hct-busvermietung.de/DHL/dhl/info.php
78.47.185.214301 Moved Permanently 323 B URL HTTP/1.1 hct-busvermietung.de/DHL/dhl/info.php
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7b13c47b34bd54df661f543410c53962
0daabf4d03555a070ffa0b90d1b3bc56d979f3d9
0a7d1a6a95b3b7cc0a220dc2cc4bb95ed6d8f55075f145352ced758d422ff789
Analyzer Verdict Alert fortinet Phishing
GET /DHL/dhl/info.php HTTP/1.1
Host: hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 05:06:28 GMT
Server: Apache
Location: https://hct-busvermietung.de/DHL/dhl/info.php
Content-Length: 323
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14333
Expires: Sun, 29 Jan 2023 09:05:21 GMT
Date: Sun, 29 Jan 2023 05:06:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16416
Expires: Sun, 29 Jan 2023 09:40:04 GMT
Date: Sun, 29 Jan 2023 05:06:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 04:43:07 GMT
content-type: application/json
age: 1401
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9453
Expires: Sun, 29 Jan 2023 07:44:01 GMT
Date: Sun, 29 Jan 2023 05:06:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 83O7j8a8+q0yuvy2ln+KPTSSEvqAoFPF8GHqXkGpBW1isck7oPsluMZmloXcmdRwS13TvOv3jBAP7EWnF1SXTw==
x-amz-request-id: MH9SCJB1BHV0SNMJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 04:50:11 GMT
age: 977
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
hct-busvermietung.de/DHL/dhl/info.php
78.47.185.214302 Found 296 B URL HTTP/2 hct-busvermietung.de/DHL/dhl/info.php
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7fdd7c076dcd7332c27fd6ce63856ba6
2d3c5d420ed56a24d5fb3bb27311ae60df414a99
92836ca573e4d3f6ca6d86026f8af2c027e66b6bef848e314a9793444112ec9c
Analyzer Verdict Alert fortinet Phishing
GET /DHL/dhl/info.php HTTP/1.1
Host: hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
location: http://www.hct-busvermietung.de/index.php
content-length: 296
content-type: text/html; charset=iso-8859-1
date: Sun, 29 Jan 2023 05:06:28 GMT
server: Apache
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 05:06:28 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.hct-busvermietung.de/index.php
78.47.185.214301 Moved Permanently 324 B URL HTTP/1.1 www.hct-busvermietung.de/index.php
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5078abade005675eea020462260f722a
585e5ebfafc52c1ecf2b08d1795c9b6993a76984
a1add94913fad123d9a14825f78dd2e4cd5c7254336e9c56f74e4c13b2e862c5
GET /index.php HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 05:06:29 GMT
Server: Apache
Location: https://www.hct-busvermietung.de/index.php
Content-Length: 324
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 04:41:41 GMT
age: 1488
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15243
Expires: Sun, 29 Jan 2023 09:20:32 GMT
Date: Sun, 29 Jan 2023 05:06:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 855
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:29 GMT
Last-Modified: Sun, 29 Jan 2023 04:52:14 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 855
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:29 GMT
Last-Modified: Sun, 29 Jan 2023 04:52:14 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32038)
Hash 103708790db3586027df27ded660f8ef
d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70
fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 13:49:19 GMT
expires: Thu, 25 Jan 2024 13:49:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 314230
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/logo-big.png
78.47.185.214200 OK 31 kB URL HTTP/2 www.hct-busvermietung.de/images/logo-big.png
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 240 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash b70cff8b437c2e7515f32ee717bd299a
42e24f16a61cd41832a807f926660c3e98440aa3
451f456cabb3a0fb900e4cdc0940aabe3ff49ee8c62c9e46dac3b8e1f475695e
GET /images/logo-big.png HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:01:34 GMT
etag: "79e4-5e79c5ff2439b"
accept-ranges: bytes
content-length: 31204
content-type: image/png
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hct-busvermietung.de/images/T%C3%9CV_Saarland_neu_high-res.png
78.47.185.214200 OK 46 kB URL HTTP/2 www.hct-busvermietung.de/images/T%C3%9CV_Saarland_neu_high-res.png
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 525 x 384, 8-bit/color RGBA, non-interlaced\012- data
Hash e044d9ac8d5497cdd2cf5bd70840c3b7
61db24ac44113cb12dde9be7c8a45d2326695fd3
6b8d26598fb5d682d123a1696f8def1d92755cf4a65279bd6cfcc6d67a03ed2d
GET /images/T%C3%9CV_Saarland_neu_high-res.png HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:01:35 GMT
etag: "b376-5e79c60050098"
accept-ranges: bytes
content-length: 45942
content-type: image/png
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/media/mod_languages/images/de_de.gif
78.47.185.214200 OK 62 B URL HTTP/2 www.hct-busvermietung.de/media/mod_languages/images/de_de.gif
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 87a, 18 x 12\012- data
Hash cec19601792bd53172f7a21b1bba3f81
fbf24a8e93d16781a4588b372362b532aa60d3c1
724d23202a5a606a79ef4d88b3a8632f0e38f94b55a435efba624f51172fe5ec
GET /media/mod_languages/images/de_de.gif HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:07:02 GMT
etag: "3e-5e79c7384d1a6"
accept-ranges: bytes
content-length: 62
content-type: image/gif
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/logo-small.png
78.47.185.214200 OK 7.7 kB URL HTTP/2 www.hct-busvermietung.de/images/logo-small.png
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 166 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash d63242e30914051f082c70f1e135f573
5e1f887dca1b726bb6eee7e558a327368b57a2e7
6477993170131bdf3ade64889c5e9a1802cd9886b0882ed4f71a459bd0cfd9b2
GET /images/logo-small.png HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:01:35 GMT
etag: "1e29-5e79c6001b4d3"
accept-ranges: bytes
content-length: 7721
content-type: image/png
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?libraries=places&sensor=true_or_false&key=AIzaSyAfpf8DChlv9tCurGQ-vlhDsunmYILjnbg
142.250.74.106200 OK 55 kB URL HTTP/2 maps.googleapis.com/maps/api/js?libraries=places&sensor=true_or_false&key=AIzaSyAfpf8DChlv9tCurGQ-vlhDsunmYILjnbg
IP 142.250.74.106:0
File type ASCII text, with very long lines (2459)
Hash c92c54555653be9a2293096806544909
c1c565406a2396117d3cd470f93a7573a9b9fa0e
