Feb 2023 03:46:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/fallback/anf/prodigy/Hardware/prodigy_v2_visual.png
2.18.172.165200 OK 96 kB URL HTTP/2 img.ui-portal.de/fallback/anf/prodigy/Hardware/prodigy_v2_visual.png
IP 2.18.172.165:0
File type PNG image data, 970 x 600, 8-bit/color RGBA, non-interlaced\012- data
Hash 8625250959a3d5d51b28839745343f70
ab5b682178b7ee8c92d2537bfce25a2e1845fcd0
d26a4cecf0eb1b3659fd15edf6d633be4958607762596f48bb9eb8fb25bdcce2
GET /fallback/anf/prodigy/Hardware/prodigy_v2_visual.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.ui-portal.de/fallback/anf/2023/Januar/hw/g/mr.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526741627411%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526741168659%26sid%3D3590327%26kid%3D3040622%26bid%3D17367672%26c%3D5707%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 30 Jan 2023 09:59:56 GMT
etag: "178ea-5f37846fa7f00"
server: Apache
accept-ranges: bytes
content-length: 96490
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=881
date: Wed, 08 Feb 2023 03:46:58 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/hint-24x24-white.svg
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/homepage/img/gmx/icons/hint-24x24-white.svg
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /homepage/img/gmx/icons/hint-24x24-white.svg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/homepage/img/gmx/icons/hint-24x24-white.svg
Server: BigIP
Content-Length: 0
Cache-Control: max-age=576
Date: Wed, 08 Feb 2023 03:46:58 GMT
Connection: keep-alive
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_10)layoutclass(b)&ac=13&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_10&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 330 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_10)layoutclass(b)&ac=13&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_10&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Size 330 kB (329552 bytes)
Hash 59763ae1e3f5eeb8d1f1eee53ba62288
63203ef3b8265ddf6b5fe58994616cb728225e90
20d98aa91515fc8bca94c418451912205d7dce4190c82adf2eb8a38334847594
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_10)layoutclass(b)&ac=13&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_10&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526744183315; expires=Tue, 09-May-2023 04:46:57 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
js.ui-portal.de/cd/display/2.2.0/gmx.net/display.css
2.18.172.165200 OK 8.1 kB URL HTTP/2 js.ui-portal.de/cd/display/2.2.0/gmx.net/display.css
IP 2.18.172.165:0
File type Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash fed1515747ed8d1d00be437cc72a841f
bbf8e8b0dfc5f1ec3c1f7ead1a0cd7e8decd9228
43b5464642c40d2f9b5bf4f5e831831028a77c3ca13909629bd559c8ed31b62e
GET /cd/display/2.2.0/gmx.net/display.css HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.ui-portal.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Aug 2022 12:51:00 GMT
etag: "bd4a-5e6fc22010d93"
server: Apache
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 8101
content-type: text/css
cache-control: public, max-age=1649
date: Wed, 08 Feb 2023 03:46:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
54.230.111.210200 OK 2.7 kB URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 54.230.111.210:0
Hash cc82192cc152b6b3a98997812c515c94
0e75758c79ce93266b00c577bdde5d1a0f5877e5
cdea753b609b576611cecacc4aabefce7f0e94758c1c16124e4d70e7811862e5
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dl.gmx.net
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 03 Feb 2023 23:37:41 GMT
x-amz-version-id: UbKifkjYJEpp9kioi5dZ9KFE2QW1MpFD
server: AmazonS3
content-encoding: gzip
date: Tue, 07 Feb 2023 23:38:09 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O17PGonZbAWN8lOW-xAV8NOetFypDX8YHkr55OMZEehcIxTGPZdTzw==
age: 14953
X-Firefox-Spdy: h2
js.ui-portal.de/cd/display/2.1.1/gmx.net/display.css
2.18.172.165200 OK 8.1 kB URL HTTP/2 js.ui-portal.de/cd/display/2.1.1/gmx.net/display.css
IP 2.18.172.165:0
File type Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 398c297c72f2df812d43266e56a549ba
04ac0c74a37f726115e3150c17aea68ccb760f48
a1e4e5a1a884fb36a51534cb629372cfcc4e57f8359751119daac651098b08cb
GET /cd/display/2.1.1/gmx.net/display.css HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.ui-portal.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Jul 2021 10:31:34 GMT
etag: "bd01-5c69a28b9a283"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 8091
content-type: text/css
cache-control: public, max-age=1736
date: Wed, 08 Feb 2023 03:46:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
54.230.111.210200 OK 48 kB URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 54.230.111.210:0
File type ASCII text, with very long lines (65457)
Hash c0b52ec05eba41065454c6df79c024c5
6b91e04d293d659fe18a34b056c7a1377592e6dd
99ce6bcb1bc6a8ad0116e310f6117c2f06f6789939e4d9e182291319e8ae1d42
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 08 Feb 2023 02:59:27 GMT
last-modified: Wed, 01 Feb 2023 21:25:54 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
etag: W/"ca579f2de02c4700bc4fa6f925ed06a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: hNX-LKcsZF5g7mH-bfXDyJC-IWXPOGRRKRKJIB8JP8edEjrLh8DlLA==
age: 2851
X-Firefox-Spdy: h2
js.ui-portal.de/cd/display/2.1.1/gmx.net/display.js
2.18.172.165200 OK 2.9 kB URL HTTP/2 js.ui-portal.de/cd/display/2.1.1/gmx.net/display.js
IP 2.18.172.165:0
File type ASCII text, with CRLF, LF line terminators
Hash ba829c8ffe45cf88515e379de8ea3bcb
74c86695c9fb689cc9f8fe3ab73f06ef9fcac892
1b5c3c0164716b01c2d69505b38c5508aea2cb77077a5a52fe875904dfbf8465
GET /cd/display/2.1.1/gmx.net/display.js HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.ui-portal.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Jul 2021 10:31:34 GMT
etag: "2a8f-5c69a28bacb69"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 2920
content-type: application/javascript
cache-control: public, max-age=1612
date: Wed, 08 Feb 2023 03:46:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
js.ui-portal.de/contentprovider/contents/lotteries/eurojackpot
2.18.172.165200 OK 0 B URL HTTP/2 js.ui-portal.de/contentprovider/contents/lotteries/eurojackpot
