germann-touristik.de/
92.51.134.215301 Moved Permanently 300 B IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cfb67a4f77403e336e81595a1fcab5cb
726cade011c8a6b722788e7e379a2a8ef6370fc8
caedcb81f4c1b78a2150bce0232de61a7d4f1c25a35df367d7e1d75bdf163265
GET / HTTP/1.1
Host: germann-touristik.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 03 Sep 2022 19:44:02 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 300
Connection: keep-alive
Location: http://germann.reisen/
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 19:43:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nbQokfkSOJx_LCHZqLSLOy1Pu43COw2Dgk1x_xU4__1ygcTlCmGXaQ==
Age: 51
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6998
Expires: Sat, 03 Sep 2022 21:40:40 GMT
Date: Sat, 03 Sep 2022 19:44:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pjln6CZaMzFTO-2xFzI7uYG_aPGYCkjNZEYHx_ycyOFX6K-7DFYP3Q==
age: 66525
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 19:44:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 03 Sep 2022 19:38:16 GMT
Cache-Control: max-age=3600
Expires: Sat, 03 Sep 2022 19:48:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yxnNiHXQYM1avrwxComyimn2-MWTXUNIhioOwjZOFvQfSv49pXTqFQ==
Age: 347
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fc12f0a98aa28ccb56e0b56d7e40ded
f7efcfb8b4f4aa40268bada3fec380820a70ee35
a34aa9b7db949a583c3f1b4d87fed415a11d119c9615b5e710c3125173f8a277
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5901
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:03 GMT
Last-Modified: Sat, 03 Sep 2022 18:05:43 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
germann.reisen/
5.175.22.217301 Moved Permanently 235 B IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ae293fc6c68be9a16e93b48f48468cc5
37617c6cc3896e1dce6b96124dc60dcec649e203
09f48c39a0f459dab9a63240fbfd2392796934f2327d3bbb5cbd9bb623944491
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Sep 2022 19:44:03 GMT
Server: Apache
Location: https://www.germann.reisen/
Content-Length: 235
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: t94UEHpNPRfZXTfDaSBmZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tiCw2TDUxCmkmCy6efBYl1AnPek=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e75c8e84a61d90734dae69218b7f17e6
d63df35dfc58847de07d57715553387faff55a4a
343f8e852a60ac5baa40587abaf8eae7d50583d56317688b4c667e38f05a4df8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "343F8E852A60AC5BAA40587ABAF8EAE7D50583D56317688B4C667E38F05A4DF8"
Last-Modified: Sat, 03 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 04 Sep 2022 01:44:03 GMT
Date: Sat, 03 Sep 2022 19:44:03 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css
104.17.25.14200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (22251)
Hash 4dbf1735a5370350943bce0dbad5843d
3a9d68ea18c3aa70887283c3c36b154ddd31ced8
b7cd289c437127d58b709dc9999390fe68d378d506a8a31252c74c70597e162e
GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
content-type: text/css; charset=utf-8
content-length: 2880
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-580a"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 17172605
expires: Thu, 24 Aug 2023 19:44:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIFYxi8CXQr5B%2B3xnGjlqRf5RXJGmIchYCH4nTyuy1OBhVncBbFA%2BQ15Oz0BUuTxrTThgZUTFRae3oGSx9w5L25dz%2FtC8gBLr8i80owvLhcvv90f%2BzRZpr8B0C51NJreKy0CQJcz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7450fa5a5d5a0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js
104.17.25.14200 OK 6.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (27931)
Hash beafb90e7e7cb9afd1931dd1ce3d8a6b
ecb8187bf858a727949be0fffbadd1d018e0c169
eabdef01e87e471436dfac8d11edcd16c85d433aa854cdd695165399980ca818
GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.germann.reisen
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 6422
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-6e3e"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8318556
expires: Thu, 24 Aug 2023 19:44:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kojpOHWWdETnE6Hy8FK64M7KubHGqgz5yt7TEk2QyJ5W6jXQdm9LzP%2FEofDTpM9F4HfPHQktaDjPHlEmEyibnHGMspyhd3zGkZel6e8FiNfQrXnOea%2BfhqauLB1VwGpU%2BX3cOR59"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7450fa5a7e2b0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U
IP 142.250.74.3:0
Hash ccc576ad96b06bdcd0aa8505ebc6c7c9
3987c17ef8121704b3188f76542f4d6c85ed3036
8b78f75467e37e60b5d8e88d592048abc34e4ab8b311bc91753baf9c537e7778
POST /s/gts1d4/tkhg_zkCU7U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.germann.reisen/fonts/flaticon/Flaticon.woff2
5.175.22.217200 OK 37 kB URL HTTP/2 www.germann.reisen/fonts/flaticon/Flaticon.woff2
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Hash e97e6acd6d5fae4dfb1b353ddf3dcf0f
186f523c36cdd4d80122ea6daf40106e0ce3e20d
0b56c2c2e69c2334a1881c975f0a1223b73447cd57a13f6b435b239a87de961e
Analyzer Verdict Alert fortinet Phishing
GET /fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 36736
content-type: font/woff2
X-Firefox-Spdy: h2
www.germann.reisen/assets/css/colorpalette.min.css
5.175.22.217200 OK 1.9 kB URL HTTP/2 www.germann.reisen/assets/css/colorpalette.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with very long lines (8960), with CRLF line terminators
Hash 475de567aa0032280982829dcfc11116
4eceb810b11b830494dc13abff7eb578c42c2f0c
e405a2f80f2edb9470ad0a5184108ea934d9e512a8ed7894e60d9d2388ce219b
GET /assets/css/colorpalette.min.css HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Wed, 08 Jul 2020 05:55:56 GMT
etag: "3e89-5a9e7c2ecfd8b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 1898
content-type: text/css
X-Firefox-Spdy: h2
www.germann.reisen/assets/css/color_scheme/customcolor.css
5.175.22.217200 OK 3.1 kB URL HTTP/2 www.germann.reisen/assets/css/color_scheme/customcolor.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with very long lines (582), with CRLF line terminators
Hash 60d56c255a871ae01312cdbdf6ec1e27
8d986fa1d7258c73f1d6d2a043fc0bea80b88ca7
598057d50bdcc975d1742a5b6e8cc49575cb5394cead95b3a4d34aa94ffa97a5
GET /assets/css/color_scheme/customcolor.css HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Sun, 12 Jul 2020 12:43:45 GMT
etag: "4498-5aa3decc0656d-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 3095
content-type: text/css
X-Firefox-Spdy: h2
www.germann.reisen/images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png
5.175.22.217200 OK 16 kB URL HTTP/2 www.germann.reisen/images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 454 x 133, 8-bit colormap, non-interlaced\012- data
Hash 0455fe31c325d7dd343f2850cadf4a94
7c8e5403561010cee48bd0cbd0ca22e9c04be5f1
d1e74da66036dbf70f913bf71757dfb97ad2ce1dc3c974f72306becf8defc349
GET /images/BilderPool/Siegel/DER%20Empfohlenes%20Reiseb%C3%BCro%2016cm.png HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Fri, 07 Jan 2022 08:48:44 GMT
etag: "3f75-5d4fa0df2f661"
accept-ranges: bytes
content-length: 16245
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
x-cache: MISS from www.germann.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.germann.reisen/assets/css/custom.css
5.175.22.217200 OK 3.0 kB URL HTTP/2 www.germann.reisen/assets/css/custom.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type assembler source, ASCII text, with CRLF, LF line terminators