426c1e7044ed522796c2a9d04923a0830030afab7346b00b51b721f045297829
GET /maps/api/js?libraries=places&sensor=true_or_false&key=AIzaSyAfpf8DChlv9tCurGQ-vlhDsunmYILjnbg HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sun, 29 Jan 2023 05:06:29 GMT
expires: Sun, 29 Jan 2023 05:36:29 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55277
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=32
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/Kostenloser_Service_XL.png
78.47.185.214200 OK 26 kB URL HTTP/2 www.hct-busvermietung.de/images/Kostenloser_Service_XL.png
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 140 x 112, 8-bit/color RGBA, non-interlaced\012- data
Hash a94c0ee50127f27b0f29051c3e9beb43
4a4e183577bfd2ce2c592b4814f2f57e571ca28b
5f7833f83c91564a39311b44298e99c436ff9fc561e238f52bc802b6b125d484
GET /images/Kostenloser_Service_XL.png HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:01:35 GMT
etag: "647b-5e79c6002fcf5"
accept-ranges: bytes
content-length: 25723
content-type: image/png
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PGKN6XV
142.250.74.168200 OK 56 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PGKN6XV
IP 142.250.74.168:0
File type ASCII text, with very long lines (3989)
Hash cd85d1a59d2fdcbf5d363494b03f40e6
a7009c20ab669b0f6bce5f4a9c41a3fc6bc0c288
084f556f41343e248cc9f49100a7dd7b785d5d81a194a51b895dd09d03bdb3e3
GET /gtm.js?id=GTM-PGKN6XV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 05:06:29 GMT
expires: Sun, 29 Jan 2023 05:06:29 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55816
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.hct-busvermietung.de/media/mod_languages/images/es.gif
78.47.185.214200 OK 169 B URL HTTP/2 www.hct-busvermietung.de/media/mod_languages/images/es.gif
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 87a, 18 x 12\012- data
Hash 2773d70dd10b25208af0e02151ddaef9
ee6eab80cfbac5bb362161cb0fbe4cc2b9b5c33d
4b488639f0cf5d69cef7b5465329f797697dcf8d930728eae793f1e41d913a57
GET /media/mod_languages/images/es.gif HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:07:05 GMT
etag: "a9-5e79c73ad1a64"
accept-ranges: bytes
content-length: 169
content-type: image/gif
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/templates/purity_iii/js/css/owl.carousel.css
78.47.185.214200 OK 528 B URL HTTP/2 www.hct-busvermietung.de/templates/purity_iii/js/css/owl.carousel.css
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
Hash a70757c9c5b45b8b3e693066dee5c63c
4ddc02d2eac2bb1a9ccc446ff1e19641ee8f7279
97e2ca1b06a80ecd57e1514d54bec8904727d25dc47f878b41d204c72e8535de
GET /templates/purity_iii/js/css/owl.carousel.css HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 15:38:24 GMT
etag: "5c4-5e78b499c27c7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 528
content-type: text/css
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/templates/purity_iii/js/css/owl.theme.css
78.47.185.214200 OK 606 B URL HTTP/2 www.hct-busvermietung.de/templates/purity_iii/js/css/owl.theme.css
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
Hash 7153bc3a86860f6f15d1692a533065ce
87d1535b7fa4ee23c1dd8976ef115c2603a3d74a
6be2a352cfebf5b9a6c730341fed8644fd21d8c373834cda6bf4b651275b9872
GET /templates/purity_iii/js/css/owl.theme.css HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 15:38:25 GMT
etag: "681-5e78b499d1228-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 606
content-type: text/css
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/templates/purity_iii/js/owl.carousel.js
78.47.185.214200 OK 8.8 kB URL HTTP/2 www.hct-busvermietung.de/templates/purity_iii/js/owl.carousel.js
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
Hash 39c690419159637e1f3977c8dfb5718d
202b2d75966f313aec83f414d0845154e2d9384b
04a284e3609cc5cc5be472faf440515595190574f61b9f46c5c6fbec298a684f
GET /templates/purity_iii/js/owl.carousel.js HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 15:38:17 GMT
etag: "ce3d-5e78b4922efcc-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8751
content-type: application/javascript
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/templates/purity_iii/js/waypoints-sticky.min.js
78.47.185.214200 OK 480 B URL HTTP/2 www.hct-busvermietung.de/templates/purity_iii/js/waypoints-sticky.min.js
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (944), with no line terminators
Hash 517877a7644c891e883e0ca10b2fe63b
8468f12da375eb9e187eba21ae6714049e95dd3c
c848127049ddbd363cec5ce77b6ca54cf63b4c6280ae13ccb9936bf95bff3bb0
GET /templates/purity_iii/js/waypoints-sticky.min.js HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 15:38:15 GMT
etag: "3b0-5e78b4910908f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 480
content-type: application/javascript
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/templates/purity_iii/js/waypoints.min.js
78.47.185.214200 OK 2.4 kB URL HTTP/2 www.hct-busvermietung.de/templates/purity_iii/js/waypoints.min.js
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (7828), with no line terminators
Hash 8d64f0be8a3dccd78942f2ef95f20f27
bed236d44f4336ba54b2104af4ad45e7d7e2db33
6b42bce9d7844e4b00c460241f5d505d65b504c8aeb8f8e3731645ba0059e488
GET /templates/purity_iii/js/waypoints.min.js HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 15:38:17 GMT
etag: "1e94-5e78b492c65ba-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2443
content-type: application/javascript
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hct-busvermietung.de/images/HCT/slider/Erstklassiger-Service.jpg
78.47.185.214200 OK 14 kB URL HTTP/2 www.hct-busvermietung.de/images/HCT/slider/Erstklassiger-Service.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.0.6], baseline, precision 8, 287x191, components 3\012- data
Hash ff69d3249201f93e1e35297a1056752e
67c9bf8856c4617fef2b619750e63201fffd4e65
a31682de765c4b84d62a635074da3084775aa4e63d85cb2d1b4e62f62e474f2d
GET /images/HCT/slider/Erstklassiger-Service.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:05 GMT
etag: "3898-5e79c6c8bcdc7"
accept-ranges: bytes
content-length: 14488
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/HCT/slider/Moderne-Busflotte.jpg
78.47.185.214200 OK 16 kB URL HTTP/2 www.hct-busvermietung.de/images/HCT/slider/Moderne-Busflotte.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.0.6], baseline, precision 8, 287x191, components 3\012- data