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /contentprovider/contents/lotteries/eurojackpot HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://img.ui-portal.de/
Origin: https://img.ui-portal.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: Apache
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET
access-control-allow-headers: origin,x-requested-with,accept
content-length: 0
cache-control: max-age=600
date: Wed, 08 Feb 2023 03:46:58 GMT
X-Firefox-Spdy: h2
js.ui-portal.de/contentprovider/contents/lotteries/sixoutof49
2.18.172.165200 OK 0 B URL HTTP/2 js.ui-portal.de/contentprovider/contents/lotteries/sixoutof49
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /contentprovider/contents/lotteries/sixoutof49 HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://img.ui-portal.de/
Origin: https://img.ui-portal.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: Apache
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET
access-control-allow-headers: origin,x-requested-with,accept
content-length: 0
cache-control: max-age=552
date: Wed, 08 Feb 2023 03:46:58 GMT
X-Firefox-Spdy: h2
adimg.uimserv.net/EIGENWERBUNG/GMX/AllNetFlat/2018/August/Banner/gmx_allnet_billboard_dyn.gif
2.18.172.165200 OK 38 kB URL HTTP/2 adimg.uimserv.net/EIGENWERBUNG/GMX/AllNetFlat/2018/August/Banner/gmx_allnet_billboard_dyn.gif
IP 2.18.172.165:0
File type GIF image data, version 89a, 970 x 250\012- data
Hash 39323287e142ff947e5d0ac8fec3b2ba
ff491274974f3dca741f9316474de4e3f05cd706
59cac7b46f10003419265b568314ff9ec4b736cb76d27121b7cda1d5b8b8a1b3
GET /EIGENWERBUNG/GMX/AllNetFlat/2018/August/Banner/gmx_allnet_billboard_dyn.gif HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 26 Jul 2018 07:58:26 GMT
etag: "94da-571e25c32a753-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 08 Feb 2024 03:46:58 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 37883
content-type: image/gif
date: Wed, 08 Feb 2023 03:46:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
js.ui-portal.de/contentprovider/contents/lotteries/eurojackpot
2.18.172.165200 OK 140 B URL HTTP/2 js.ui-portal.de/contentprovider/contents/lotteries/eurojackpot
IP 2.18.172.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99f58d4cf6b244b1652ef51f1c0d3f1e
1b568243033576a9dd969785371e44fcabd5e744
de3166a92accddf7d0296244723ea3d408c661dd0877494763447e1bdd4dfa7c
GET /contentprovider/contents/lotteries/eurojackpot HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.ui.contentprovider.lottery-v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://img.ui-portal.de
Connection: keep-alive
Referer: https://img.ui-portal.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: Apache
access-control-allow-origin: *
x-ui-version: 11.72.4/11.72.4
content-md5: 9LRB+lfSaugiF/JQDp9DMg==
x-content-type-options: nosniff
content-type: application/vnd.ui.contentprovider.lottery-v1+json;charset=UTF-8
content-encoding: gzip
content-length: 140
cache-control: public, max-age=60
date: Wed, 08 Feb 2023 03:46:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
js.ui-portal.de/contentprovider/contents/lotteries/sixoutof49
2.18.172.165200 OK 141 B URL HTTP/2 js.ui-portal.de/contentprovider/contents/lotteries/sixoutof49
IP 2.18.172.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a0e2ea60763e963ff2afcd60c9838512
10a0f624d25a855609727c2bea504942a59335b6
b196b9ce6a156b0d095c3b24936cc26078747b8c619d53718a31e17a9ce6db5d
GET /contentprovider/contents/lotteries/sixoutof49 HTTP/1.1
Host: js.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.ui.contentprovider.lottery-v1+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://img.ui-portal.de
Connection: keep-alive
Referer: https://img.ui-portal.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: Apache
access-control-allow-origin: *
x-ui-version: 11.72.4/11.72.4
content-md5: WXM4SsRgh9R3LY1klpIi4g==
x-content-type-options: nosniff
content-type: application/vnd.ui.contentprovider.lottery-v1+json;charset=UTF-8
content-encoding: gzip
content-length: 141
cache-control: public, max-age=57
date: Wed, 08 Feb 2023 03:46:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img.ui-portal.de/gmx/favicon.ico
2.18.172.165200 OK 5.6 kB URL HTTP/2 img.ui-portal.de/gmx/favicon.ico
IP 2.18.172.165:0
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash c4bb7467c66d5f443fad8493dba93cfd
9f2e7e742bd9d9c06275448a6784c16d65ff2a10
ab4c578a269cdf1d0a987999bf97f6878e0705a8b3859087b8c082114838d52d
GET /gmx/favicon.ico HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Jan 2018 10:09:40 GMT
etag: "90be-563fb8f8ee100"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
content-length: 5632
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=1
date: Wed, 08 Feb 2023 03:46:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(oms_x)layoutclass(b)&ac=16&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=oms_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bslider%5D=1&prf%5Bvers%5D=hp4&prf%5Bpos%5D=2&prf%5Bhpevent%5D=1&prf%5Bhpeventid%5D=2188480
85.114.159.112404 Not Found 54 B URL HTTP/1.1 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(oms_x)layoutclass(b)&ac=16&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=oms_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bslider%5D=1&prf%5Bvers%5D=hp4&prf%5Bpos%5D=2&prf%5Bhpevent%5D=1&prf%5Bhpeventid%5D=2188480
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type ASCII text, with no line terminators
Hash 74425774cff0c554d7dc2e7d6c890f5a
b2a5542a4323246a031c010169699c41e06d6fe1
09a9250bc31f438bb1535529c50219ebfb656774a3b20aca1f4ca741db1a3532
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(oms_x)layoutclass(b)&ac=16&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=oms_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bslider%5D=1&prf%5Bvers%5D=hp4&prf%5Bpos%5D=2&prf%5Bhpevent%5D=1&prf%5Bhpeventid%5D=2188480 HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 404 Not Found
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: ADITIONSERVER v1.0
Date: Wed, 08 Feb 2023 04:46:58 +0100
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d4749a51dd329695e7a07525096f5e31
508690298abdb7381ca8144aea2f36f629420779
