leonmediabepdx.k1-sporthotel.de/
89.22.100.170301 Moved Permanently 193 B URL HTTP/1.1 leonmediabepdx.k1-sporthotel.de/
IP 89.22.100.170:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 0e94b028f6240126d4e65551d6eaa1c5
b00f7529dce9ee2b63b4b338828529599bbb2099
4ec3e203f1ed2199367296430125185ea8f712ce52e3d1840b1c204db2698078
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://leonmediabepdx.k1-sporthotel.de/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Fri, 02 Dec 2022 01:57:05 GMT
Content-Length: 193
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4007
Expires: Fri, 02 Dec 2022 03:03:52 GMT
Date: Fri, 02 Dec 2022 01:57:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5704
Cache-Control: max-age=122951
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:05 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:06:16 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3563
Expires: Fri, 02 Dec 2022 02:56:28 GMT
Date: Fri, 02 Dec 2022 01:57:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 01:18:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2335
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OiezOmJuod4xTdOPO1MsyDh2ck0zl6KLZwMzuoC0xTPn+ki12Ruxd1HGnLEsTpy7ogTjhBKQrHM=
x-amz-request-id: 8WM231RWD7XFEGK7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 01:45:53 GMT
age: 672
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 01:57:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 433ed29fd3e63d3f2f4ef964ee461413
28192afed869aea3183e049dde0a7406c0a0cbb2
135bce7430819a634abecb7d1a632e4d5662abfaa98dbd19cd1f3ec8ca6d7784
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "135BCE7430819A634ABECB7D1A632E4D5662ABFAA98DBD19CD1F3EC8CA6D7784"
Last-Modified: Fri, 02 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 07:57:05 GMT
Date: Fri, 02 Dec 2022 01:57:05 GMT
Connection: keep-alive
leonmediabepdx.k1-sporthotel.de/
89.22.100.170200 OK 16 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/
IP 89.22.100.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1031), with CRLF, LF line terminators
Hash ae1d2128adf6ba634344bcfc321f9042
88ebd1a4710148cd29e6b7f0578730d1fa039417
57a504d2708b511ad48606760239727b03d5bef7ccb80f6e66976e03ab14f903
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:05 GMT
content-length: 15861
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_88-Yen2l
89.22.100.170200 OK 43 B URL HTTP/2 leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_88-Yen2l
IP 89.22.100.170:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert fortinet Phishing
GET /DXR.axd?r=1_88-Yen2l HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: image/gif
expires: Sat, 03 Jul 2021 16:48:24 GMT
last-modified: Fri, 03 Jul 2020 16:48:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 43
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
leonmediabepdx.k1-sporthotel.de/Scripts/google_rating.js
89.22.100.170200 OK 358 B URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Scripts/google_rating.js
IP 89.22.100.170:0
File type ASCII text, with CRLF line terminators
Hash 1dc1c45bd2a4248701bf1f1b123b4785
d9bfc33d70df7ea892b7f82cf428671cadef7ad2
ccb27feb19c121daf6fe8f9d2ea5bfeb3d59fd1f446306cb34ebf158045bfb92
Analyzer Verdict Alert fortinet Phishing
GET /Scripts/google_rating.js HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:55:14 GMT
accept-ranges: bytes
etag: "a89dfcb85a51d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 358
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&signed_in=true&libraries=places
142.250.74.10200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&signed_in=true&libraries=places
IP 142.250.74.10:0
File type ASCII text, with very long lines (2459)
Hash 32dde597043603c6677e6c05bcec19b0
f5e80cf96f5e845657e869a958c0967670f1f1c7