Hash 926e3dede50bda208674281099779b49
98451f751264b1af2ed494846a7ac7d3ce26f93a
00d914dd26b77baa2dc998173aab9979d25df67c99a62f6a11dc0afe5d57b8e0
GET /images/HCT/slider/Moderne-Busflotte.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:05 GMT
etag: "3d92-5e79c6c896c63"
accept-ranges: bytes
content-length: 15762
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/HCT/slider/Limousinen-MiniVans.jpg
78.47.185.214200 OK 17 kB URL HTTP/2 www.hct-busvermietung.de/images/HCT/slider/Limousinen-MiniVans.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.0.6], baseline, precision 8, 287x191, components 3\012- data
Hash fc88271b3561a140713a68d56e44800a
35d1365685d079f4aa49f26c976168d3141e7dca
20763a23fd5d6bd4ae1fc98f6338cdb66baff9c9c3f445f7177f4a69139755b2
GET /images/HCT/slider/Limousinen-MiniVans.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:05 GMT
etag: "42f9-5e79c6c88dfc3"
accept-ranges: bytes
content-length: 17145
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/HCT/slider/Komfortables-Reisen.jpg
78.47.185.214200 OK 19 kB URL HTTP/2 www.hct-busvermietung.de/images/HCT/slider/Komfortables-Reisen.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.0.6], baseline, precision 8, 287x191, components 3\012- data
Hash 86e7476c3838ac796744701f31e1c665
3d4c9a0a56c521f4f9c8615902c75c7f4d7eda28
caca84c3c9eaf90db13052e59030479601d5415d672714f251448779bb0b1e6f
GET /images/HCT/slider/Komfortables-Reisen.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:05 GMT
etag: "4aeb-5e79c6c86209e"
accept-ranges: bytes
content-length: 19179
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/HCT/slider/Event-Logistik.jpg
78.47.185.214200 OK 19 kB URL HTTP/2 www.hct-busvermietung.de/images/HCT/slider/Event-Logistik.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.0.6], baseline, precision 8, 287x191, components 3\012- data
Hash 75608355ab4e22f19e96e2d3c99e1204
7395fd5c1012068800d5f0e0fa1e3eb0a03d4981
899bc90c44b5b12238f5be4a3b3ec697f343ca187276cf91a9140ed91f5dfa2b
GET /images/HCT/slider/Event-Logistik.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:05 GMT
etag: "4974-5e79c6c87b6e1"
accept-ranges: bytes
content-length: 18804
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/HCT/slider/Gesch%C3%A4ftsreisen.jpg
78.47.185.214200 OK 22 kB URL HTTP/2 www.hct-busvermietung.de/images/HCT/slider/Gesch%C3%A4ftsreisen.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.0.6], baseline, precision 8, 287x191, components 3\012- data
Hash 34572da898e74d7672aa38e8ccfad502
e7072b195723bc15e60b4a0844b5428cc0177203
f1fc00cbc1a91bacd0dc8f7fcc8ea5a741fa9d6f63994f74f764de713606f580
GET /images/HCT/slider/Gesch%C3%A4ftsreisen.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:05 GMT
etag: "5671-5e79c6c8593fd"
accept-ranges: bytes
content-length: 22129
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/HCT/slider/Kongresse-Messen.jpg
78.47.185.214200 OK 22 kB URL HTTP/2 www.hct-busvermietung.de/images/HCT/slider/Kongresse-Messen.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.0.6], baseline, precision 8, 287x191, components 3\012- data
Hash 2c0fe5582b0e8958a3d154716215e75c
5fee7f61624c2a095f76ff318c99e7ff478e0d14
3220fe35e07681591385203cd48de04c28d0c0236942bcdc11b308735b374719
GET /images/HCT/slider/Kongresse-Messen.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:05 GMT
etag: "5608-5e79c6c8c8948"
accept-ranges: bytes
content-length: 22024
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/HCT/paypal-t.png
78.47.185.214200 OK 23 kB URL HTTP/2 www.hct-busvermietung.de/images/HCT/paypal-t.png
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 238 x 92, 8-bit/color RGBA, non-interlaced\012- data
Hash 634af9b02ed4e7dc83c61439f71dcc15
b40868c4bb3627d19a6a8ecef5eb968da6153644
ca95420083048f6a1b2b597fd8ddb3422e3e5cab0938f811649b806556010928
GET /images/HCT/paypal-t.png HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:02:42 GMT
etag: "5aa7-5e79c63fd5297"
accept-ranges: bytes
content-length: 23207
content-type: image/png
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/HCT/slider/Sympathisches-Fahrpersonal.jpg
78.47.185.214200 OK 23 kB URL HTTP/2 www.hct-busvermietung.de/images/HCT/slider/Sympathisches-Fahrpersonal.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.0.6], baseline, precision 8, 287x191, components 3\012- data
Hash 11e4fbe076390a6072afee15067b560c
a757607704b7215bec0a11dbe2861d3be2e2b3cb
4d5187713d16f7fe5756949c2d088f99e3d15f4d3b4416f9b86a98905f5280b5
GET /images/HCT/slider/Sympathisches-Fahrpersonal.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:05 GMT
etag: "5aed-5e79c6c84a99c"
accept-ranges: bytes
content-length: 23277
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/HCT/slider/Gruppenreisen.jpg
78.47.185.214200 OK 26 kB URL HTTP/2 www.hct-busvermietung.de/images/HCT/slider/Gruppenreisen.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=3, software=paint.net 4.0.6], baseline, precision 8, 287x191, components 3\012- data
Hash 24dded2d5d3fc6132680542974dcf7cf
7401b5fa9171fe9f72236c27b1c59189041d310e
2697a2152005ca32cb15b15565c646fbdbff6bc72ed968df4687a9128be692be
GET /images/HCT/slider/Gruppenreisen.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:05 GMT
etag: "6744-5e79c6c872a40"
accept-ranges: bytes
content-length: 26436
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/media/system/css/system.css
78.47.185.214200 OK 549 B URL HTTP/2 www.hct-busvermietung.de/media/system/css/system.css
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
Hash 09bdb0f77d434024138c13bf7b431989
7725a4d1205abc67ae5c9c3e0403ceb5dac8717f
d768fe7147ee69f6a1cb0ddeaf9298537392aee0c4da5e21c03da28e5830abb8
GET /media/system/css/system.css HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/media/plg_jchoptimize/assets/gz/30/0/7763cd124048b8f311b531a4d84c3341.css
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:07:26 GMT
etag: "5a6-5e79c74eeb474-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 549
content-type: text/css
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.163.1.35101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.1.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 69duv/6ZDfmW7wZQOydaFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XTrBBpx1LSjls9xo+vYhB6FAVkU=
www.hct-busvermietung.de/images/HCT/slider/Event-Koordination.jpg