Hash 3f3dcde275d75ccd807e2e5e2f616812
e530d19c468592f6d6b2e217ca8b4b62aa6e5688
476ee261ef6f668eadf94cfffb6d64d227d6ccc1ee23659ab6f29835c61d94ac
GET /assets/css/custom.css HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Wed, 29 Jul 2020 14:42:41 GMT
etag: "3fbb-5ab959162640a-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 2987
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.germann.reisen/assets/css/vendor.swiper.min.css
5.175.22.217200 OK 4.2 kB URL HTTP/2 www.germann.reisen/assets/css/vendor.swiper.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text, with very long lines (21675), with no line terminators
Hash 21888b586f9fd75d444d25f8e118f5d7
3f92c9c4fe3cb925d4e4f78f5af3b681b3c8c9e5
4151ce7b54bb179dd95e4b52465aeb2e0396d1868207e9ba98f8490cb1b352c0
GET /assets/css/vendor.swiper.min.css HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Tue, 07 Jul 2020 09:54:09 GMT
etag: "54b2-5a9d6f907ba36-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 4187
content-type: text/css
X-Firefox-Spdy: h2
www.germann.reisen/assets/images/partnerlogos/DER_Touristik_Partner_4C.svg
5.175.22.217200 OK 1.9 kB URL HTTP/2 www.germann.reisen/assets/images/partnerlogos/DER_Touristik_Partner_4C.svg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 22419f55c0f2cf167b4a7e3ab34ea26d
167d64d34b221ee6fbc745da7d741da6a687f504
b2512ae142a1aea026ab25487c19647bf751141cc2da51529442efbdfb3aac9a
Analyzer Verdict Alert fortinet Phishing
GET /assets/images/partnerlogos/DER_Touristik_Partner_4C.svg HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Wed, 08 Jul 2020 10:57:30 GMT
etag: "11b7-5a9ebf9635a80-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 1874
content-type: image/svg+xml
X-Firefox-Spdy: h2
www.germann.reisen/assets/css/vendor_bundle.min.css
5.175.22.217200 OK 3.8 kB URL HTTP/2 www.germann.reisen/assets/css/vendor_bundle.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (39344)
Hash f95b5a6991b49a2d93a49c25b0507269
7ddba3d5c0fec9763dc37659af52ddc9a5fdb9ca
5c88a4b0439697d533ea190a067005a323d0a9e481b871985ebf30f8b854ed58
GET /assets/css/vendor_bundle.min.css HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:43 GMT
etag: "99c6-5a67923a7b3c0-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 3836
content-type: text/css
X-Firefox-Spdy: h2
app.usercentrics.eu/latest/bundle.js
35.190.14.188200 OK 230 kB URL HTTP/2 app.usercentrics.eu/latest/bundle.js
IP 35.190.14.188:0
File type Unicode text, UTF-8 text, with very long lines (65470)
Size 230 kB (230316 bytes)
Hash 652ef4955d0a1fd3b522b4f21cf9b416
80ef29f0962cba31b5609e11ea2c90826b228916
9e1c3f1f1611295f4a746ee5a4bbd7f0e1726bf1b2d8dbcafe42b8cb2f330aa3
GET /latest/bundle.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduDOrp2J7YBHhyoPOM4sNsTNk0-cQwpiH0Yq76fdaAB9sVSbYS3JsC81UHYw2jvwgIpE0K_xcc-G0vj1XsuW3MrHA
x-goog-generation: 1659355771721227
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 230316
x-goog-meta-version: 2.17.0
content-encoding: gzip
x-goog-hash: crc32c=ILZ2ew==, md5=ZS70lV0KH9O1IrTyHPm0Fg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 230316
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Sat, 03 Sep 2022 12:14:03 GMT
expires: Sun, 04 Sep 2022 12:14:03 GMT
cache-control: public, max-age=86400, no-transform
age: 27001
last-modified: Mon, 01 Aug 2022 12:09:31 GMT
etag: "652ef4955d0a1fd3b522b4f21cf9b416"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.germann.reisen/images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png
5.175.22.217200 OK 15 kB URL HTTP/2 www.germann.reisen/images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 454 x 156, 8-bit colormap, non-interlaced\012- data
Hash 5e41153831859cf6af64b682b586a248
15597ac62ce2440e6e8972a18542567db2bac39b
52d5ee205bc379b3b4f1559493e543d0b29d90d6ef6b89316b69574b808d56f1
GET /images/BilderPool/Siegel/DER%20Kreuzfahrtenprofi%2016cm.png HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Fri, 07 Jan 2022 08:48:44 GMT
etag: "38e4-5d4fa0df3705c"
accept-ranges: bytes
content-length: 14564
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
x-cache: MISS from www.germann.reisen
content-type: image/png
X-Firefox-Spdy: h2
www.germann.reisen/www/germann.reisen/img/logo_WEB.png
5.175.22.217200 OK 29 kB URL HTTP/2 www.germann.reisen/www/germann.reisen/img/logo_WEB.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type PNG image data, 700 x 400, 8-bit colormap, non-interlaced\012- data
Hash f0063df387a82f889d1273e74bd90232
c6ead9b2a889d56a11c05d63de6aa51988976669
7b6589c2773ebc20b74a2001a47dce060977b26c2f81e550b09d977a66f73d46
GET /www/germann.reisen/img/logo_WEB.png HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Wed, 05 May 2021 06:28:50 GMT
accept-ranges: bytes
content-length: 29171
cache-control: max-age=2592000, public
expires: Sun, 04 Sep 2022 19:44:04 GMT
x-cache: MISS from www.germann.reisen
content-type: image/png
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
142.250.74.10200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP 142.250.74.10:0
Hash e56925f92e778d4da6a7779e8058cc30
66db7a138fb24c5708af4b67ffbfcbbf972a943c
0f8a70fce3f053a41d4b453d924a92d9a9b36956bea860ff4503884362e71d52
GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Sep 2022 19:44:04 GMT
date: Sat, 03 Sep 2022 19:44:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c6a18e2fc3ac6f3ce679dff28890963
b6b15faebbbd27d546b0f252a16e756c2ac6d7e2
9891baa674f2832449581fb4073f412d362e3e82082998c472ae401e2043ad96
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9891BAA674F2832449581FB4073F412D362E3E82082998C472AE401E2043AD96"
Last-Modified: Sat, 03 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18918
Expires: Sun, 04 Sep 2022 00:59:22 GMT
Date: Sat, 03 Sep 2022 19:44:04 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/tkhg_zkCU7U
IP 142.250.74.3:0
Hash ccc576ad96b06bdcd0aa8505ebc6c7c9
3987c17ef8121704b3188f76542f4d6c85ed3036
8b78f75467e37e60b5d8e88d592048abc34e4ab8b311bc91753baf9c537e7778
POST /s/gts1d4/tkhg_zkCU7U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c6a18e2fc3ac6f3ce679dff28890963
b6b15faebbbd27d546b0f252a16e756c2ac6d7e2
9891baa674f2832449581fb4073f412d362e3e82082998c472ae401e2043ad96
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9891BAA674F2832449581FB4073F412D362E3E82082998C472AE401E2043AD96"
Last-Modified: Sat, 03 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18828
Expires: Sun, 04 Sep 2022 00:57:52 GMT
Date: Sat, 03 Sep 2022 19:44:04 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 20cc30f2a41f9c5e824ea46460548950
c153b447d44cbbe8f30d7f490605d1a430af20a1
0f8bb96e7dfd8a6bb3d7eae1a958195cb8ca9f20e0ad8cd952c34267ff0625f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12380
Expires: Sat, 03 Sep 2022 23:10:24 GMT
Date: Sat, 03 Sep 2022 19:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5ae3a55842a56986ef4ccd7c4b63dd6
5b870a431d28a28adef350573e702fd50531cc3c
57e6a9fc322b0003bb13eba511b9e8241ffa57a93a3137eb9d6d21d497117091
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57E6A9FC322B0003BB13EBA511B9E8241FFA57A93A3137EB9D6D21D497117091"
Last-Modified: Sat, 03 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8030
Expires: Sat, 03 Sep 2022 21:57:54 GMT
Date: Sat, 03 Sep 2022 19:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12380
Expires: Sat, 03 Sep 2022 23:10:24 GMT