b3f1c4d57a89e234b9823e5f789ccc3223fd7b0e7b5cc2322b80e429eff96ee9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5048
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:46:58 GMT
Last-Modified: Wed, 08 Feb 2023 02:22:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c966d7a1b1f96a5cafb8deb9c05738c8
ba69a17a9d60b5d1dfa69d9448b20a44a572e8d1
d61a1766a4fa085c82c39d8890ee32918a3da93d85f158954dc7a70de72a58bc
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5129
Cache-Control: max-age=122956
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:46:58 GMT
Etag: "63e24476-1d7"
Expires: Thu, 09 Feb 2023 13:56:14 GMT
Last-Modified: Tue, 07 Feb 2023 12:30:46 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
img.ui-portal.de/cms/gmx/produkte/lotto/2022/20220622/lotto_n/mr.jpg
2.18.172.165200 OK 37 kB URL HTTP/2 img.ui-portal.de/cms/gmx/produkte/lotto/2022/20220622/lotto_n/mr.jpg
IP 2.18.172.165:0
File type JPEG image data, baseline, precision 8, 300x250, components 3\012- data
Hash 960757b7ba2ae6380154293c8c63228d
bc1aae3b5c8f4402aa99559a79ecf972fba1a4ef
6e275eafa1ede038f3750cbfa0fd8dc2b06ba55021e868d955a32363e576c481
GET /cms/gmx/produkte/lotto/2022/20220622/lotto_n/mr.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.ui-portal.de/fallback/lotto/2022/04_2022_lo/mr_c_lotto_gmx.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526741824019%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526741234195%26sid%3D3840582%26kid%3D2215476%26bid%3D16005615%26c%3D14456%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 10:28:32 GMT
etag: "91f1-5e26b61b23400"
server: Apache
accept-ranges: bytes
content-length: 37361
x-robots-tag: noindex
content-type: image/jpeg
cache-control: public, max-age=641
date: Wed, 08 Feb 2023 03:46:58 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Medium-webfont.woff
2.18.172.165200 OK 25 kB URL HTTP/2 img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Medium-webfont.woff
IP 2.18.172.165:0
File type Web Open Font Format, TrueType, length 25048, version 1.0\012- data
Hash b9d01ac1742192a7c9d30f3fe346a9f4
7936f9a6690c04cec20cdd3b270bda83a613582b
8ca845a97256742debfc82004246fe03d97da1aae5b41b691b23d90b70df3910
GET /ci/gmx/global/fonts/roboto/Roboto-Medium-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://img.ui-portal.de/fallback/lotto/2022/04_2022_lo/mr_c_lotto_gmx.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526741824019%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526741234195%26sid%3D3840582%26kid%3D2215476%26bid%3D16005615%26c%3D14456%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Feb 2014 04:45:46 GMT
etag: "61d8-4f35bfe9b3280-gzip"
unused62: 8096267
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=1444028
date: Wed, 08 Feb 2023 03:46:58 GMT
content-length: 25048
X-Firefox-Spdy: h2
img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff
2.18.172.165200 OK 25 kB URL HTTP/2 img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff
IP 2.18.172.165:0
File type Web Open Font Format, TrueType, length 25268, version 1.0\012- data
Hash 87dc856a4038eba42eb5bcf49ff85712
6a2aac951a11fc3523ca98e5df98b28de21c90d8
7ec51beb961db2999fe41a96a3212edc51d9aeeec5c9d374e39c7313d183d8a6
GET /ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://img.ui-portal.de/fallback/lotto/2022/04_2022_lo/mr_c_lotto_gmx.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626526741824019%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626526741234195%26sid%3D3840582%26kid%3D2215476%26bid%3D16005615%26c%3D14456%26keyword%3D%26sr%3D175%26gk%3D0%26mdev%3D0%26clickurl%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Feb 2014 04:45:48 GMT
etag: "62b4-4f35bfeb9b700-gzip"
unused62: 8096267
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=1444093
date: Wed, 08 Feb 2023 03:46:58 GMT
content-length: 25268
X-Firefox-Spdy: h2
de.ioam.de/tx.io?st=gmx&cp=264&sv=ke&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.camperpuro.com&xy=1280x1024x24&cb=8004&vr=424&id=8r4ooy&i3=nocookie&n1=2&dntt=0<=1675828069176&ev=&cs=jjlbv0&mo=0
91.215.103.65302 Found 0 B URL HTTP/1.1 de.ioam.de/tx.io?st=gmx&cp=264&sv=ke&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.camperpuro.com&xy=1280x1024x24&cb=8004&vr=424&id=8r4ooy&i3=nocookie&n1=2&dntt=0<=1675828069176&ev=&cs=jjlbv0&mo=0
IP 91.215.103.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tx.io?st=gmx&cp=264&sv=ke&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.camperpuro.com&xy=1280x1024x24&cb=8004&vr=424&id=8r4ooy&i3=nocookie&n1=2&dntt=0<=1675828069176&ev=&cs=jjlbv0&mo=0 HTTP/1.1
Host: de.ioam.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 Feb 2023 03:46:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: BLACKBIRD-RCV v2.01.1 0026
Set-Cookie: i00=0026ccab2531b469663e31b320001%3B63e31b32%3B6564b381; expires=Mon, 27-Nov-2023 15:19:29 GMT; Max-Age=25270351; path=/; domain=ioam.de; secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Tue, 08 Feb 2022 03:46:58 GMT
Last-Modified: Wed, 08 Feb 2023 03:46:58 GMT
Location: /tx.io?st=gmx&cp=264&sv=ke&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.camperpuro.com&xy=1280x1024x24&cb=8004&vr=424&id=8r4ooy&i3=nocookie&n1=2&dntt=0<=1675828069176&ev=&cs=jjlbv0&mo=0&sr=71
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
img.ui-portal.de/homepage/img/gmx/icons/arrow-up-24x24.png
2.18.172.165200 OK 576 B URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/arrow-up-24x24.png
IP 2.18.172.165:0
File type PNG image data, 24 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash f2875857dade2a070c71433df78d8b83
7ca798a5b954d8836140a1f5a72b474da2a6e51d
09decfaefa268bccbb59b83c68664e6bedd719eeb5fc0075944839880f54ad9b
GET /homepage/img/gmx/icons/arrow-up-24x24.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "240-5661c4192ab7f"
last-modified: Mon, 26 Feb 2018 12:00:28 GMT
accept-ranges: bytes
content-length: 576
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=1800
date: Wed, 08 Feb 2023 03:46:58 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/homepage/img/gmx/icons/hint-24x24-white.svg
2.18.172.165200 OK 349 B URL HTTP/2 img.ui-portal.de/homepage/img/gmx/icons/hint-24x24-white.svg
IP 2.18.172.165:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (533), with no line terminators