78.47.185.214200 OK 1.4 kB URL HTTP/2 www.hct-busvermietung.de/images/HCT/slider/Event-Koordination.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 26 x 26\012- data
Hash 8484b1759a630553fac4787ebb8e0833
af544deefb7373801551e15ecc73da556dcf2b7b
70322ad3c05b519c4ef18158cb96107f4c1c15b6df412fc764bae877fc6d9557
GET /images/HCT/slider/Event-Koordination.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:05 GMT
etag: "51ae-5e79c6c8a4725"
accept-ranges: bytes
content-length: 20910
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/plugins/system/t3/base-bs3/fonts/font-awesome/font/fontawesome-webfont.woff
78.47.185.214200 OK 44 kB URL HTTP/2 www.hct-busvermietung.de/plugins/system/t3/base-bs3/fonts/font-awesome/font/fontawesome-webfont.woff
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 43572, version 1.0\012- data
Hash b683029bafe0305ac2234038a03e1541
12f8c193902e99348493ace32e498031bf79b654
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
GET /plugins/system/t3/base-bs3/fonts/font-awesome/font/fontawesome-webfont.woff HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/media/plg_jchoptimize/assets/gz/30/0/7763cd124048b8f311b531a4d84c3341.css
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE; _gcl_au=1.1.891073297.1674968796
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:18:44 GMT
etag: "aa34-5e79c9d57bc48"
accept-ranges: bytes
content-length: 43572
content-type: font/woff
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
sw-assets.ekomiapps.de/static_resources/widget.js
54.192.99.23200 OK 346 B URL HTTP/2 sw-assets.ekomiapps.de/static_resources/widget.js
IP 54.192.99.23:0
File type ASCII text, with very long lines (346), with no line terminators
Hash 87cc6c5e2b6611d43a3e35da657e4751
061fea9f18a3b3f8ac0efa04ed9a41286a7142c1
f51590d5dc8f61cfc0c025dfc89f35c726bef31ec33664ff8bebbb73e4fae660
GET /static_resources/widget.js HTTP/1.1
Host: sw-assets.ekomiapps.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 346
date: Wed, 28 Dec 2022 01:15:28 GMT
last-modified: Wed, 02 Nov 2022 08:19:32 GMT
etag: "87cc6c5e2b6611d43a3e35da657e4751"
cache-control: max-age=31536000,public
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 3529bf84e9522012233c3dd2a59fdfe8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: PtawdYljRaYOclS5xyOhrTWSJ5LztjK2kFWmcTMoCq4aSAdPTZ62RA==
age: 2778662
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/apple_touch_icon_114.png
78.47.185.214200 OK 6.1 kB URL HTTP/2 www.hct-busvermietung.de/images/apple_touch_icon_114.png
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 114 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash 09eb4d4a55925ff87a0876d15f2ed778
1ba5a3ed50bc59954057b00b7f72ba05fdd80a55
7193dfe3be2e93f9fd0b7623b8a07cb1f7d9fd5c36263acc463294174bbf48e5
GET /images/apple_touch_icon_114.png HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE; _gcl_au=1.1.891073297.1674968796
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:01:34 GMT
etag: "17cc-5e79c5ff9c587"
accept-ranges: bytes
content-length: 6092
content-type: image/png
date: Sun, 29 Jan 2023 05:06:30 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/templates/purity_iii/favicon.ico
78.47.185.214200 OK 1.2 kB URL HTTP/2 www.hct-busvermietung.de/templates/purity_iii/favicon.ico
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b0f5558acf4eb73d5513865650bac351
b0d456fe2535085911577750414a7e1303e85556
6fc3dc06f459f80df6b1a20996e77aa777c1e31fa971470e093f1105919775f0
GET /templates/purity_iii/favicon.ico HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE; _gcl_au=1.1.891073297.1674968796
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 15:38:10 GMT
etag: "47e-5e78b48bfa153"
accept-ranges: bytes
content-length: 1150
content-type: image/vnd.microsoft.icon
date: Sun, 29 Jan 2023 05:06:30 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 03:46:59 GMT
expires: Sun, 29 Jan 2023 05:46:59 GMT
cache-control: public, max-age=7200
age: 4771
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5673
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:30 GMT
Last-Modified: Sun, 29 Jan 2023 03:31:57 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
104.18.10.207200 OK 6.7 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (21822)
Hash becd5fa9da1d5ded036f4ee1bba08bbd
97606ea2159f2403e5853309665854914a4d8dd2
04ef2721b01ff91c70770b88ab6ee957bb999095076490afcb545838cadb9851
GET /font-awesome/4.2.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 05:06:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 718, 718
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 2021-04-13 02:36:00
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 357c5298f2849c0ce9712c57ec240f4e
cdn-cache: HIT
cf-cache-status: HIT
age: 865233
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 790f7056afd0b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 677574c4d6c61909f3b923d6c0944aaf
a70e6323cc046b724a52ee3b05239d7510d32c1d
47e51ecfe2eed8486c7208f9624c17a1e08b383fcd962a9a678abfb9324346e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
142.250.74.99200 OK 1.6 kB URL HTTP/2 maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
IP 142.250.74.99:0
File type PNG image data, 120 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash f28a13545ca7be5cd9ea31bdd9ea7f8e
f4f45a59720b9d637b1e7e0ed5783ee84887287f
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
GET /mapfiles/api-3/images/powered-by-google-on-white3.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 1616
date: Sun, 29 Jan 2023 05:06:30 GMT
expires: Sun, 29 Jan 2023 05:06:30 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
142.250.74.99200 OK 3.4 kB URL HTTP/2 maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
IP 142.250.74.99:0
File type PNG image data, 34 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e9dd969ceb057a228067a1c539127f9
fb2da26959858054157960bb7f8e6c145648eaac
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
GET /mapfiles/api-3/images/autocomplete-icons.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 3351
date: Sun, 29 Jan 2023 05:06:30 GMT
expires: Sun, 29 Jan 2023 05:06:30 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=708255257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hct-busvermietung.de%2Findex.php&ul=en-us&de=UTF-8&dt=Mieten%20Sie%20ihren%20Bus%20zu%20besten%20Preisen%20-%20HCT-Busvermietung&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBAgAABAAAAAAAAI~&jid=381264014&gjid=2135728800&cid=606511916.1674968796&tid=UA-51860981-1&_gid=1872512814.1674968796&z=1634043143