Date: Sat, 03 Sep 2022 19:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12380
Expires: Sat, 03 Sep 2022 23:10:24 GMT
Date: Sat, 03 Sep 2022 19:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5ae3a55842a56986ef4ccd7c4b63dd6
5b870a431d28a28adef350573e702fd50531cc3c
57e6a9fc322b0003bb13eba511b9e8241ffa57a93a3137eb9d6d21d497117091
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57E6A9FC322B0003BB13EBA511B9E8241FFA57A93A3137EB9D6D21D497117091"
Last-Modified: Sat, 03 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8030
Expires: Sat, 03 Sep 2022 21:57:54 GMT
Date: Sat, 03 Sep 2022 19:44:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60769237af4f32c663d494d91a672d08
31305131f340191799484f212e15513bd1204e88
6df36e459f3a2d0271732b645009b116e6671363f6c3050d22bbfe2d911a77bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4994
x-amzn-requestid: de39357f-d378-4bb8-b4d9-7dd4f82fbb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xgj-kEHvoAMFyBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309b390-119fa01e254e89cb39a1b794;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 06:02:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1yjBt3dqEztIRHo4yR3ZzI67J4lWUMS8R44-PpkeDJ4KNdCTPkmh-w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 04:45:35 GMT
age: 53909
etag: "31305131f340191799484f212e15513bd1204e88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23b580e2b673257d24b9c2e80c4c48ce
f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:02:34 GMT
age: 78090
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4cb62c7c522b71c62a97630d8330ef5
950611314b81428b3d80ff8659272cc800cf48b6
3fd0bbf8a1fe8776136d611d6b99b909b71e6af3a13f8794338af2f0026b59ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7975
x-amzn-requestid: d4695cb0-76ed-495c-b548-d7819edd6d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XwqDSGuDIAMF6kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631023ae-7ba42ae9407c626a02d10e7f;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 03:14:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paxjtCjggGuEMbpwW1HmCdQOemdktodVUl-grweVuYke_NynMIHMlg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:54:34 GMT
age: 56970
etag: "950611314b81428b3d80ff8659272cc800cf48b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c199f7fc2a2857dec134bfdb2673e28c
af3989072b658e2de119d006ae4ca1703468913d
e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5SORUPJgJ_gKKs4hSa4EzCCQA6B1dmyO1EC-gCBvFKl2R2hV0mYTeA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:39:01 GMT
age: 75903
etag: "af3989072b658e2de119d006ae4ca1703468913d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d78cbff83c152b84864606781a29563d
8bdbc6e135be6e582d0e23754399422e3792777b
3c385de9ade05e1652ccc386e73aaccc4c223a07b81af4c5fdf3f73a166909f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14061
x-amzn-requestid: 43535b37-15c9-4a28-a7c0-f43482948382
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqlhGFX4IAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630db606-77bd935d4364050f230ba5da;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:02:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y_-knSwUodyBxS8I8PAoUexT6Z4o0Aq7m62v7HrRjm7vV-jP0VuCpw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 06:26:07 GMT
age: 47877
etag: "8bdbc6e135be6e582d0e23754399422e3792777b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GHd4FOjIO1OP7wSOVcnOryE5ux4hlr_kC0dfJs3LqgQUbxMzuFxc1A==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:37:28 GMT
age: 79596
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.germann.reisen/assets/js/core.min.js
5.175.22.217200 OK 64 kB URL HTTP/2 www.germann.reisen/assets/js/core.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65512)
Hash 21485a5c91a6e030255faa364281aa40
69e8f4ae330ece58c4c9dc6fa319187d907bc2bd
af79c3c862f29c5011444e6c6a4259961c61f414202b97559225b92339095f84
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/core.min.js HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Thu, 09 Jul 2020 18:02:01 GMT
etag: "4432f-5aa0605764a50-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 64543
content-type: application/javascript
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/Germann/Team/Birgit_Kutkowski.jpg
5.175.22.217200 OK 18 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/Germann/Team/Birgit_Kutkowski.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 219x219, components 3\012- data
Hash 1e9f37f9ff5028f659582610a724e91e
51e41576c30b6696a5735a17a0325008dba2c85c
bbd09840ebfd7d43a4ad883405199f08aac96dd95b85d4b26daf0c35fe82e588
GET /www/_data/1009/files/Germann/Team/Birgit_Kutkowski.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Wed, 05 May 2021 08:56:29 GMT
etag: "464a-5c1915ede4ab1"
accept-ranges: bytes
content-length: 17994
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/Germann/Team/Michaela_Guth.jpg
5.175.22.217200 OK 23 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/Germann/Team/Michaela_Guth.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 219x219, components 3\012- data
Hash d74a838fbeeb80e2bc93b4b007968086
6a49a7e0aee9bfdfe8cc5759ecf01dada167e583
698d5491c861a36a7f368205afbdc9d119f3dcdf3e53f40d124f7448b7472caf
GET /www/_data/1009/files/Germann/Team/Michaela_Guth.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Wed, 05 May 2021 08:56:29 GMT
etag: "58e4-5c1915ede8d29"
accept-ranges: bytes
content-length: 22756
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/meeting-273857_1920.jpg
5.175.22.217200 OK 18 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/meeting-273857_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash 580b929356036eaa42c0fbe975ccb9e1
6a7473d6174e0857def60ea33ff93f4d2ffc1df3
96f5e77ba27d685465aeb7de7604e32b876973e1e7591021474a5661df8c3579
GET /www/_data/1009/files/BilderPool/Thementeaser/meeting-273857_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "4827-5cac1e0626e65"
accept-ranges: bytes
content-length: 18471
content-type: image/jpeg
X-Firefox-Spdy: h2
backend.tcautor.de/www/_data/1009/files/Germann/Team/Nicole_Germann-v02.jpg
5.175.22.217200 OK 22 kB URL HTTP/2 backend.tcautor.de/www/_data/1009/files/Germann/Team/Nicole_Germann-v02.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 350x350, components 3\012- data
Hash fe292ffada0ed1fd9ee96efc39fc30ca
cf87320440f6b94dcd87f319b05cf822cb09d3fa
edcf8ced45be4d198ccb8b4d168bcf67616d2de139f0f44807603bfe2abffc13
GET /www/_data/1009/files/Germann/Team/Nicole_Germann-v02.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Wed, 20 Oct 2021 13:35:30 GMT
etag: "57e4-5cec8da0d3ea6"
accept-ranges: bytes
content-length: 22500
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg
5.175.22.217200 OK 54 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash a62681ce6032d22369be9e6edcd304b4
9cc14704c06f89d69474ab17d94ac43ef8f11888
6c425443ec0cbf396b7b07fdcea74c95702cef69f15f7305c3eeebf115afe762
GET /www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "d4e5-5ca8ae5390525"
accept-ranges: bytes
content-length: 54501
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg
5.175.22.217200 OK 53 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash 2074572132e9f3e6743aa540110cc27c
965ceb90356ad01c37a5d68f032b7e0e99540f9a
193322064111e8baec20884ca8df731e5a3f99bf8fb326a0915694381613eb17