Hash d732280cdc5fc612231c91fb8332c5a7
23590c1819ca99c09dcf2962bdd0bfe793a3aab2
789de43e66d900adf73eabf6b88667ad733f6ba4694461458de7353d3099052d
GET /homepage/img/gmx/icons/hint-24x24-white.svg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 17 May 2018 13:18:50 GMT
etag: "215-56c66ad1ef4e3-gzip"
accept-ranges: bytes
content-encoding: gzip
x-robots-tag: noindex
access-control-allow-origin: *
content-length: 349
content-type: image/svg+xml
cache-control: public, max-age=1780
date: Wed, 08 Feb 2023 03:46:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_3)layoutclass(b)&ac=7&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_3&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 26 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_3)layoutclass(b)&ac=7&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_3&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Hash fcf283958e444af771c1702262edc4c1
05eec2b6510438f4ca6ae836ada09585420182f1
8d96814f927ce214b918626b98857867f6a29642d8b9b0bdbcc0e9a4a705250c
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_3)layoutclass(b)&ac=7&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_3&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526740972051; expires=Tue, 09-May-2023 04:46:56 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Bold-webfont.woff
2.18.172.165200 OK 25 kB URL HTTP/2 img.ui-portal.de/ci/gmx/global/fonts/roboto/Roboto-Bold-webfont.woff
IP 2.18.172.165:0
File type Web Open Font Format, TrueType, length 24808, version 1.0\012- data
Hash 8b18d65d6824460ad37616723e493bcd
da4032f9e0a9753489a58f81bf02930ed6952e04
c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7
GET /ci/gmx/global/fonts/roboto/Roboto-Bold-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://js.ui-portal.de/cd/display/2.1.1/gmx.net/display.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Feb 2014 04:45:46 GMT
etag: "60e8-4f35bfe9b3280-gzip"
unused62: 8096267
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=366716
date: Wed, 08 Feb 2023 03:46:58 GMT
content-length: 24808
X-Firefox-Spdy: h2
img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Light-webfont.woff
2.18.172.165200 OK 19 kB URL HTTP/2 img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Light-webfont.woff
IP 2.18.172.165:0
File type Web Open Font Format, TrueType, length 18880, version 2.137\012- data
Hash 65ef01dd5f041403d0b7357619a1f447
ed6c6ebbe03deb3cb59891cf28b57cca1f720b53
4cde34c1e366e3d7625d453914da07e72c137c195ec9191db06f41775e65a01b
GET /ci/gmx/global/fonts/roboto/RobotoCondensed-Light-webfont.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://js.ui-portal.de/cd/display/1.6/gmx.net/display.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Jul 2017 09:59:36 GMT
etag: "49c0-5549492a91200-gzip"
unused62: 8096267
server: Apache
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=1760096
date: Wed, 08 Feb 2023 03:46:58 GMT
content-length: 18880
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(slider_1_x)layoutclass(b)&ac=17&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=slider_1_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bpos%5D=2
85.114.159.112404 Not Found 54 B URL HTTP/1.1 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(slider_1_x)layoutclass(b)&ac=17&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=slider_1_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bpos%5D=2
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type ASCII text, with no line terminators
Hash 74425774cff0c554d7dc2e7d6c890f5a
b2a5542a4323246a031c010169699c41e06d6fe1
09a9250bc31f438bb1535529c50219ebfb656774a3b20aca1f4ca741db1a3532
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(slider_1_x)layoutclass(b)&ac=17&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=slider_1_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bpos%5D=2 HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 404 Not Found
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: ADITIONSERVER v1.0
Date: Wed, 08 Feb 2023 04:46:58 +0100
Content-Encoding: gzip
de.ioam.de/tx.io?st=gmx&cp=264&sv=ke&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.camperpuro.com&xy=1280x1024x24&cb=8004&vr=424&id=8r4ooy&i3=nocookie&n1=2&dntt=0<=1675828069176&ev=&cs=jjlbv0&mo=0&sr=71
91.215.103.65302 Found 0 B URL HTTP/1.1 de.ioam.de/tx.io?st=gmx&cp=264&sv=ke&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.camperpuro.com&xy=1280x1024x24&cb=8004&vr=424&id=8r4ooy&i3=nocookie&n1=2&dntt=0<=1675828069176&ev=&cs=jjlbv0&mo=0&sr=71
IP 91.215.103.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tx.io?st=gmx&cp=264&sv=ke&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.camperpuro.com&xy=1280x1024x24&cb=8004&vr=424&id=8r4ooy&i3=nocookie&n1=2&dntt=0<=1675828069176&ev=&cs=jjlbv0&mo=0&sr=71 HTTP/1.1
Host: de.ioam.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 Feb 2023 03:46:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: BLACKBIRD-RCV v2.01.1 0026
Set-Cookie: i00=0026f5c7e8dbe5b5f63e31b320001%3B63e31b32%3B65593161; expires=Sat, 18-Nov-2023 21:49:21 GMT; Max-Age=24516143; path=/; domain=ioam.de; secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Tue, 08 Feb 2022 03:46:58 GMT
Last-Modified: Wed, 08 Feb 2023 03:46:58 GMT
Location: /blank.gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_9)layoutclass(b)&ac=11&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_9&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 2.4 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_9)layoutclass(b)&ac=11&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_9&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Hash 318fad3da7248bed18f818bfef44f3df
ba61dc88025b61f19fe0fa761e4dd990c51d2a5e
eed455677de457f96c155f470743499833ddc4b177968d5813fff2a99a7e2e55
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_9)layoutclass(b)&ac=11&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_9&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526742479379; expires=Tue, 09-May-2023 04:46:57 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash 658245c9896488cee9b8a60cebb1f230
9ae322c328cc3b2a0e7982d63e25a7c5c5cf8557