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=708255257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hct-busvermietung.de%2Findex.php&ul=en-us&de=UTF-8&dt=Mieten%20Sie%20ihren%20Bus%20zu%20besten%20Preisen%20-%20HCT-Busvermietung&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBAgAABAAAAAAAAI~&jid=381264014&gjid=2135728800&cid=606511916.1674968796&tid=UA-51860981-1&_gid=1872512814.1674968796&z=1634043143
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j99&aip=1&a=708255257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hct-busvermietung.de%2Findex.php&ul=en-us&de=UTF-8&dt=Mieten%20Sie%20ihren%20Bus%20zu%20besten%20Preisen%20-%20HCT-Busvermietung&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBAgAABAAAAAAAAI~&jid=381264014&gjid=2135728800&cid=606511916.1674968796&tid=UA-51860981-1&_gid=1872512814.1674968796&z=1634043143 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Sat, 28 Jan 2023 11:59:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 61607
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.78200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1429)
Hash f8971f3ad662af35a2ca6871f8c78482
35a0b814d6ecec8deacc9aea87ce9be62b15d92b
a438d380bab44504b1ff13673a0e041c6ac6645d03926e7f076465d1fe049765
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Sun, 29 Jan 2023 05:06:30 GMT
expires: Sun, 29 Jan 2023 05:06:30 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9dea963ca1c75dde"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5673
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:30 GMT
Last-Modified: Sun, 29 Jan 2023 03:31:57 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
142.250.74.78200 OK 53 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
IP 142.250.74.78:0
File type ASCII text, with very long lines (1448)
Hash 0352bb776d2cb7e28ed4294ef240bc8e
8a00fccf1aa5746c76e7c9053a9d64d0be917de5
3f6a4eab3c990f88af494e19777e6f8131065e9d2a412806579eaeb7c8e51fa7
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 52558
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 22:29:11 GMT
expires: Thu, 25 Jan 2024 22:29:11 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
content-type: text/javascript; charset=UTF-8
age: 283039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sw-assets.ekomiapps.de/static_resources/jquery.min.js
54.192.99.23200 OK 120 kB URL HTTP/2 sw-assets.ekomiapps.de/static_resources/jquery.min.js
IP 54.192.99.23:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 120 kB (120138 bytes)
Hash e016c7f3d432251593ee45452463c40c
1eda423870800462c4c280e39c883cd3d383f0d2
f8bc97a28227dd090649c773ea4b2ab63cd664c503b40db0c7b59233f70aa54b
GET /static_resources/jquery.min.js HTTP/1.1
Host: sw-assets.ekomiapps.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:56:08 GMT
last-modified: Tue, 19 Nov 2019 20:26:08 GMT
etag: W/"a15c0a89a27a8a9a8f01d2383c8aa86b"
cache-control: max-age=31536000,public
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3529bf84e9522012233c3dd2a59fdfe8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: kgtPxaat8ImcdpPn9wUEUxXVAM-_4H-ZdpyvY4AZZAJvzeul4NeE7A==
age: 4594223
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-51860981-1&cid=606511916.1674968796&jid=381264014&gjid=2135728800&_gid=1872512814.1674968796&_u=YGBAgAABAAAAAEAAI~&z=602549781
64.233.165.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-51860981-1&cid=606511916.1674968796&jid=381264014&gjid=2135728800&_gid=1872512814.1674968796&_u=YGBAgAABAAAAAEAAI~&z=602549781
IP 64.233.165.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-51860981-1&cid=606511916.1674968796&jid=381264014&gjid=2135728800&_gid=1872512814.1674968796&_u=YGBAgAABAAAAAEAAI~&z=602549781 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.hct-busvermietung.de
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.hct-busvermietung.de
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 29 Jan 2023 05:06:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 05:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7537
Expires: Sun, 29 Jan 2023 07:12:07 GMT
Date: Sun, 29 Jan 2023 05:06:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7537
Expires: Sun, 29 Jan 2023 07:12:07 GMT
Date: Sun, 29 Jan 2023 05:06:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7537
Expires: Sun, 29 Jan 2023 07:12:07 GMT
Date: Sun, 29 Jan 2023 05:06:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ed721e83648418f4a5d64f9d038fd1a
7a311c79e311448941a8d624c1064b1a2d97cfbd
b961e73aaba814eec66532ceeafad5191371fc762b05338990e8cc9c8ecfcbff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6875
x-amzn-requestid: 5fb13e91-8750-4dd9-90a2-f1218ea6009b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fS9t2E0AoAMF_LA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d10ff2-22e819312302377c4bf698ff;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 11:18:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QH_-DX5fiBhfS9MVH6pJi57mqFRRPSPf0iDbp_5BHE1jUqCZvvPesQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:21 GMT
age: 26409
etag: "7a311c79e311448941a8d624c1064b1a2d97cfbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cbbc57c4e469baec1bda006407877cc
e988f007b1f9ec2327e7817f38cf56202096aeae
5237a8a8a7aa1fe59548582abf726fe77ad9e1fad8535bb5f88519dc6e779a86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6158
x-amzn-requestid: 034023e1-bd96-4c41-aa48-cccf5fa7b366
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feLdTEXToAMF5Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d58c54-5390c17952d82d9108bdd3f8;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:57:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ACe_e899vrvXgDH3SKhGkebo6EgwW3c97aiFsr_p0g0cyWhl0XmjIg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:04:06 GMT
etag: "e988f007b1f9ec2327e7817f38cf56202096aeae"
content-type: image/jpeg
age: 18144
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e59316e1b1333c42d9d120fa88619bc2
669cdc8dfeba9d64f93f260adbb5f493a5649bb0
c4e78ec96322f1f151b07f9a45d51e6ca3fd46613472cf627f53bf399193a533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9398