GET /www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "ceb2-5ca8ae539421c"
accept-ranges: bytes
content-length: 52914
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/Germann/Team/Michael_Germann_2021.jpg
5.175.22.217200 OK 60 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/Germann/Team/Michael_Germann_2021.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "Created with GIMP", progressive, precision 8, 600x600, components 3\012- data
Hash 58852c0a2374bd4bade0b94a3cf75ce1
b3c2decb57c19eca7d1d223d584891ea0d2801c8
d6fea43ed8a67734be712ac98c9e80936b5dc230d5ddbc951956818ff43671bb
GET /www/_data/1009/files/Germann/Team/Michael_Germann_2021.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Wed, 01 Sep 2021 14:23:21 GMT
etag: "eac4-5caefcef857a4"
accept-ranges: bytes
content-length: 60100
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg
5.175.22.217200 OK 79 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash 192a66bef59226d6ab6b3a5097bb2d4d
5d4ef05d8529e310115d7ee15724985469343319
f014df907df2ab80a94cd71c2267a0896ec6c7831308e92a3c726c8592a81eb1
GET /www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1335f-5cac1e06418a1"
accept-ranges: bytes
content-length: 78687
content-type: image/jpeg
X-Firefox-Spdy: h2
www.germann.reisen/assets/css/core.min.css
5.175.22.217200 OK 41 kB URL HTTP/2 www.germann.reisen/assets/css/core.min.css
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (65516)
Hash 06249bcfa64e75d0dd5d3e77f960cdd9
078839991c838dd732613ae7a8b4d1201aca8017
99fae1a53fa84932d6a5c938f27b7e776b99c7b27e3709a51f28d84ca65b9306
GET /assets/css/core.min.css HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:44 GMT
etag: "50315-5a67923b6f600-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 41057
content-type: text/css
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Wandern_adventure-1850912_1920.jpg
5.175.22.217200 OK 90 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Wandern_adventure-1850912_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Hash ac44101d561116730371c1343172071d
afdff97118095955176579f7794b71138c19309a
109ad27c67d19b6f67e163da947235fa0694b36a094de075dc25c966264bce13
GET /www/_data/1009/files/BilderPool/Thementeaser/Wandern_adventure-1850912_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "15f64-5ca8ae539421c"
accept-ranges: bytes
content-length: 89956
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg
5.175.22.217200 OK 124 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 124 kB (123987 bytes)
Hash 4d620151c765ed8bdd1ddd6193f9e244
475c4f9ce545458df2a3c53b3f9767508d2b325d
3629b868912b11d754f948b8f297b7ba056e82256ee83c85fc41e401ea0dc1a6
GET /www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1e453-5cac1e06691e6"
accept-ranges: bytes
content-length: 123987
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg
5.175.22.217200 OK 114 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size 114 kB (114078 bytes)
Hash 7d47e7c0e4644bdb9f6390233fa64b5d
309923c63deee1d97fb8dd2e70a902ee6faf7ac7
653e3553dd08d47e5a964311149365a582a90dfde032adaa54097e17882843f7
GET /www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1bd9e-5cac1e0664f6e"
accept-ranges: bytes
content-length: 114078
content-type: image/jpeg
X-Firefox-Spdy: h2
www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif
5.175.22.217200 OK 489 kB URL HTTP/2 www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type GIF image data, version 89a, 2000 x 400\012- data
Size 489 kB (488926 bytes)
Hash 5d4acf5c3a2b71be434b261b76b7e6a9
d9e2645d08cec0a26fe80d30e973de6a4a0b7455
05655f50624596e80672653afde7d5ff99e5efa933bab177057a92812cb659f5
GET /www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Tue, 23 Aug 2022 16:09:31 GMT
etag: "775de-5e6eaca279e6a"
accept-ranges: bytes
content-length: 488926
content-type: image/gif
X-Firefox-Spdy: h2
www.germann.reisen/assets/js/jquery-3.4.1_plusUI.min.js
5.175.22.217200 OK 85 kB URL HTTP/2 www.germann.reisen/assets/js/jquery-3.4.1_plusUI.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash d12f6a571f27f8f789cf30b5b17bfeea
6b61e7dbdb4fe26ca656015704e4e0270f2e3c05
1f278360aad59de34a97aeebd39d19149d60ccacb878ee9ebc3cbb398bd75437
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery-3.4.1_plusUI.min.js HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Sat, 04 Jul 2020 16:32:09 GMT
etag: "53745-5a9a02ed31440-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 85178
content-type: application/javascript
X-Firefox-Spdy: h2
www.germann.reisen/assets/js/vendor_bundle.min.js
5.175.22.217200 OK 101 kB URL HTTP/2 www.germann.reisen/assets/js/vendor_bundle.min.js
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65514)
Size 101 kB (101220 bytes)
Hash eb1235ec9c4c6300e795fdf0be02224f
d3f8f421bdfc1938f6dbdd41b76b0eb01c3a0bcd
37fe01d6f5a8a0bcf91568940e0202f4728b966b15f2e3141d3729dce8cb2a34
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/vendor_bundle.min.js HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:42:21 GMT
etag: "66b1b-5a67925eb8940-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 101220
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b6b5ffecd53193507458fbe6e66d3f0
c96009132e435078cd79e19b19eeb0dbcf9abef3
229806893f073d6d725880c375c2f72ab09221a46095e1203d7379c1a29b8bef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9665d92cfb2f9db5f7032ed692dff0e0
2ca6220de116f04429a7ce3f3c8f95cae61db137
5cc77ac9117df4aa52cc268287bf82f9dde172f1bcd7f640d3f0ef04a5ed07c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.germann.reisen/assets/fonts/flaticon/Flaticon.woff2
5.175.22.217200 OK 37 kB URL HTTP/2 www.germann.reisen/assets/fonts/flaticon/Flaticon.woff2
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Hash ae2dd4b29a7c28b5cc6e9364c7a69983
602976fc50a9aa00adc99bc2d93888db7a81d2fc
0ebd2de93302226f320140f8051d5cff7c3752be9700d0d598e498bbe0dde638
Analyzer Verdict Alert fortinet Phishing
GET /assets/fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.germann.reisen/assets/css/core.min.css
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800"
accept-ranges: bytes
content-length: 36732
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
x-cache: MISS from www.germann.reisen
content-type: font/woff2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
142.250.74.163200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.germann.reisen
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 22:18:58 GMT
expires: Tue, 29 Aug 2023 22:18:58 GMT
cache-control: public, max-age=31536000
age: 422706
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.germann.reisen
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 16:40:18 GMT
expires: Fri, 01 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 183826
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
youtube.com/embed/0JmTgOlQ28U?end=61
142.250.74.78301 Moved Permanently 0 B URL HTTP/2 youtube.com/embed/0JmTgOlQ28U?end=61
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/0JmTgOlQ28U?end=61 HTTP/1.1
Host: youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: application/binary
x-content-type-options: nosniff
expires: Sat, 03 Sep 2022 19:44:04 GMT
date: Sat, 03 Sep 2022 19:44:04 GMT
cache-control: private, max-age=31536000
location: https://www.youtube.com/embed/0JmTgOlQ28U?end=61