1f92196315f5727220d6028a8c61af3d0e5904a1e012377e7ec1d5bbd56cc3c1
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 12 Feb 2023 02:16:21 GMT
ETag: "9ae322c328cc3b2a0e7982d63e25a7c5c5cf8557"
Last-Modified: Wed, 08 Feb 2023 02:16:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 08 Feb 2023 03:46:58 GMT
Age: 5436
X-Served-By: cache-qpg1246-QPG, cache-bma1656-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 27, 1
X-Timer: S1675828019.780673,VS0,VE1
track.adform.net/adfserve/?bn=20766202;1x1inv=1;srctype=3;ord=6587716311443702671
37.157.6.233302 Found 283 B URL HTTP/2 track.adform.net/adfserve/?bn=20766202;1x1inv=1;srctype=3;ord=6587716311443702671
IP 37.157.6.233:0
Hash 611a4da19bdb8c9aef9661a7570f7511
0460cd75a82561d0165b6707b6679823b9ef50a4
a3746c8b2aa903d103fbeaabb2b244c7312e33abbe4c30f2b08e20c6a50bf4d5
GET /adfserve/?bn=20766202;1x1inv=1;srctype=3;ord=6587716311443702671 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 03:46:58 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=20766202;1x1inv=1;srctype=3;ord=6587716311443702671
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Mar-2023 03:46:58 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
de.ioam.de/blank.gif
91.215.103.65200 OK 43 B IP 91.215.103.65:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /blank.gif HTTP/1.1
Host: de.ioam.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 03:46:58 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Expires: Thu, 09 Feb 2023 03:46:58 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_1_x)layoutclass(b)&ac=18&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_1_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
85.114.159.112200 OK 2.6 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_1_x)layoutclass(b)&ac=18&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_1_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2158), with CRLF line terminators
Hash e9a80bd78dabbbd5865824f60c379d84
b15168eed3057ca6c508e0274d81cf603ac5754f
8bdccb1c24dd326d300e5d3e2728490b8eaae4cede41a0625f4295fd35914399
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_1_x)layoutclass(b)&ac=18&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_1_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:58 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626531045114387; expires=Tue, 09-May-2023 04:46:58 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_6_x)layoutclass(b)&ac=21&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_6_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
85.114.159.112404 Not Found 1.6 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_6_x)layoutclass(b)&ac=21&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_6_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (464), with CRLF line terminators
Hash d651f9bb2806088f62dc7fe5674b72d8
2bc8c5f9f6cd59ceaf22341a2a8b005e26cfcf33
08182c3041d4ced4795393bd6989cd153a98f027e04b854ad3cd8aca19d588eb
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_6_x)layoutclass(b)&ac=21&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_6_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/plain
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:58 +0100
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_5_x)layoutclass(b)&ac=20&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_5_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
85.114.159.112200 OK 1.1 kB URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_5_x)layoutclass(b)&ac=20&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_5_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Hash dfd439f5452780fd2716ffd6c3d7a216
1b80dfdc03e09b2bbe6c59031d46aea67272878b
f3f0d376837e3ba3369bc2bc55439cd2161a49cb6cf018e26ff3a4e541f3702a
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_5_x)layoutclass(b)&ac=20&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_5_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:58 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626531045245459; expires=Tue, 09-May-2023 04:46:58 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
m.exactag.com/ai.aspx?extPu=tchibo-adform&extCr=21471492&extPm=3431762&extLi=1185292&extProvId=2&rnd=68599
85.14.248.71200 OK 43 B URL HTTP/1.1 m.exactag.com/ai.aspx?extPu=tchibo-adform&extCr=21471492&extPm=3431762&extLi=1185292&extProvId=2&rnd=68599
IP 85.14.248.71:0
ASN #24961 myLoc managed IT AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /ai.aspx?extPu=tchibo-adform&extCr=21471492&extPm=3431762&extLi=1185292&extProvId=2&rnd=68599 HTTP/1.1
Host: m.exactag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Pragma: no-cache
Content-Type: image/gif
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mi, 08 Feb 2023 03:46:59 GMT
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Access-Control-Allow-Origin: http://www.camperpuro.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: *
X-ET-Code: 0
X-ET-Camp: 821
X-ET-Monitoring: 1
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Strict-Transport-Security: max-age=31536000
Set-Cookie: exactag_new_gk=772676e0c61e4e1982c789e6d76c01c8%7c09.04.2023+03%3a46%3a58; expires=Tue, 09-May-2023 03:46:59 GMT; path=/; secure; HttpOnly; SameSite=None
exactag_new_uk=389632b559a14fc78cc360a378d4ab0e%7c; expires=Mon, 07-Aug-2023 03:46:59 GMT; path=/; secure; HttpOnly; SameSite=None
session_session=673e7a9d63084301a3a9d1f7; path=/; secure; HttpOnly; SameSite=None
Date: Wed, 08 Feb 2023 03:46:58 GMT
Connection: close
Content-Length: 43
cross-origin-resource-policy: cross-origin
X-Xss-Protection: 0
X-Content-Type-Options: nosniff
img.ui-portal.de/cms/gmx/produkte/lotto/2022/20220622/ejp_n/mr.jpg
2.18.172.165200 OK 45 kB URL HTTP/2 img.ui-portal.de/cms/gmx/produkte/lotto/2022/20220622/ejp_n/mr.jpg
IP 2.18.172.165:0
File type JPEG image data, baseline, precision 8, 300x250, components 3\012- data
Hash 9b357bec569d848c0184bbd356e2a6bd
3fd023872dca49b7956dc746a1095d7258071999
08d418f7c443a73b27586386dc6aa424b6deb049581bbca9693934fcf52060f8