x-amzn-requestid: 5083c66c-ad64-4f73-b915-d29ddabcdb4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6XEc1IAMFsbQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-0779693a5da31eae195989d1;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2MPzkEPg3JESo6g5D7E2LN53G-zYF__aFQmDg9DzSRxg0E19j1Iwkw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:32:41 GMT
age: 5629
etag: "669cdc8dfeba9d64f93f260adbb5f493a5649bb0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61dd48155b70501a72ec13f79745433d
4efc3d15f04a290a590b54122822d55a9d3fa1ca
9345056c111439b34aff08323fc99a2d315fa91293039dc5acf67affb50636d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4202
x-amzn-requestid: d33bee10-9642-4138-8dde-3486ec7f6535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa9ABFFvIAMFbqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d441ff-3b3a99db469e3f8c068d553c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:28:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RIvTaBE3RpB7sP9Bb1Ku1ItsiaCFKNmyHArESR1FuqDIHXt2uOLG6A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 06:41:58 GMT
age: 80672
etag: "4efc3d15f04a290a590b54122822d55a9d3fa1ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 41434
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a8d215-2977-45a6-a7ee-976f499397f9.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a8d215-2977-45a6-a7ee-976f499397f9.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b40aad973e1480deaad2d03e44bf338
09f0b92c397103a18408d01ec8bae135fcdc64ef
f0edf655c65a39dfb6b431b0862979b07e83f306e4330136aeb98e13cff36bd6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a8d215-2977-45a6-a7ee-976f499397f9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10918
x-amzn-requestid: 61eec1e7-b131-43ea-9ee5-8f181d7aec93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHwH3HloIAMFRFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc93cb-1402f8c719a98ac717fe1c94;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 01:39:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9LrDmGmNvqt_0_dD_NIw1LxGk1_EiEXhfgDZPsRB4JqHI5QMH84ddw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:54 GMT
age: 26376
etag: "09f0b92c397103a18408d01ec8bae135fcdc64ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hct-busvermietung.de/modules/mod_cookiesaccept/img/przez_b.png
78.47.185.214200 OK 923 B URL HTTP/2 www.hct-busvermietung.de/modules/mod_cookiesaccept/img/przez_b.png
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9269561b7fc228540c7c1f82188d6844
8f89318307a2af9e1cb38adc0e2a6f235529a1bd
0b142741ee24dab128bc6ae909fb554e0a96cfc4d5cdfa7b5dd4638c20c76c9f
GET /modules/mod_cookiesaccept/img/przez_b.png HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE; _gcl_au=1.1.891073297.1674968796; _ga=GA1.2.606511916.1674968796; _gid=GA1.2.1872512814.1674968796; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:03:51 GMT
etag: "39b-5e79c68283e03"
accept-ranges: bytes
content-length: 923
content-type: image/png
date: Sun, 29 Jan 2023 05:06:31 GMT
server: Apache
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/W2aFcKfyOAO.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/W2aFcKfyOAO.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type assembler source, ASCII text, with very long lines (2642)
Hash 8cabeba3002c5764d14be28aca6290e9
74c3b412d663d70d9fd16e54887735d7bb8870b9
c542e60407637cf3e7fe7eebc21e723180c8bcd26dacb57c98c6e20af635f52e
GET /rsrc.php/v3/yT/l/0,cross/W2aFcKfyOAO.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 28 Jan 2024 18:40:57 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: jKvrowAsV2TRS+KKymKQ6Q==
x-fb-debug: Id62GepPt5ik1QIYfY00A3b74wTsRx+P8Y8JcHJGj5iG1Sj9T1EgrIb56aOvyDxaACmYLfxZqh2swid50XCPNw==
content-length: 4809
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/MNmosChZJhQ.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/MNmosChZJhQ.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash 399182b9034230c2ad272f905a9f9a92
a361cbbb9ed2b5ab8f7ba04b5237893dff19fdab
b33e1292301c35be9ad01dcdc3850fa69852475360c6dbfd3daede8eff34a6a4
GET /rsrc.php/v3/yK/l/0,cross/MNmosChZJhQ.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 28 Jan 2024 18:33:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: OZGCuQNCMMKtJy+QWp+akg==
x-fb-debug: VBNBwhev9zbpyUuqP8NqrdHjALtFulDU2y1GsG6l6spJqGIPkxr11XQtMtFsaO/3QGptZ2CE67L9WVWDGFcKEg==
content-length: 5141
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 830 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d
GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 25 Jan 2024 21:58:11 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: n41Kk8Orx4KK8afmNGKZWeeKORTcrB9k2NrmpScnBjU0KpN9EayH+0XeOyzkI9QdAazUKIftCk/sGEJDCzdyvg==
content-length: 830
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cwBc1FhMd71.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cwBc1FhMd71.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (10262)
Hash 42a4a3e1cf28058bc22eb837b4f7d394
94a1e3b3ef7b5b78bc4212044f67677eb3b91c48
4b8a4e5210ff0605bf57f43ea41b0ca2af6ca9aac060626a5457150810db8f2a
GET /rsrc.php/v3/yb/l/0,cross/cwBc1FhMd71.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 18 Jan 2024 17:16:18 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QqSj4c8oBYvCLrg3tPfTlA==
x-fb-debug: +3aAAzi7HKlDnRoV7bcUeZAzeMUPZyj5MdvHMsoYTmt0dhuGov+/BNXiqejTvdJAn80Abdp5EuYl/5333pT8xg==
content-length: 4392
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/ELgJLJUIdAW.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/ELgJLJUIdAW.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4583)
Hash da78e050866d3f57de1469e37cabfd70
f6ae420b228d4bc881c6d757aadf2d747983b5fb
9b5aa6ba6d62532d0edd177a5e2dc64daafd2f296b17565ff39fe8afbd9fc2a3
GET /rsrc.php/v3/y-/l/0,cross/ELgJLJUIdAW.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 26 Jan 2024 19:18:06 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 2njgUIZtP1feFGnjfKv9cA==
x-fb-debug: hSZFmNRJR0QOJGAdmEJOdAWqp78y9ISV0seB3392tJFt6MEv55dpjIa1GhiaSjZht9yBSMihXW5fxUg92BX90Q==
content-length: 4283
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/dIeog4kQ8bz.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 8.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/dIeog4kQ8bz.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (14181)