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
set-cookie: CONSENT=PENDING+900; expires=Mon, 02-Sep-2024 19:44:04 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.germann.reisen/assets/js/scripts.min.js?_=1662234242206
5.175.22.217200 OK 3.2 kB URL HTTP/2 www.germann.reisen/assets/js/scripts.min.js?_=1662234242206
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (5449), with CRLF line terminators
Hash 1d16ebc0b3c66d6a10a2f844da041250
0bfc5df3e06ecc3af5ea0e5e4ec0c277d887c58f
7ddfb4f8b171063568c5f9d506d3777cfc061d6eff3deff43fcb5af2b6e38f11
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/scripts.min.js?_=1662234242206 HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Sun, 05 Jul 2020 10:17:52 GMT
etag: "2541-5a9af1222b05b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 3166
content-type: application/javascript
X-Firefox-Spdy: h2
www.germann.reisen/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1662234242207
5.175.22.217200 OK 2.8 kB URL HTTP/2 www.germann.reisen/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1662234242207
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 (with BOM) text
Hash ff02a0dc373adfb3ebe39af4c7eef961
dac0bdc76620735d11975d970215c5d70207334c
7cdb80f8f5dea5cabf2936d0241e5d8a4b07f1cddaa5123a0c83b764c8f2c798
GET /assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1662234242207 HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Sat, 18 Jul 2020 18:48:04 GMT
etag: "2936-5aabbb6b6819b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-length: 2824
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 51df98c169fb7de773301d014bcea4b8
9bdf9bdb9b5eee378e9ac4ec68ca07c665ae4819
c8336f3a2e16c9390b610c612ce9be7c19286f04a6328a29200cbf65db5801c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d9912.610544944819!2d7.1530478!3d51.6020918!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xce3e922268739974!2sReiseb%C3%BCro%20Germann%20Reisen!5e0!3m2!1sde!2sde!4v1620202266524!5m2!1sde!2sde
142.250.74.164200 OK 1.7 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d9912.610544944819!2d7.1530478!3d51.6020918!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xce3e922268739974!2sReiseb%C3%BCro%20Germann%20Reisen!5e0!3m2!1sde!2sde!4v1620202266524!5m2!1sde!2sde
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3345)
Hash 014e156c5b731edd0deb4fcd04eabeee
da000d3ab1563f5dcd277651df1eece453d47ec2
0dc8303dd2d87b9c0152203adc8b9cabec2e56e2f7d1e8f84c9ab8162cd46dbf
GET /maps/embed?pb=!1m14!1m8!1m3!1d9912.610544944819!2d7.1530478!3d51.6020918!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xce3e922268739974!2sReiseb%C3%BCro%20Germann%20Reisen!5e0!3m2!1sde!2sde!4v1620202266524!5m2!1sde!2sde HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 03 Sep 2022 19:44:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-uG3yDNbGPmxkiK55u2xcsg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1670
x-xss-protection: 0
server-timing: gfet4t7; dur=153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 12:31:58 GMT
expires: Sun, 03 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 25927
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de®ion=de&callback=onApiLoad
142.250.74.106200 OK 57 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de®ion=de&callback=onApiLoad
IP 142.250.74.106:0
File type ASCII text, with very long lines (2480)
Hash 5a2add2ea32729d1bf18ca4bea18d497
32e63ad79e74a6ecf20e9b13185e3bf8b4e981f1
2db07bcacc1cef0af2ecf7f0470160a73da281c09a4da33bd8d6c3137b7a678b
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de®ion=de&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 57093
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=15
date: Sat, 03 Sep 2022 19:43:39 GMT
expires: Sat, 03 Sep 2022 20:13:39 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
104.18.22.52200 OK 227 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
IP 104.18.22.52:0
Size 227 kB (226969 bytes)
Hash 7711d3ec7a6e466364ce10a3ea98e397
d05c312f400a7c1791b6befc523af962e42886bf
6b67fa8d97fe2a4820b4753817cd52c75b44bb744d3c3b90308cc879949c5211
GET /releases/latest/css/pro-v4-font-face.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:05 GMT
content-type: text/css
x-amz-id-2: a0prlzPIjCNDq3t0r7ImxTn6Aaj+3i1MnzmhRTXXBzhb86n5FDAO5a3Wsu1xb/L6ENQF5VvJ8cs=
x-amz-request-id: EQ78T8FKH1SWXYE4
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"1cb05a2f9541200e1fa0a2cd0abc7663"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 955
expires: Sat, 03 Sep 2022 20:14:05 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7450fa61bcfeb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/css/pro.min.css
104.18.22.52200 OK 365 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/css/pro.min.css
IP 104.18.22.52:0
Size 365 kB (364890 bytes)
Hash 458a884873233e2fb3090bbee53f7aa1
45041f858b21f6dc8b7e080e18e6765fe65d4f31
5d78603f350f80d1ef3eab159533c9f70e0c08c7519269b904e051bd03084cc5
GET /releases/latest/css/pro.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:05 GMT
content-type: text/css
x-amz-id-2: AMRPnx/gGPWzkxpEroVSLO8Pi8J0vSGXWBOtNi24DEDy+QaEMCfu0MKQ1eDa2E4MPiKMDx3QOVg=
x-amz-request-id: Q09J8QG0HPK0XNQC
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"486b13730aafe2a39cdaf1666679fa5b"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 955
expires: Sat, 03 Sep 2022 20:14:05 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7450fa61bcfdb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.germann.reisen/images/BilderPool/Destinationen/Europa/Frankreich/Bretagne/brittany-4593977_1920.jpg
5.175.22.217200 OK 420 kB URL HTTP/2 www.germann.reisen/images/BilderPool/Destinationen/Europa/Frankreich/Bretagne/brittany-4593977_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1273, components 3\012- data
Size 420 kB (419797 bytes)
Hash 4b756de4f03410ecc4d44e48030c5374
f26a8ce5b282989ff30a49ce76e952ea718fe735
9eeed4c8d675c7010ccc20d7b196125062febe7a60d96ed6e0c0f1d57535a253
GET /images/BilderPool/Destinationen/Europa/Frankreich/Bretagne/brittany-4593977_1920.jpg HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Mon, 18 Oct 2021 11:35:58 GMT
etag: "647db-5ce9ef2e3dd72"
accept-ranges: bytes
content-length: 411611
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:04 GMT
x-cache: MISS from www.germann.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
www.germann.reisen/images/BilderPool/Destinationen/Europa/Tschechien/prague-433979_1920.jpg
5.175.22.217200 OK 484 kB URL HTTP/2 www.germann.reisen/images/BilderPool/Destinationen/Europa/Tschechien/prague-433979_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 484 kB (484316 bytes)
Hash bf0f234150f1ac43f1ec6bcce4e8e3ff
c5a1cc75581c5636a0f9e4fa29c0dd234b8e788d
6e31bb888b289f456117de2be61354a82a2ee72868835685b223611571b6655d
GET /images/BilderPool/Destinationen/Europa/Tschechien/prague-433979_1920.jpg HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:05 GMT
server: Apache
last-modified: Mon, 21 Feb 2022 16:38:03 GMT
etag: "763dc-5d889db30386f"
accept-ranges: bytes
content-length: 484316
cache-control: max-age=86400
expires: Sun, 04 Sep 2022 19:44:05 GMT
x-cache: MISS from www.germann.reisen
content-type: image/jpeg
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css
104.18.22.52200 OK 482 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css
IP 104.18.22.52:0