68e738a0cc7e6ad4fcd22509643feaf721a66dec4dc7dafac2f882634e483ac5
GET /maps/api/js?v=3.exp&key=AIzaSyAm-8P-ztcjqGtB3MhVxXuDpt88Mnzd-2Y&signed_in=true&libraries=places HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Fri, 02 Dec 2022 01:57:06 GMT
expires: Fri, 02 Dec 2022 02:27:06 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55768
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.10200 OK 670 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.10:0
Hash 01b11b09cdb622c15efd7b42585d4334
c711738cab5aed38cc1e11d90d74f299526d371d
aacaac45a56c66a3da5ffc45e95d08cc43c9a49ea209c6c4a2650aebe5be19dc
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 01:57:06 GMT
date: Fri, 02 Dec 2022 01:57:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5701
Cache-Control: max-age=117884
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:06 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:41:50 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_73,1_67,1_68,1_69,1_72,1_209,1_206,1_208,1_205,1_252,1_251,1_83,24_378,24_379,24_394,1_7,24_406,24_407,24_422,26_37,26_36,26_35,26_32,26_34,26_30,26_28,26_31,1_75-5fn2l
89.22.100.170200 OK 210 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_73,1_67,1_68,1_69,1_72,1_209,1_206,1_208,1_205,1_252,1_251,1_83,24_378,24_379,24_394,1_7,24_406,24_407,24_422,26_37,26_36,26_35,26_32,26_34,26_30,26_28,26_31,1_75-5fn2l
IP 89.22.100.170:0
File type ASCII text, with very long lines (5388), with CRLF line terminators
Size 210 kB (209848 bytes)
Hash 56cb9d274568480a0badde87808fff48
eb2d588a25030f3c2900a24b4ecdbdbfb88e5db8
4a1f425e0db129870eee3b3c1fccc9b1ff83b42d5010f8b405e57955eeadaf1b
Analyzer Verdict Alert fortinet Phishing
GET /DXR.axd?r=1_73,1_67,1_68,1_69,1_72,1_209,1_206,1_208,1_205,1_252,1_251,1_83,24_378,24_379,24_394,1_7,24_406,24_407,24_422,26_37,26_36,26_35,26_32,26_34,26_30,26_28,26_31,1_75-5fn2l HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: text/css
content-encoding: gzip
expires: Sat, 03 Jul 2021 16:48:32 GMT
last-modified: Fri, 03 Jul 2020 16:48:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 209848
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Content/site.css
89.22.100.170200 OK 11 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Content/site.css
IP 89.22.100.170:0
File type ASCII text, with CRLF line terminators
Hash d262e45226b938a19d8bc8d4bdee031a
14e56a001ba0e0657bf37df56114f3a1dcd38125
f55bb00350989c04819f6cfca65157560721ddeebe603355599b0f0834493b7a
GET /Content/site.css HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 05:13:33 GMT
accept-ranges: bytes
etag: "77d4a85c1d54d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 10953
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Scripts/bootstrap.min.js
89.22.100.170200 OK 37 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Scripts/bootstrap.min.js
IP 89.22.100.170:0
File type ASCII text, with very long lines (32003)
Hash 5d768fa0401808a1ba60e21c226a6c05
5470e3a384b89f6ef125ee793b4065d5b3e48a49
fe0cb52bce8a3324db36ce5207b65f043093d4b667e7f590db3961cf852d4d08
Analyzer Verdict Alert fortinet Phishing
GET /Scripts/bootstrap.min.js HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:49:41 GMT
accept-ranges: bytes
etag: "cd8040f25951d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 36896
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Scripts/site.js
89.22.100.170200 OK 1.2 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Scripts/site.js
IP 89.22.100.170:0
File type ASCII text, with CRLF line terminators
Hash 6208631849f2c70d3a6038ea883547f0
c02bd030b752c53ad600cf771a9169b210bfb30d
688056a94f370065cddd18a5b662a4b2954cb37ac0dbac8e0eb86bfa296a3d1b
Analyzer Verdict Alert fortinet Phishing
GET /Scripts/site.js HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:49:48 GMT