GET /cms/gmx/produkte/lotto/2022/20220622/ejp_n/mr.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.ui-portal.de/fallback/lotto/2022/03_2022_ejp_jackp/ejp_jp/g_mr_c_ejp.html?ct=https%3A%2F%2Fad11.adfarm1.adition.com%2Fredi%3Flid%3D7197626531045704211%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7197626531045114387%26sid%3D4665766%26kid%3D3339561%26bid%3D15711304%26c%3D2377%26keyword%3D%26sr%3D5%26gk%3D0%26mdev%3D0%26clickurl%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Jun 2022 10:34:43 GMT
etag: "b083-5e206e29a56c0"
server: Apache
accept-ranges: bytes
content-length: 45187
x-robots-tag: noindex
content-type: image/jpeg
cache-control: public, max-age=923
date: Wed, 08 Feb 2023 03:46:59 GMT
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_8_x)layoutclass(b)&ac=22&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_8_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
85.114.159.112404 Not Found 97 B URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_8_x)layoutclass(b)&ac=22&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_8_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
Hash 87862d83ecbf4f58523e16f64f94a706
613635b76226b69d567831cb3ca9023a5dbc8a38
9410bc31d38573c0e48a2001dc926960ba60220b2f31dbcedaa0ba5ffdc91fae
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_8_x)layoutclass(b)&ac=22&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_8_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/plain
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:58 +0100
content-encoding: gzip
X-Firefox-Spdy: h2
nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.beforeRectangleBottom.4&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=4256&_c=0&ts=1675828072511
82.165.229.54200 OK 43 B URL HTTP/1.1 nct.ui-portal.de/gmx/gmx/s?name=homepage.startseite.event.performance.beforeRectangleBottom.4&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=4256&_c=0&ts=1675828072511
IP 82.165.229.54:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gmx/gmx/s?name=homepage.startseite.event.performance.beforeRectangleBottom.4&portal=gmx&country=de&var=default&sample=undefined&pvid=JNV4QPmVeIPgJDUG78W2&login=0&type=hidden&period=4256&_c=0&ts=1675828072511 HTTP/1.1
Host: nct.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:46:59 GMT
Server: Apache
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
P3P: CP="this is not a p3p policy"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=3, max=496
Connection: Keep-Alive
Content-Type: image/gif
img.ui-portal.de/fallback/games/neue_hp/vow_kl_nat_gmx.jpg
2.18.172.165200 OK 14 kB URL HTTP/2 img.ui-portal.de/fallback/games/neue_hp/vow_kl_nat_gmx.jpg
IP 2.18.172.165:0
File type JPEG image data, baseline, precision 8, 300x170, components 3\012- data
Hash 9061eb830caaa035c553d3609dc9b27a
76366e5156e6958c27b4ae5e2f90fe99d9691686
2097e90764fe8efdd869edfdb79e83c53bdbc4c8e782ea4747898ee5165df0be
GET /fallback/games/neue_hp/vow_kl_nat_gmx.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jan 2020 09:20:46 GMT
etag: "3668-59b24b5500ca9"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-length: 13928
x-robots-tag: noindex
content-type: image/jpeg
cache-control: public, max-age=641
date: Wed, 08 Feb 2023 03:46:59 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/fallback/anf/2021/allgemein/gmx_native_teaser_300x170.jpg
2.18.172.165200 OK 6.6 kB URL HTTP/2 img.ui-portal.de/fallback/anf/2021/allgemein/gmx_native_teaser_300x170.jpg
IP 2.18.172.165:0
File type JPEG image data, baseline, precision 8, 300x170, components 3\012- data
Hash 2c35053c9a9e20d3c736886e901e07a0
cd29db03028978650182712677c3d44c8eee0694
2e8e7a8cebdcd45aa1ecc53c572d6e0276ef29175a538da83613ddbddcaaac38
GET /fallback/anf/2021/allgemein/gmx_native_teaser_300x170.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 06 Apr 2020 12:40:19 GMT
etag: "19ee-5a29e91d9b5d9"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-length: 6638
x-robots-tag: noindex
content-type: image/jpeg
cache-control: public, max-age=25
date: Wed, 08 Feb 2023 03:46:59 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/fallback/home2020/gmx/teaser_small/mailcheck_300x170.jpg
2.18.172.165200 OK 14 kB URL HTTP/2 img.ui-portal.de/fallback/home2020/gmx/teaser_small/mailcheck_300x170.jpg
IP 2.18.172.165:0
File type JPEG image data, baseline, precision 8, 300x170, components 3\012- data
Hash f3fe35477a2a2aef43b9a233447560a7
7f7d9d850a3a77705e6c81fd01c07c0d2045ae9c
4e39cff08f0f260b74275038305e7d9fa42dc71da060013b711a14472b2d75ca
GET /fallback/home2020/gmx/teaser_small/mailcheck_300x170.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 Dec 2019 14:50:55 GMT
etag: "3573-5995aa3adf8a2"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-length: 13683
x-robots-tag: noindex
content-type: image/jpeg
cache-control: public, max-age=702
date: Wed, 08 Feb 2023 03:46:59 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/fallback/home2020/gmx/teaser_small/webcent_300x170.jpg
2.18.172.165200 OK 13 kB URL HTTP/2 img.ui-portal.de/fallback/home2020/gmx/teaser_small/webcent_300x170.jpg
IP 2.18.172.165:0
File type JPEG image data, baseline, precision 8, 300x170, components 3\012- data
Hash 57c6dfaf06bf1b293260a1d95e19133e
3b0a3effd2c2501ce874bf0c1641925cd53b9a9b
8504fbd1ff87111679ae6c048e61358a5a3afb446728a750c8d47a07be628f54
GET /fallback/home2020/gmx/teaser_small/webcent_300x170.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 Dec 2019 15:03:22 GMT
etag: "31ab-5995ad03130fb"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-length: 12715
x-robots-tag: noindex
content-type: image/jpeg
cache-control: public, max-age=1553
date: Wed, 08 Feb 2023 03:46:59 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/cms/gmx/produkte/steuersoftware/2023/hpt-s_native_ll.jpg
2.18.172.165200 OK 23 kB URL HTTP/2 img.ui-portal.de/cms/gmx/produkte/steuersoftware/2023/hpt-s_native_ll.jpg
IP 2.18.172.165:0
File type JPEG image data, baseline, precision 8, 300x170, components 3\012- data
Hash 3db8dde8865f6daf1715722edaeb00fc
b0a3bda4936b71e9d7fecc12748939171f83783b
f5c0cbdfd3566657883822143070a8796b2f7df8e2f7d1423330a90b314a9c12
GET /cms/gmx/produkte/steuersoftware/2023/hpt-s_native_ll.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 26 Oct 2022 07:35:53 GMT
etag: "59d1-5ebeb130cc840"
server: Apache
accept-ranges: bytes
content-length: 22993
x-robots-tag: noindex
content-type: image/jpeg