Size 482 kB (482192 bytes)
Hash b7e996a622e4fc3f72ae6f102fe506ca
d832243a5076dfaf5073e1b105afb0c37d31fc72
d4c478497fd2c27f5ffb434589be4fe5e4e1fe1a6ba603626aab1b1e13e548cb
GET /releases/latest/css/pro-v4-shims.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:05 GMT
content-type: text/css
x-amz-id-2: iT8ZupnOxWpWMAKwfkDwtp9P1xcr8oXnn2QOTNUaLIoyQ5jAD2cANg1mJrCWG1nyuIiPehlhVh0=
x-amz-request-id: V9KX785VYZEKCMK4
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"715826d7cea0f100c00238e5e5dc92b4"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1296
expires: Sat, 03 Sep 2022 20:14:05 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7450fa61bd02b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Q8kpYatjYYI
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Q8kpYatjYYI
IP 142.250.74.3:0
Hash 2024b7bfc918809f59c88fc9bbb8e1de
c2fc6b558cf021d93945706a57a628f1353220b9
3aca0ed79ebbbf50cac93a81ddf96002b90011f06b3dede567c56ae59e77f15e
POST /s/gts1d4/Q8kpYatjYYI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.usercentrics.eu/settings/8EV1oBWbt/latest/de.json
35.241.3.184200 OK 8.2 kB URL HTTP/2 api.usercentrics.eu/settings/8EV1oBWbt/latest/de.json
IP 35.241.3.184:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (27024), with no line terminators
Hash c92139a22a2131fc3a5bb850a5594db1
17d59dcf6e2392d2388a961deaeeb083bd533839
56606d8f0d968f59066809a3dc770052f153872cc7d8085201c82ea774b596d4
GET /settings/8EV1oBWbt/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.germann.reisen/
Origin: https://www.germann.reisen
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsxSmwD383e-Yo4bWGeMC7KmIbVFhg6koOsfUjv2m1FrV8n040u7N7RHDC7i_SrtoIt8l0u1XZU8IEmlzxEF1oBDQ
date: Sat, 03 Sep 2022 19:44:05 GMT
cache-control: public, max-age=1800, s-maxage=10, no-transform
expires: Sat, 03 Sep 2022 19:44:15 GMT
last-modified: Mon, 22 Aug 2022 07:36:09 GMT
etag: "c92139a22a2131fc3a5bb850a5594db1"
x-goog-generation: 1661153769506588
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8177
content-type: application/json
content-encoding: gzip
x-goog-hash: crc32c=DAzG9w==, md5=ySE5oiohMfw6W7hQpVlNsQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 8177
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Q8kpYatjYYI
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Q8kpYatjYYI
IP 142.250.74.3:0
Hash 2024b7bfc918809f59c88fc9bbb8e1de
c2fc6b558cf021d93945706a57a628f1353220b9
3aca0ed79ebbbf50cac93a81ddf96002b90011f06b3dede567c56ae59e77f15e
POST /s/gts1d4/Q8kpYatjYYI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2
104.18.22.52200 OK 2.4 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 2412, version 331.-31196\012- data
Hash 714ee8de820748bab5090d91cd5b7690
07f4d4dfe5e3c9045f41996eb1ac8ecbbcc779bf
322c181b1aab5807cd0a7ed9e249ddbd97fa385ca3d338aa59ef1f610ca24601
GET /releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.germann.reisen
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:05 GMT
content-type: font/woff2
content-length: 2412
x-amz-id-2: lWwVr0mnsm8jpUwnQlquEjA0sFTu9Z4d4aAjn5eUqnLbvgZlY8hguh0FuIF/mHnmW8oedhjBLck=
x-amz-request-id: H8FVBX90KD0Z8T2M
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:37 GMT
etag: "714ee8de820748bab5090d91cd5b7690"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Sat, 03 Sep 2022 20:14:05 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7450fa631f1ab50c-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2
104.18.22.52200 OK 17 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 17168, version 331.-31196\012- data
Hash 8a43eb7db323b6a82d87a458c34cbe82
968367a39a575ffe38f1cfda07eea12eff885831
2bbaabc785383c5d90abc17e6703ac6a057b9644c6ebdfe9e15709c6ffac9c71
GET /releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.germann.reisen
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:05 GMT
content-type: font/woff2
content-length: 17168
x-amz-id-2: RGX0nY2VUS9SiLL0eVoVgn7QOS958yoQIwSjNRKxNZ8VjZnj5n5xzQmXdS0CUXiyvw9jqo97/FM=
x-amz-request-id: 2XMQ0Q1QBCVCE9XD
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "8a43eb7db323b6a82d87a458c34cbe82"
cache-control: public, max-age=1800
cf-cache-status: REVALIDATED
expires: Sat, 03 Sep 2022 20:14:05 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7450fa632f3ab50c-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2
104.18.22.52200 OK 25 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 24800, version 331.-31196\012- data
Hash 4abe94f1746789f39110d3ebac7ebd96
bdc3b41f3cc3e5e3e87ca020eeddc2b288f0dd91
299dc8e16be2ab2214e279b5536efd387d17fd3d364f397ce9f1fed602384fea
GET /releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.germann.reisen
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:05 GMT
content-type: font/woff2
content-length: 24800
x-amz-id-2: Zkbn1xBeMAb8ZXCV87miHTTjRa9j8kKPlzSox109Rlz0RfLI5/1xigR9neOZ+1RSiUzE7n7c/J0=
x-amz-request-id: H8FSSEMF0BZZK26W
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:40 GMT
etag: "4abe94f1746789f39110d3ebac7ebd96"
cache-control: public, max-age=1800
cf-cache-status: REVALIDATED
expires: Sat, 03 Sep 2022 20:14:05 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7450fa632f3cb50c-OSL
X-Firefox-Spdy: h2
www.germann.reisen/img/android-icon-192x192.png
5.175.22.217200 OK 24 kB URL HTTP/2 www.germann.reisen/img/android-icon-192x192.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (34004), with no line terminators
Hash a6983eecc4ec334c5a68c562731e95b4
273b9c32e29895e193f73097af279ce3557e7d7c
4c9da29b742d004932e1863ef9b1d12a4435d6769783293871af753b51412f50
GET /img/android-icon-192x192.png HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2
104.18.22.52200 OK 11 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 10884, version 331.-31196\012- data
Hash b297f9c677379a25dab795e0546e1e07
c0eeb3115545926ad1cb5d9b37a2fe573acf4b03
272922821dedf161cdf3bebb80a3353ae53e530698f4f92606e3f76b5415c158
GET /releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.germann.reisen
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:05 GMT
content-type: font/woff2
content-length: 10884
x-amz-id-2: tKQzUALnRdXVHwmvV0WJ881gJqPUTdvrDwi+qonTKf9ZDSo6EMvOSYLn06fZFIouJ6t3sblaVrI=
x-amz-request-id: H8FK3N1AF7Z4WD73
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:39 GMT
etag: "b297f9c677379a25dab795e0546e1e07"
cache-control: public, max-age=1800
cf-cache-status: REVALIDATED
expires: Sat, 03 Sep 2022 20:14:05 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7450fa630f04b50c-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2
104.18.22.52200 OK 10 kB URL HTTP/2 kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2
IP 104.18.22.52:0
File type Web Open Font Format (Version 2), TrueType, length 10412, version 331.-31196\012- data
Hash 82b2764fcd41e25136e931dd303a29f4
ec11167afa020752f2dcdbeba74c10ee6d9255d6
94db1583c12033a2b06418908eaf13362e9e79e6c4a78e5e8ce608774cf6e512
GET /releases/latest/webfonts/pro-fa-light-300-5.10.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.germann.reisen
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:05 GMT
content-type: font/woff2
content-length: 10412
x-amz-id-2: 0UHXRrEDIYgI/SMLyHWdg5yJTj88+SIaHBm+CoYy/2QtVmmnuTczkD4ZKYKN69zK37xp/3t9ZkA=
x-amz-request-id: H8FQXZXCV90Z8EDT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "82b2764fcd41e25136e931dd303a29f4"