accept-ranges: bytes
etag: "3d25b4f65951d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 1184
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Images/EBike-2px.png
89.22.100.170200 OK 170 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Images/EBike-2px.png
IP 89.22.100.170:0
File type PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size 170 kB (170011 bytes)
Hash ea723381ba348b3c4d481084f70007e0
21af2641291ab4e53151c8fdb97fe47102c6f42b
1491b57df042727757aab89b72efa902cb45afdc5907390911d988b1f04d634e
GET /Images/EBike-2px.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:22 GMT
accept-ranges: bytes
etag: "c2def6e65951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 170011
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Images/Monsterroller-2px.png
89.22.100.170200 OK 172 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Images/Monsterroller-2px.png
IP 89.22.100.170:0
File type PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size 172 kB (172207 bytes)
Hash dc1d00a93d30d67e4bd753f4b91a7604
fa9e40b0ee568f0648a0443c3e7f3e3414011f61
02d5dff2ff7006777e5b69133c660c81067512279a7f6b30a28d28f5776050db
GET /Images/Monsterroller-2px.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:25 GMT
accept-ranges: bytes
etag: "a779d8e85951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 172207
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-mountaincart.png
89.22.100.170200 OK 242 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-mountaincart.png
IP 89.22.100.170:0
File type PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size 242 kB (242236 bytes)
Hash 57d65ffd0b40086f86b07743edda4409
c5422e4dfead336cb1f8c982cbaa896c38a0ae9d
6b922c3cf56b3918cbffce04c209d58d8d682d3d016b8248400518355e00f049
GET /Images/index-partial-home-mountaincart.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:23 GMT
accept-ranges: bytes
etag: "f26fece75951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 242236
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Images/Rodel-2px.png
89.22.100.170200 OK 118 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Images/Rodel-2px.png
IP 89.22.100.170:0
File type PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size 118 kB (117646 bytes)
Hash 2dcb2d733c37df88d256a6c56081d1a9
90d92e7e5fde02bcaafb78f7d2f548d056ead2e7
df6f396d809cd55fa7045b56665eac9efbe79d5d2779c781d40971768755c74a
GET /Images/Rodel-2px.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:27 GMT
accept-ranges: bytes
etag: "49f6f8e95951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 117646
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Images/Ski-px2.png
89.22.100.170200 OK 92 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Images/Ski-px2.png
IP 89.22.100.170:0
File type PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Hash d9b7ccaba81bf45d3235bbcc382611f3
7207ceba44af43cc75818fc0e59f94c69a2920fc
b6b265b7bdcef6bfea516c0318b14849a92d0a38c6a297e88e68301f9a162672
GET /Images/Ski-px2.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:27 GMT
accept-ranges: bytes
etag: "2e7e21ea5951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 92373
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Scripts/google-ratings.js
89.22.100.170200 OK 5.1 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Scripts/google-ratings.js
IP 89.22.100.170:0
File type ASCII text, with CRLF line terminators
Hash 29fea24c3465230bc46f9b21e1a1a7ea
c1f23e074181d9bd6aea39c69440b3e7e13a544f
1adbd320ed69f26b75df00ce940bbc70082226ecbad03f65b931662d3523f796
Analyzer Verdict Alert fortinet Phishing
GET /Scripts/google-ratings.js HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:55:14 GMT
accept-ranges: bytes
etag: "b89b1bb95a51d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 5079