Hash 625c5c9893c3972649d43a20f9738673
da24d5abb35691cc5561b2a87a1c78a885ce571e
ecd0eff287c09fa25a7b6f43a24af9298cd556e419a2a4ae6f6f88d9cc0c5cd2
GET /rsrc.php/v3/yO/l/0,cross/dIeog4kQ8bz.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 25 Jan 2024 23:39:13 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: YlxcmJPDlyZJ1Dog+XOGcw==
x-fb-debug: ucqJprqSpRL0uwXlpgJgT+TksURE8HW0rLTuxy/ey5jJX3wKuT3rJouq5gFPT2SJZKNgq6rgxXIlXW5Y2tJ0Ng==
priority: u=3,i
content-length: 8228
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
54.192.99.23200 OK 97 kB URL HTTP/2 smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
IP 54.192.99.23:0
Hash 71d65252232c7afe40ab5dc0cd5648e2
9fc2b78e7ef4612ef95a8bd9eb06fc03c5b88fea
8c1c2ed55615ec2e269ade549ef10a24a3fb7fe24156386c2b7626adba6ebec1
GET /static_resources/f-widget.js HTTP/1.1
Host: smart-widget-assets.ekomiapps.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 19 Jan 2023 13:18:01 GMT
last-modified: Thu, 19 Jan 2023 13:17:30 GMT
etag: W/"c0e489b6016b2504a245f6f0ff562f06"
cache-control: max-age=31536000,public
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3529bf84e9522012233c3dd2a59fdfe8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: hwA1FTJwk-QT938F3d7OhctoQXAhExBBk94FhgSuIgV58RBZIzmXJQ==
age: 834510
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5542)
Hash 1ad15afc034f310427c81b0759603a2b
e5efd1d029dccf5fa8128c84aadb6544a4ab60e0
fedf63f655f9eef24c517c3d6762fb07b142213ba623d4a0b06614fb5d9754bd
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 02:24:38 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
x-fb-debug: pEykkd6AbeTapXx3dASeaboWWH5vF0eQ0XvPVGVfjL/a/hVxBnZ+h9PxXxydc1M8rRAaJrkuaHkhciGbnA9WYA==
priority: u=3,i
content-length: 12334
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/r/0jooLb3-GZj.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 18 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/r/0jooLb3-GZj.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (10595)
Hash 02f1b7b68cae3041d06a7a05b5a7fe1e
80278d8d009008c14ddad0aa1c0614cf5170d4ae
42c82038ad279453ee082c0661d76f99060d413813cba3570868494edbbee3ab
GET /rsrc.php/v3/ys/r/0jooLb3-GZj.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 28 Jan 2024 18:28:28 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: AvG3toyuMEHQanoFtaf+Hg==
x-fb-debug: t58jdVrLA9yViWrSSNNY3ZckCqUcxfgUnnMPlQaPE1HmOxbKq3GzjiGwMhXlpfoCBSvbKx3nqsVVVBITVXev8Q==
priority: u=3,i
content-length: 17709
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y2/l/de_DE/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iAxA4/y2/l/de_DE/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (42218)
Hash aa98137630757f7f72d35f0c5c6c8945
8decf51eeac71740336bb2be62791d3b30c8371f
4dae3a972d438cb0f5ad8472b7d9f87feb92c899922903d961052add9cf9996d
GET /rsrc.php/v3iAxA4/y2/l/de_DE/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 25 Jan 2024 16:49:28 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: qpgTdjB1f39y018MXGyJRQ==
x-fb-debug: GOrePa+DcojkXyHoX51Q2uu3GtKAWABc5daLfR/fLvXAM7FPKYenJTEtTVxIfPUjaDv7NdSgy/NgCiNNcER29A==
priority: u=3,i
content-length: 23597
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y2/r/hWOdyLOhufr.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y2/r/hWOdyLOhufr.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4057)
Hash 4542c58795523351cacfecdb315eba00
e44e00242137798121e12b6cb4353fac2e127af3
ecb041648adda0cdbf6d2b01eed61e1cc22a1f3d33026ee58c3b89b4ca2e40e1
GET /rsrc.php/v3/y2/r/hWOdyLOhufr.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 01:28:44 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: RULFh5VSM1HKz+zbMV66AA==
x-fb-debug: i0ncaHtDBjmM9uo/ZFAq/gKHMlBmSClQknKF9ETAx7wiou3lK4R6AoCLD1bGxlirpvRWQGz68Gu8mabk9kQXlQ==
priority: u=3,i
content-length: 7168
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 293 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (327)
Hash 2f913d812811ef7e6fca30334c5972e2
d17caaa167443dc08696c672380f237e0db3fb02
ee8918a2f5d163099104b70f79065abc8fd309e69add57170546f2706956eef8
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 15:06:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: L5E9gSgR735vyjAzTFly4g==
x-fb-debug: B/Q6nzz2xy6vvuaerFLdaRo1ZwjavaPpXe2M/DXy1zll0kC5ya/y/zyAZjkxxl/64gM2neE6AmG50Ur0fsgwIg==
priority: u=3,i
content-length: 293
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/s0faeuC9AwY.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 56 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yJ/r/s0faeuC9AwY.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (48918)
Hash 6746d6e5c25010a2b475171f5e15e5c8
0f72cd46e54d5a213685575abb62e425f6940801
63db6f9aee139ecfdd9b8b4ce31f5c9a3df8e176bafcf686dd321c6a858a7e44
GET /rsrc.php/v3/yJ/r/s0faeuC9AwY.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 18 Jan 2024 21:34:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Z0bW5cJQEKK0dRcfXhXlyA==
x-fb-debug: qFmBbVF5sin8OxXQrsp3+LVBhavcO1vk2VcMIz9HgReFH6xgd33mYLRiJXw79jdtD8Tv8AN+Eas3ettPlRjYbw==
priority: u=3,i
content-length: 56377
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yM/r/uQ-GLcR3h5F.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yM/r/uQ-GLcR3h5F.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (9258)
Hash 52b76f9ae9008cf3e3f0163f4ce7a320
2c4d99ad86049eac02bdcbecc17eee94c9a98f1b
f69abfed963cbf1533665e6a86169d6af99c436136e8dbea9d4cad2702148cf9
GET /rsrc.php/v3/yM/r/uQ-GLcR3h5F.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 27 Jan 2024 05:05:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: UrdvmukAjPPj8BY/TOejIA==
x-fb-debug: LmUAqJxtGn8AqS942iCbcwCcEph+oeQ6qsQAtWQ9FCQ6KGKeqILcSlY0Ywr0v+QyxKkTGL/xpC2QtoRKuKwBdg==
content-length: 4792
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yd/r/TL4D9INH6MR.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 183 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yd/r/TL4D9INH6MR.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
Hash 283a9068415bc01d8d2855349cf2be5d
98ba5f5dc7a688bc5c8270a4e536b477a847b30b
f7ffaaf13d6ce34bfa339769c87f33a1a4bb23a51f82a6534cca26e7dc871746
GET /rsrc.php/v3/yd/r/TL4D9INH6MR.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 24 Jan 2024 19:08:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: KDqQaEFbwB2NKFU0nPK+XQ==
x-fb-debug: Ltd1F+6b9vrKe7y9ny0lfQUtZN0PBjLkvGKEH5d49vUi45RXfn3JXVbVu6vUbdQbmF1s9oePZeYwlT/QTo3ifQ==