cache-control: public, max-age=1800
cf-cache-status: REVALIDATED
expires: Sat, 03 Sep 2022 20:14:05 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 7450fa632f40b50c-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f6d9674a0a2b4887d6c6d04fa8e084c
ac31080b6eb2bf3b6b7d94df94c79394a2721026
ce66b4299293498a050c05bdd7c1e2261bcab782a32bd37f59800a64770ccf62
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.germann.reisen/img/favicon-16x16.png
5.175.22.217200 OK 8.7 kB URL HTTP/2 www.germann.reisen/img/favicon-16x16.png
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (34004), with no line terminators
Hash a98b015526427f8789beb5d67ffa97c5
f9c08fbe1554344e4021b68586639d508b9a0e4b
f1ea01f648b489071a532d59a630b21e8cf19c8b1ec714ee1ebc66251cf8d14f
GET /img/favicon-16x16.png HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Cookie: CFID=35663924; CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Sun, 04 Sep 2022 19:44:04 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 19:29:23 GMT
expires: Sat, 03 Sep 2022 19:44:23 GMT
cache-control: public, max-age=900
age: 883
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
khms0.googleapis.com/kh?v=930&hl=de&x=1064&y=680&z=11
142.250.74.170200 OK 16 kB URL HTTP/2 khms0.googleapis.com/kh?v=930&hl=de&x=1064&y=680&z=11
IP 142.250.74.170:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 5c6754f8aa06b7f81764f8a226bd43f4
68248afe8dd8336f3eb8cd741373301102c908d1
3e12d46a386b6fe63acc73db68aece8fec969624d9f401d962ebdc8d3c01e966
GET /kh?v=930&hl=de&x=1064&y=680&z=11 HTTP/1.1
Host: khms0.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
x-content-type-options: nosniff
date: Sat, 03 Sep 2022 19:44:06 GMT
expires: Sun, 03 Sep 2023 19:44:06 GMT
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 16257
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 03 Sep 2022 19:44:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f6d9674a0a2b4887d6c6d04fa8e084c
ac31080b6eb2bf3b6b7d94df94c79394a2721026
ce66b4299293498a050c05bdd7c1e2261bcab782a32bd37f59800a64770ccf62
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 03 Sep 2022 19:44:06 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3f5b4e778429d4ba70b497cc9fbb1127
db17f774a14f160caa77eb0222152767a364bba7
64da763bf84ec2d6284a112f50392f15a8b11122f3875317c52bd6c5e8e8d894
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 30 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f07ffd72636572776e4ab9aed87c0a5a
74565288acd455b439d77d471c088961608dc6b8
d5725041bee456462e210fbe44c0a25558fc1b4915cc6dcb4c852f809b414353
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 03 Sep 2022 19:44:06 GMT
server: ESF
cache-control: private
content-length: 30463
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 998b9005291d8db01ddce1b04779e5cd
1647a295775cd1b26ceb8e8a8ae169a6fc33f9b8
f72d00e63b77eb486c76207b015d0d246bece9c002d1ade66c3963813b64b09e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/0JmTgOlQ28U/sddefault.webp
216.58.207.214200 OK 35 kB URL HTTP/2 i.ytimg.com/vi_webp/0JmTgOlQ28U/sddefault.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4ab2b0aa5fdaa8d9318d58cf9e36f65f
a4f47121eaed4fb7d065428e4dda63405053c783
5fb40197b6c4dded6d1335a697c2950df33feb8eccdfe90fb7025085a9bc7941
GET /vi_webp/0JmTgOlQ28U/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 34550
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 19:44:06 GMT
expires: Sat, 03 Sep 2022 21:44:06 GMT
cache-control: public, max-age=7200
etag: "1645706574"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ded42556ce79b32d319ae8518175ee2d
d16605bff3d911741f4ba990c57de74ea63aa0c7
0344a3cdd47e3d994cb3d39a32e4de1cddc2134794b31d0eee537d65e081c8bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b543e3a59e90c26c48a819e091f81f1e
37a1ed0df585a84b0790b1ef463ee4945f9087ad
c6e46687b404ce9848cb5a1a62f36d859f736e675662336da62578696c9ced1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu9enXn1wGLr12-F2LbAJ1wU0YsGaZhbLmJ47A=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 769 B URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9enXn1wGLr12-F2LbAJ1wU0YsGaZhbLmJ47A=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash a5f40567b4b3df2de397aa805e79a909
16cdf9f7938cd51a70b1f2a44fb356c67ebffedd
91a1afe7119775533c9c24611d684ff62029b696fae2caf45940f86187c019ab
GET /ytc/AMLnZu9enXn1wGLr12-F2LbAJ1wU0YsGaZhbLmJ47A=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 04 Sep 2022 19:44:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 03 Sep 2022 19:44:06 GMT
server: fife
content-length: 769
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b543e3a59e90c26c48a819e091f81f1e
37a1ed0df585a84b0790b1ef463ee4945f9087ad
c6e46687b404ce9848cb5a1a62f36d859f736e675662336da62578696c9ced1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/zA2MeURdANg
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/zA2MeURdANg
IP 142.250.74.3:0
Hash d289dc2dbd99bcdef18c7c0e9e0d1568
a6f646ff5052b9c272012c1894b9c45f27eea651
6266fc862c273865f4b35cf069a5063ede732a88628c6a88a9b2136df4e07482
POST /s/gts1d4/zA2MeURdANg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.16.38,8eIqa_sKr@8.1.0,HkPBYFofN@10.3.1,S1pcEj_jZX@21.9.4,HkYNq4sdjbm@10.2.4,Sy7BcNo_ib7@4.2.2,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,Hk8e94jOjWX@11.1.4,BJz7qNsdj-7@15.7.12
34.120.28.121200 OK 6.6 kB URL HTTP/2 aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.16.38,8eIqa_sKr@8.1.0,HkPBYFofN@10.3.1,S1pcEj_jZX@21.9.4,HkYNq4sdjbm@10.2.4,Sy7BcNo_ib7@4.2.2,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,Hk8e94jOjWX@11.1.4,BJz7qNsdj-7@15.7.12
IP 34.120.28.121:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (47344), with no line terminators
Hash 6af30a70dcd54f5c100dea8b132a6e1f
d813b894fce16732172f45317e11f6cea55a70a0
981e738394a3a4ed2d88f8cd2372be011eab78a743cfb94ad3b30ee8d0aa094b
GET /aggregate/de?templates=H1Vl5NidjWX@40.16.38,8eIqa_sKr@8.1.0,HkPBYFofN@10.3.1,S1pcEj_jZX@21.9.4,HkYNq4sdjbm@10.2.4,Sy7BcNo_ib7@4.2.2,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,Hk8e94jOjWX@11.1.4,BJz7qNsdj-7@15.7.12 HTTP/1.1
Host: aggregator.service.usercentrics.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.germann.reisen/
Origin: https://www.germann.reisen
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding, accept-encoding
access-control-allow-origin: *
content-encoding: br
server: Google Frontend
via: 1.1 google
date: Fri, 02 Sep 2022 12:58:20 GMT
cache-control: public,max-age=604800
etag: "1gmfjdq"
content-type: application/json; charset=utf-8
content-length: 6648
age: 110746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 03 Sep 2022 19:44:06 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/zA2MeURdANg
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/zA2MeURdANg
IP 142.250.74.3:0
Hash d289dc2dbd99bcdef18c7c0e9e0d1568
a6f646ff5052b9c272012c1894b9c45f27eea651
6266fc862c273865f4b35cf069a5063ede732a88628c6a88a9b2136df4e07482
POST /s/gts1d4/zA2MeURdANg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
172.217.21.170200 OK 122 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fb77ee7fc359717b84398060f10de76e
46015c8f4aa4702d84242f0bcc84c5820787cdbb
afa59f1c03f8b091da949462338d0803ad692bec234fc710e9b9f2cc322c93bb
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1334
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 03 Sep 2022 19:44:06 GMT