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-flyline.png
89.22.100.170200 OK 227 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-flyline.png
IP 89.22.100.170:0
File type PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size 227 kB (226898 bytes)
Hash 7694071cb4b6265f974c90e1f23f96b6
fb689281d733c938740c7488c1a87192deb4f626
e1f2a19b9bcbc24b27c4aa5f58d83199f2b650ab5a925f26319a28c0a910825c
GET /Images/index-partial-home-flyline.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:23 GMT
accept-ranges: bytes
etag: "9386c1e75951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 226898
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-wanderkurs.png
89.22.100.170200 OK 183 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-wanderkurs.png
IP 89.22.100.170:0
File type PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size 183 kB (182750 bytes)
Hash 247c2069d3a888a10a9e15dfee96818e
d6b8b94b5e5d97a59325b6498ff683aff700e838
c9fa67241b8dfd56028050c96d8cbf779d940ab9daeb2dc3ce4098dcffa67752
GET /Images/index-partial-home-wanderkurs.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:24 GMT
accept-ranges: bytes
etag: "87f814e85951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 182750
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5656ce989e6a6f8a74c1587ef96329d5
e1438168090515455fbdd86ad97618ef09762dfb
cb630b3271a4f647bf8c56aa3a98adca5e8c8daee092ae7abc850d62edc862f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB630B3271A4F647BF8C56AA3A98ADCA5E8C8DAEE092AE7ABC850D62EDC862F8"
Last-Modified: Thu, 01 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 07:57:06 GMT
Date: Fri, 02 Dec 2022 01:57:06 GMT
Connection: keep-alive
leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-bikekurs.png
89.22.100.170200 OK 151 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Images/index-partial-home-bikekurs.png
IP 89.22.100.170:0
File type PNG image data, 720 x 424, 8-bit colormap, non-interlaced\012- data
Size 151 kB (150966 bytes)
Hash 12442960c51d987975cd214b6be41f09
0ecdbedf947a16a9127afce4032779c96c572629
f186c038730ce45beebc78c2f06f14844197b7d5a857ecab65d85cbeca29970c
GET /Images/index-partial-home-bikekurs.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:23 GMT
accept-ranges: bytes
etag: "149b96e75951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 150966
X-Firefox-Spdy: h2
www.k1-sporthotel.de/wp-content/uploads/2020/05/logo-k1-sporthotel-80.png
89.22.100.170200 OK 3.0 kB URL HTTP/2 www.k1-sporthotel.de/wp-content/uploads/2020/05/logo-k1-sporthotel-80.png
IP 89.22.100.170:0
File type PNG image data, 88 x 80, 8-bit colormap, non-interlaced\012- data
Hash ecd007e6f9a44717c89534503965a9c3
4a38bbbea230bee850548012baa8398106a448a0
e07bb42a446d68e12b3b1d65f84b83b40bd8efbe23a07b5da892ed21338f04f8
GET /wp-content/uploads/2020/05/logo-k1-sporthotel-80.png HTTP/1.1
Host: www.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 02 Jun 2021 14:19:02 GMT
accept-ranges: bytes
etag: "ffcbf13cba57d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 2952
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.186.169.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.169.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y18Ijr1XOqTCGmH4MzKaFA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HgPcGVc4mY4CYSiYzKKdlJ1IyK4=
leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_0,1_2,1_3,1_4,1_11,1_63,1_12,1_13,1_14,1_15,1_16,1_20,1_65,1_48,1_17,1_9,17_0,17_7,1_27,1_39,1_31,17_35,1_23,1_55,17_34,1_41,1_54,1_53,17_33,1_182,1_183,1_24,1_33,1_46,1_212,1_210,1_239,1_47,1_52,17_6,1_51,17_14,1_21,1_22,1_40,1_34,1_19,1_223,1_224,1_211,1_217,1_215,1_218,1_219,1_216,1_220,1_213,1_221,1_222,1_226,1_235,1_237,1_238,1_225,1_230,1_231,1_232,1_214,1_227,1_228,1_229,1_233,1_234,1_236,17_48,17_49,17_2,1_59,1_57,17_38,1_56,17_39,1_58,17_40,17_41,1_60,17_3,1_49,17_8,17_9,1_35,17_10,1_62,17_11,1_50,1_38,17_43,1_43,17_12,17_13,1_66,1_184,1_181,17_23,1_204,17_24,1_193,17_17,1_202,17_19,1_187,1_189,1_197,1_198,1_199,1_203,1_185,1_192,17_16,17_21,1_191,17_18,1_61,1_194,1_188,17_15,1_196,1_190,17_42,1_201,1_195,17_20,1_5,24_368,1_1,24_364,24_365,24_366,24_367,24_359,24_362,24_363,24_360,24_361,24_423,24_424,26_19,26_21,24_404,24_405,26_23,26_20,26_22,17_26,26_24,17_27,26_11,26_16,26_18,17_25,26_15,26_13,26_14,26_12,26_17,1_249,17_1-5fn2l&p=cde5b7bc
89.22.100.170200 OK 2.9 MB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/DXR.axd?r=1_0,1_2,1_3,1_4,1_11,1_63,1_12,1_13,1_14,1_15,1_16,1_20,1_65,1_48,1_17,1_9,17_0,17_7,1_27,1_39,1_31,17_35,1_23,1_55,17_34,1_41,1_54,1_53,17_33,1_182,1_183,1_24,1_33,1_46,1_212,1_210,1_239,1_47,1_52,17_6,1_51,17_14,1_21,1_22,1_40,1_34,1_19,1_223,1_224,1_211,1_217,1_215,1_218,1_219,1_216,1_220,1_213,1_221,1_222,1_226,1_235,1_237,1_238,1_225,1_230,1_231,1_232,1_214,1_227,1_228,1_229,1_233,1_234,1_236,17_48,17_49,17_2,1_59,1_57,17_38,1_56,17_39,1_58,17_40,17_41,1_60,17_3,1_49,17_8,17_9,1_35,17_10,1_62,17_11,1_50,1_38,17_43,1_43,17_12,17_13,1_66,1_184,1_181,17_23,1_204,17_24,1_193,17_17,1_202,17_19,1_187,1_189,1_197,1_198,1_199,1_203,1_185,1_192,17_16,17_21,1_191,17_18,1_61,1_194,1_188,17_15,1_196,1_190,17_42,1_201,1_195,17_20,1_5,24_368,1_1,24_364,24_365,24_366,24_367,24_359,24_362,24_363,24_360,24_361,24_423,24_424,26_19,26_21,24_404,24_405,26_23,26_20,26_22,17_26,26_24,17_27,26_11,26_16,26_18,17_25,26_15,26_13,26_14,26_12,26_17,1_249,17_1-5fn2l&p=cde5b7bc
IP 89.22.100.170:0
File type ASCII text, with very long lines (65451)
Size 2.9 MB (2866729 bytes)
Hash 55154f4589c8bf84b4dfc178010c6409
1f3ce3ec7f233cbbce4f237e600be99ea5332639
d294135d8b06d495f12ef485c6dfede221fffd8844cabb1011132345ecc81443
GET /DXR.axd?r=1_0,1_2,1_3,1_4,1_11,1_63,1_12,1_13,1_14,1_15,1_16,1_20,1_65,1_48,1_17,1_9,17_0,17_7,1_27,1_39,1_31,17_35,1_23,1_55,17_34,1_41,1_54,1_53,17_33,1_182,1_183,1_24,1_33,1_46,1_212,1_210,1_239,1_47,1_52,17_6,1_51,17_14,1_21,1_22,1_40,1_34,1_19,1_223,1_224,1_211,1_217,1_215,1_218,1_219,1_216,1_220,1_213,1_221,1_222,1_226,1_235,1_237,1_238,1_225,1_230,1_231,1_232,1_214,1_227,1_228,1_229,1_233,1_234,1_236,17_48,17_49,17_2,1_59,1_57,17_38,1_56,17_39,1_58,17_40,17_41,1_60,17_3,1_49,17_8,17_9,1_35,17_10,1_62,17_11,1_50,1_38,17_43,1_43,17_12,17_13,1_66,1_184,1_181,17_23,1_204,17_24,1_193,17_17,1_202,17_19,1_187,1_189,1_197,1_198,1_199,1_203,1_185,1_192,17_16,17_21,1_191,17_18,1_61,1_194,1_188,17_15,1_196,1_190,17_42,1_201,1_195,17_20,1_5,24_368,1_1,24_364,24_365,24_366,24_367,24_359,24_362,24_363,24_360,24_361,24_423,24_424,26_19,26_21,24_404,24_405,26_23,26_20,26_22,17_26,26_24,17_27,26_11,26_16,26_18,17_25,26_15,26_13,26_14,26_12,26_17,1_249,17_1-5fn2l&p=cde5b7bc HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: text/javascript
content-encoding: gzip
expires: Sat, 03 Jul 2021 16:48:32 GMT
last-modified: Fri, 03 Jul 2020 16:48:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:07 GMT
content-length: 2866729
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6378
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:57:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6378
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:57:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6378
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:57:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6378
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:57:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6378
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:57:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 14952
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 14952