cache-control: public, max-age=1
date: Wed, 08 Feb 2023 03:46:59 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/fallback/browser/check/native.jpg
2.18.172.165200 OK 4.1 kB URL HTTP/2 img.ui-portal.de/fallback/browser/check/native.jpg
IP 2.18.172.165:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 300x170, components 3\012- data
Hash 1fe805be6316afd2cacafa197a30830e
8acdc78ccd91ebf0c79e9b3c98f7c3c550908848
1e0c5a9a18ef0d0ec177843746568271c50da601cb550f288a55b727fc4fc42f
GET /fallback/browser/check/native.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
etag: "fe9-5cf3c5be39e21"
last-modified: Tue, 26 Oct 2021 07:23:50 GMT
unused62: 8096267
accept-ranges: bytes
content-length: 4073
x-robots-tag: noindex
content-type: image/jpeg
cache-control: public, max-age=1775
date: Wed, 08 Feb 2023 03:47:00 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/fallback/lotto/2022/06_2022_ejp/g_hpt_s_ejp_n.png
2.18.172.165200 OK 18 kB URL HTTP/2 img.ui-portal.de/fallback/lotto/2022/06_2022_ejp/g_hpt_s_ejp_n.png
IP 2.18.172.165:0
File type PNG image data, 300 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 1fd4b68f8be0c7fd94d3cf89513e329d
0fded3dab6e806c1ae0fec5637a5165f6e8fde76
0c9d12b4d61c64458419ed8d38ddbbec4a0d04b6e5fc22363687e9e81c4ed8e2
GET /fallback/lotto/2022/06_2022_ejp/g_hpt_s_ejp_n.png HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Jun 2022 09:08:52 GMT
etag: "4634-5e205af945100"
server: Apache
accept-ranges: bytes
content-length: 17972
x-robots-tag: noindex
content-type: image/png
cache-control: public, max-age=609
date: Wed, 08 Feb 2023 03:47:00 GMT
X-Firefox-Spdy: h2
img.ui-portal.de/fallback/home2020/gmx/teaser_small/browser_300x170.jpg
2.18.172.165301 Moved Permanently 0 B URL HTTP/1.1 img.ui-portal.de/fallback/home2020/gmx/teaser_small/browser_300x170.jpg
IP 2.18.172.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fallback/home2020/gmx/teaser_small/browser_300x170.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.camperpuro.com/
HTTP/1.1 301 Moved Permanently
Location: https://img.ui-portal.de/fallback/home2020/gmx/teaser_small/browser_300x170.jpg
Server: BigIP
Content-Length: 0
Cache-Control: max-age=600
Date: Wed, 08 Feb 2023 03:47:00 GMT
Connection: keep-alive
img.ui-portal.de/fallback/home2020/gmx/teaser_small/browser_300x170.jpg
2.18.172.165200 OK 14 kB URL HTTP/2 img.ui-portal.de/fallback/home2020/gmx/teaser_small/browser_300x170.jpg
IP 2.18.172.165:0
File type JPEG image data, baseline, precision 8, 300x170, components 3\012- data
Hash 7317161f33f45a4d832fce06d2223a49
3b6dc0cbb20720b51e7d898ca8c558a7cc5b2f59
29aa71f84430305c4c032e821254f4ea0a8907a16d10bfa76357c97c8dfce579
GET /fallback/home2020/gmx/teaser_small/browser_300x170.jpg HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.camperpuro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 May 2020 10:28:15 GMT
etag: "3594-5a55ccdfc88fc"
server: Apache
unused62: 8096267
accept-ranges: bytes
content-length: 13716
x-robots-tag: noindex
content-type: image/jpeg
cache-control: public, max-age=1
date: Wed, 08 Feb 2023 03:47:00 GMT
X-Firefox-Spdy: h2
adimg.uimserv.net/EIGENWERBUNG/GMX/Systemmechanic/2020/Nativeteaser.jpg
2.18.172.165200 OK 16 kB URL HTTP/2 adimg.uimserv.net/EIGENWERBUNG/GMX/Systemmechanic/2020/Nativeteaser.jpg
IP 2.18.172.165:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash 4df10b3f054fee846a65b74292bfead9
333d3e43faee96845305c479cc927be47366df2d
e5d9bc87d5c6f5ed81c58685450e2335a07e83acf291b95c22521b44546b6904
GET /EIGENWERBUNG/GMX/Systemmechanic/2020/Nativeteaser.jpg HTTP/1.1
Host: adimg.uimserv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Thu, 16 Jan 2020 12:26:30 GMT
etag: "40c8-59c40ef583602-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 16 Apr 2022 09:56:54 GMT
content-encoding: gzip
x-robots-tag: noindex
content-length: 16100
content-type: image/jpeg
unused62: 8096267
date: Wed, 08 Feb 2023 03:47:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_3_x)layoutclass(b)&ac=19&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_3_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
85.114.159.112200 OK 0 B URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_3_x)layoutclass(b)&ac=19&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_3_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_3_x)layoutclass(b)&ac=19&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_3_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:58 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626531045179923; expires=Tue, 09-May-2023 04:46:58 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_billboard)layoutclass(b)&ac=4&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=1&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_billboard&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=1&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Bhpeventid%5D=2188480&prf%5Badsize%5D=300x250&prf%5Bomsbillboard%5D=1&prf%5Brichmedia%5D=false
85.114.159.112404 Not Found 0 B URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_billboard)layoutclass(b)&ac=4&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=1&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_billboard&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=1&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Bhpeventid%5D=2188480&prf%5Badsize%5D=300x250&prf%5Bomsbillboard%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_billboard)layoutclass(b)&ac=4&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=1&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_billboard&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=1&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Bhpeventid%5D=2188480&prf%5Badsize%5D=300x250&prf%5Bomsbillboard%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/plain
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_10_x)layoutclass(b)&ac=24&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_10_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
85.114.159.112404 Not Found 0 B URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_10_x)layoutclass(b)&ac=24&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_10_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_10_x)layoutclass(b)&ac=24&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_10_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/plain