server: ESF
cache-control: private
content-length: 122
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Ef3_vfLBTFo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Ef3_vfLBTFo
IP 142.250.74.3:0
Hash f296c6e6963c477e9027024988ed4e25
c3455d3a326b958b862b9d0cd18f537a132fcf3b
d515094ce60a23ed2a210902579d8cd87a38795236215482a11ff0d5145a25d8
POST /s/gts1d4/Ef3_vfLBTFo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/Ef3_vfLBTFo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Ef3_vfLBTFo
IP 142.250.74.3:0
Hash f296c6e6963c477e9027024988ed4e25
c3455d3a326b958b862b9d0cd18f537a132fcf3b
d515094ce60a23ed2a210902579d8cd87a38795236215482a11ff0d5145a25d8
POST /s/gts1d4/Ef3_vfLBTFo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
graphql.usercentrics.eu/graphql
34.120.238.166204 No Content 0 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP 34.120.238.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Referer: https://www.germann.reisen/
Origin: https://www.germann.reisen
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Sep 2022 19:44:06 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Ef3_vfLBTFo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Ef3_vfLBTFo
IP 142.250.74.3:0
Hash f296c6e6963c477e9027024988ed4e25
c3455d3a326b958b862b9d0cd18f537a132fcf3b
d515094ce60a23ed2a210902579d8cd87a38795236215482a11ff0d5145a25d8
POST /s/gts1d4/Ef3_vfLBTFo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 19:44:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 259798
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type gzip compressed data, max compression\012- data
Hash 2853325373e1c020f4defa29faf36e77
ebeb0f817eb4b20f8730fbd68b922d50744ca982
733602161913dbe8187e7b17d111400018ee91d756fede5e16eb881973513fc5
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 02:02:22 GMT
expires: Sun, 03 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 63704
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.prive.eu/wp-content/uploads/2020/05/logo-erecht24-long-weiss72.png
159.69.215.183301 Moved Permanently 0 B URL HTTP/2 www.prive.eu/wp-content/uploads/2020/05/logo-erecht24-long-weiss72.png
IP 159.69.215.183:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2020/05/logo-erecht24-long-weiss72.png HTTP/1.1
Host: www.prive.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
cache-control: max-age=3600
content-type: text/html; charset=UTF-8
date: Sat, 03 Sep 2022 19:44:06 GMT
expires: Sat, 03 Sep 2022 20:44:07 GMT
location: https://www.prive.eu/wp-content/uploads/2020/05/erecht24_logo_white.svg
server: Caddy, Apache/2.4.29 (Ubuntu)
vary: X-Forwarded-Proto,Accept-Encoding
x-redirect-by: redirection
content-length: 0
X-Firefox-Spdy: h2
www.prive.eu/wp-content/uploads/2020/05/erecht24_logo_white.svg
159.69.215.183200 OK 7.9 kB URL HTTP/2 www.prive.eu/wp-content/uploads/2020/05/erecht24_logo_white.svg
IP 159.69.215.183:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3c4a521dbf31f209692dd4ad6c15c70f
a7ed455bd5ed21466b2988f647ccc813bba16bcf
71d4f7a85b825c426a79569574f473bbee04cc01334f0cf103ca7bd975eb23cc
GET /wp-content/uploads/2020/05/erecht24_logo_white.svg HTTP/1.1
Host: www.prive.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.germann.reisen/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
date: Sat, 03 Sep 2022 19:44:07 GMT
last-modified: Tue, 19 May 2020 08:49:32 GMT
server: Caddy, Apache/2.4.29 (Ubuntu)
vary: X-Forwarded-Proto,Accept-Encoding
content-length: 7878
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9669117-bdb7-4eca-9f0c-900e888a9a98.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9669117-bdb7-4eca-9f0c-900e888a9a98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9ae49d397bc8300ce0eceda8175a3ad
087b7d14d84ebb179126c9dcd8964d22f24f30ab
b9daa2fc390a97a4bd622dbdec7fe0fff7e6527ffb844a46b9b87b2bd6e0f006
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9669117-bdb7-4eca-9f0c-900e888a9a98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13241
x-amzn-requestid: 80083a05-9884-48f8-983b-d4132d7c8a0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMHFgPIAMF9qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-16fd2f06541cb4bc027f153f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zugAT8FgWA5gShTMABbCTZbZzaCXxM6du0zskoXn-LtzDNb5j4ByeA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:18:36 GMT
age: 77135
etag: "087b7d14d84ebb179126c9dcd8964d22f24f30ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/embed/0JmTgOlQ28U?end=61
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/embed/0JmTgOlQ28U?end=61
IP 142.250.74.78:0
GET /embed/0JmTgOlQ28U?end=61 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.germann.reisen/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Sep 2022 19:44:04 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=2tCyOJBpT5g; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=hO3C04xyWOA; Domain=.youtube.com; Expires=Thu, 02-Mar-2023 19:44:05 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+198; expires=Mon, 02-Sep-2024 19:44:04 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
graphql.usercentrics.eu/graphql
34.120.238.166200 OK 0 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP 34.120.238.166:0
POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.germann.reisen/
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: d743b6b5-2c54-4623-b98c-456360449b90
Origin: https://www.germann.reisen
Content-Length: 7017
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:06 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"535-9kwkeFt+nDyj3F1tsqj9RCLC+WE"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
graphql.usercentrics.eu/graphql
34.120.238.166200 OK 0 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP 34.120.238.166:0
POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.germann.reisen/
Content-Type: application/json
Access-Control-Allow-Origin: *
Origin: https://www.germann.reisen
Content-Length: 901
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"41-PhTBbLVr6CImcYBgZcu5QcL3968"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.germann.reisen/
5.175.22.217200 OK 0 B IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.germann.reisen
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:03 GMT
server: Apache
set-cookie: CFID=35663924; Expires=Sun, 04-Sep-2022 19:44:03 GMT; Path=/; HttpOnly
CFTOKEN=cfde044ff125ca51-30C44E12-F21E-8A65-ECB899B19226AB43; Expires=Sun, 04-Sep-2022 19:44:03 GMT; Path=/; HttpOnly
cache-control: max-age=420, private, must-revalidate
expires: Sun, 04 Sep 2022 19:44:03 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.germann.reisen
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2
backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/blue-2705642_1920.jpg
5.175.22.217200 OK 0 B URL HTTP/2 backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/blue-2705642_1920.jpg
IP 5.175.22.217:0
ASN #20773 Host Europe GmbH
GET /www/_data/1009/files/BilderPool/Thementeaser/blue-2705642_1920.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.germann.reisen/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 19:44:04 GMT
server: Apache
last-modified: Tue, 19 Oct 2021 14:18:23 GMT
etag: "2c65d-5ceb5558f28e2"
accept-ranges: bytes
content-length: 181853
content-type: image/jpeg
X-Firefox-Spdy: h2