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 67286
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:19:21 GMT
age: 67067
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e1372b65928f2addd9d8e44ce63ea0c
795fd611123ebde700aaff1f0dac862f9cad00dc
de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5967
x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgfFo2IAMF7ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:08 GMT
age: 14820
etag: "795fd611123ebde700aaff1f0dac862f9cad00dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Images/Skidepot-2px.png
89.22.100.170200 OK 2.9 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Images/Skidepot-2px.png
IP 89.22.100.170:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /Images/Skidepot-2px.png HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 03 Jul 2020 16:49:27 GMT
accept-ranges: bytes
etag: "e454aea5951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
content-length: 125990
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leonmediabepdx.k1-sporthotel.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 284668
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leonmediabepdx.k1-sporthotel.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:22 GMT
expires: Fri, 01 Dec 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 48468
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
216.58.207.227200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leonmediabepdx.k1-sporthotel.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 20:33:17 GMT
expires: Fri, 01 Dec 2023 20:33:17 GMT
cache-control: public, max-age=31536000
age: 19433
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/favicon.ico
89.22.100.170200 OK 32 kB URL HTTP/2 leonmediabepdx.k1-sporthotel.de/favicon.ico
IP 89.22.100.170:0
File type MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 4859e39ae6c0f1f428f2126a6bb32bd9
1c0c85678ae963bc96d0b7fbe1eb89074cf1fbe0
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
GET /favicon.ico HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
last-modified: Fri, 03 Jul 2020 16:47:05 GMT
accept-ranges: bytes
etag: "df2985955951d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:10 GMT
content-length: 32038
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Scripts/jquery-1.11.3.min.js
89.22.100.170200 OK 0 B URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Scripts/jquery-1.11.3.min.js
IP 89.22.100.170:0
Analyzer Verdict Alert fortinet Phishing
GET /Scripts/jquery-1.11.3.min.js HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:49:44 GMT
accept-ranges: bytes
etag: "df2f16f45951d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CLato%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic&ver=5.3.4
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CLato%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic&ver=5.3.4
IP 142.250.74.10:0
GET /css?family=Open+Sans%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CLato%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A1%2C200%2C300%2C400%2C400italic%2C500%2C700%2C700italic%2C900%2C900italic&ver=5.3.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 01:57:06 GMT
date: Fri, 02 Dec 2022 01:57:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
leonmediabepdx.k1-sporthotel.de/Content/bootstrap.min.css
89.22.100.170200 OK 0 B URL HTTP/2 leonmediabepdx.k1-sporthotel.de/Content/bootstrap.min.css
IP 89.22.100.170:0
GET /Content/bootstrap.min.css HTTP/1.1
Host: leonmediabepdx.k1-sporthotel.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leonmediabepdx.k1-sporthotel.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 16:49:01 GMT
accept-ranges: bytes
etag: "2df9c5da5951d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Dec 2022 01:57:06 GMT
X-Firefox-Spdy: h2