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:58 +0100
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_11_x)layoutclass(b)&ac=25&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_11_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
85.114.159.112404 Not Found 0 B URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_11_x)layoutclass(b)&ac=25&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_11_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_11_x)layoutclass(b)&ac=25&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_11_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/plain
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:58 +0100
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T60.thirdlevel]=1
85.114.159.112302 Found 0 B URL HTTP/2 ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T60.thirdlevel]=1
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
GET /tagging?type=image&network=42&tag[Markierung_T60.thirdlevel]=1 HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.camperpuro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/plain
location: https://imagesrv.adition.com/1x1.gif
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:58 +0100
access-control-allow-origin: *
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
set-cookie: UserID1=7197626531036922387; expires=Tue, 09-May-2023 04:46:57 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_8)layoutclass(b)&ac=11&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_8&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 0 B URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_8)layoutclass(b)&ac=11&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_8&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_8)layoutclass(b)&ac=11&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_8&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526741430803; expires=Tue, 09-May-2023 04:46:56 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_4_x)layoutclass(b)&ac=26&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_4_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
85.114.159.112404 Not Found 0 B URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_4_x)layoutclass(b)&ac=26&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_4_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_4_x)layoutclass(b)&ac=26&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_4_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/plain
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:47:00 +0100
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_billboard_x)layoutclass(b)&ac=27&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=1&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_billboard_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=1&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Bhpeventid%5D=2188480&prf%5Badsize%5D=300x250&prf%5Bomsbillboard%5D=1&prf%5Brichmedia%5D=false
85.114.159.112404 Not Found 0 B URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_billboard_x)layoutclass(b)&ac=27&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=1&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_billboard_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=1&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Bhpeventid%5D=2188480&prf%5Badsize%5D=300x250&prf%5Bomsbillboard%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(rectangle_billboard_x)layoutclass(b)&ac=27&wi=0050665097&ref=&os=17&browser=6&screen_res=5&iframe=1&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=rectangle_billboard_x&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_billboard_4&prf%5Bos%5D=17&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=5&prf%5Biframe%5D=1&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=10.0&prf%5Bcl%5D=fir&prf%5Bclv%5D=105&prf%5Bvpw%5D=1280&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=0050665097&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=2&prf%5Bhpeventid%5D=2188480&prf%5Badsize%5D=300x250&prf%5Bomsbillboard%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/plain
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:47:00 +0100
content-encoding: gzip
X-Firefox-Spdy: h2
ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_9)layoutclass(b)&ac=12&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_9&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
85.114.159.112200 OK 0 B URL HTTP/2 ad11.adfarm1.adition.com/lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_9)layoutclass(b)&ac=12&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_9&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false
IP 85.114.159.112:0
ASN #24961 myLoc managed IT AG
GET /lt?wpt=j&nw=42<=portal(gmx)category(homepage)section(homepage)tagid(box_9)layoutclass(b)&ac=12&wi=3215969845&ref=&os=10&browser=6&screen_res=175&iframe=0&fvers=&external_uid=&uid_stable=&optout=0&prf%5Bportal%5D=gmx&prf%5Bcategory%5D=homepage&prf%5Bsection%5D=homepage&prf%5Btagid%5D=box_9&prf%5Blayoutclass%5D=b&prf%5Bdeviceclass%5D=b&prf%5Bdeviceclient%5D=browser&prf%5Bcategorytype%5D=billboard_4&prf%5Bos%5D=10&prf%5Bbrowser%5D=6&prf%5Bscreen_res%5D=175&prf%5Biframe%5D=0&prf%5Bfvers%5D=&prf%5Bsys%5D=win&prf%5Bsysv%5D=6.1&prf%5Bcl%5D=fir&prf%5Bclv%5D=61&prf%5Bvpw%5D=1366&prf%5Bnet%5D=unknown&prf%5Bexternal_uid%5D=&prf%5Bhid%5D=&prf%5Bnguserid%5D=&prf%5Buids%5D=&prf%5Boptout%5D=0&prf%5Bwi%5D=3215969845&prf%5Bweather_temp%5D=33&prf%5Bweather_condition%5D=2&prf%5Btoolbar%5D=0&prf%5Bbrandedbrowser%5D=0&prf%5BconsentLevel%5D=0&prf%5Bdnt%5D=0&prf%5Bclean%5D=0&prf%5Btpc%5D=0&prf%5Bcolumn%5D=4&prf%5Bwpt%5D=j&prf%5Bpos%5D=1&prf%5Brichmedia%5D=false HTTP/1.1
Host: ad11.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dl.gmx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
server: ADITIONSERVER v1.0
date: Wed, 08 Feb 2023 04:46:57 +0100
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7197626526742544915; expires=Tue, 09-May-2023 04:46:57 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2