priority: u=3,i
content-length: 183
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yu/r/6y4CCZM5a8v.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yu/r/6y4CCZM5a8v.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8848)
Hash 9734a0267b00a50c8eb7614bee9c6545
d8163bd9220aaa5674dbf00612b42505fb15f2cd
ca64b67c67b52c47e3a136997975c35e2a8c40751740bab7a88af53020dfcbe4
GET /rsrc.php/v3/yu/r/6y4CCZM5a8v.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 01:28:44 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: lzSgJnsApQyOt2FL7pxlRQ==
x-fb-debug: BATlYcVLyIBAh541jV8XRa/NqEaHn3WQGt3RJRnKe0WYnKUDqLS7mpP91ewWz+Bld/HQmmQ7jMcCHUn4AnACjA==
content-length: 16276
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/38he0vOu-5A.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/38he0vOu-5A.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (15336)
Hash c2178f84a4f7666e631a6e9db9acbe8f
4dcaaf2735258727a2e73b319531ce5cd6d8cda1
3ea495fab5fd5b89976d0da6ead6c3fe91ab031d743562a6bbc2cdd8151fe92f
GET /rsrc.php/v3/y6/r/38he0vOu-5A.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 24 Jan 2024 00:11:21 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: whePhKT3Zm5jGm6duay+jw==
x-fb-debug: MwvhntAdWyFsFPpHCxExAMBJxtTxDECein7qOqsTuCBg+fZt2lGKHsrc8Y1sjxIJK6VSN8qN8OFaBgbyVnB9Yg==
content-length: 16228
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iUY_4/ya/l/de_DE/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 9.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iUY_4/ya/l/de_DE/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5962)
Hash e3a5366d6b7c396bbe7d0ce9d90b47c7
e9b6e8457d8c38f4bbeedfbcc9683ce494e2fea3
d7816aea1b826412883c779fa47edc24ea53ecf3faba5f0f500a1a05c8435f7e
GET /rsrc.php/v3iUY_4/ya/l/de_DE/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 18 Jan 2024 18:27:22 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 46U2bWt8OWu+fQzp2QtHxw==
x-fb-debug: QtKfCzYDO6bwyMSZ57Ng+BwbUCVQ/mzbqQYTRAqQ3Q6ZuwHIKBZRG0C5rlSn55G6vr4/whvKtBhWaJNeV3+1QA==
priority: u=3,i
content-length: 9061
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1491)
Hash b95ec91a00eb9acc4ca4e48a770f98f5
a704edf62ce2d8a1508be31eb6c41aa2c1955a7e
b3624c76af91730fbcd365fdd8936512f4ea21a7dc1211cd12758e288821dd38
GET /rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 19 Jan 2024 03:31:02 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: uV7JGgDrmsxMpOSKdw+Y9Q==
x-fb-debug: ADuZ7Jju5H6qrxs6Y864rMf2T4eVbsD3JZUVT6QR+0xvTkTkpR0l+VaDBuLXrsD6xtFR6818q7WPZCspnpg5bg==
priority: u=3,i
content-length: 1243
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:36 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (4643)
Hash 2f3bd3f5da2acb55828c5dcefde8a274
00f21373747009968870397a243322c067466c97
fae6708a549046751d2ec4b001dd8402482494ec07a924132775332ac354f2a1
GET /rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 25 Jan 2024 17:59:44 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: LzvT9doqy1WCjF3O/eiidA==
x-fb-debug: 3NklVyIT4Ic13H0v/F+b1RatM9ZsLOtKqJbYSnuFV+Dc/s9pGUZ3MrWxhrQYyJ//+GjaM8GWO8ETUL2dCjKh5Q==
priority: u=3,i
content-length: 5358
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 05:06:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video.xx.fbcdn.net/o1/v/t2/f1/m21/1651647468516672.mp4?efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0&_nc_ht=video.xx.fbcdn.net&_nc_cat=101&strext=1&ccb=9-4&oh=00_AfC_iVgGGTXpyUGqnpgDPiugmROS-eD7NL3xVR5j1jTf2Q&oe=63D7EE5D&_nc_sid=57d5c5&bytestart=948&byteend=1351
157.240.200.8200 OK 404 B URL HTTP/2 video.xx.fbcdn.net/o1/v/t2/f1/m21/1651647468516672.mp4?efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0&_nc_ht=video.xx.fbcdn.net&_nc_cat=101&strext=1&ccb=9-4&oh=00_AfC_iVgGGTXpyUGqnpgDPiugmROS-eD7NL3xVR5j1jTf2Q&oe=63D7EE5D&_nc_sid=57d5c5&bytestart=948&byteend=1351
IP 157.240.200.8:0
Hash 700edfd744431bb09ece63824f5c1be9
a2b490e663ad38772ec8fc5730480f60d7fb3e5c
e2327813a7546b8bcf2b1e2bd0dd81deb6ee730f53b04b56964550a6492d0143
GET /o1/v/t2/f1/m21/1651647468516672.mp4?efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0&_nc_ht=video.xx.fbcdn.net&_nc_cat=101&strext=1&ccb=9-4&oh=00_AfC_iVgGGTXpyUGqnpgDPiugmROS-eD7NL3xVR5j1jTf2Q&oe=63D7EE5D&_nc_sid=57d5c5&bytestart=948&byteend=1351 HTTP/1.1
Host: video.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: video/mp4
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 404
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Sun, 29 Jan 2023 05:06:37 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video.xx.fbcdn.net/o1/v/t2/f1/m21/1651647468516672.mp4?efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0&_nc_ht=video.xx.fbcdn.net&_nc_cat=101&strext=1&ccb=9-4&oh=00_AfC_iVgGGTXpyUGqnpgDPiugmROS-eD7NL3xVR5j1jTf2Q&oe=63D7EE5D&_nc_sid=57d5c5&bytestart=0&byteend=947
157.240.200.8200 OK 948 B URL HTTP/2 video.xx.fbcdn.net/o1/v/t2/f1/m21/1651647468516672.mp4?efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0&_nc_ht=video.xx.fbcdn.net&_nc_cat=101&strext=1&ccb=9-4&oh=00_AfC_iVgGGTXpyUGqnpgDPiugmROS-eD7NL3xVR5j1jTf2Q&oe=63D7EE5D&_nc_sid=57d5c5&bytestart=0&byteend=947
IP 157.240.200.8:0
File type ISO Media, MP4 Base Media v5 \012- data
Hash 86ba96ad8f80f4d750ac6b1c6bbe1405
ee3dd173b9cbed54ce67f83a013596dd9f986e30
6d8844a0b6814599da77e1f16c18e8f462f42f9c43d8b905dc8e2c1c7b26ccb3
GET /o1/v/t2/f1/m21/1651647468516672.mp4?efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0&_nc_ht=video.xx.fbcdn.net&_nc_cat=101&strext=1&ccb=9-4&oh=00_AfC_iVgGGTXpyUGqnpgDPiugmROS-eD7NL3xVR5j1jTf2Q&oe=63D7EE5D&_nc_sid=57d5c5&bytestart=0&byteend=947 HTTP/1.1
Host: video.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: video/mp4
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 948
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Sun, 29 Jan 2023 05:06:37 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video.xx.fbcdn.net/v/t42.1790-2/275877392_539795064082324_1545888292363200632_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=vFjU7nCNtx4AX9qqLo-&_nc_ht=video.xx&edm=AItmks8EAAAA&oh=00_AfAsjyuUSgQzEeAHrizBvYuELghbp0UncgHbwqxhUUSzjQ&oe=63D61C49&bytestart=0&byteend=907
157.240.200.8200 OK 908 B URL HTTP/2 video.xx.fbcdn.net/v/t42.1790-2/275877392_539795064082324_1545888292363200632_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=vFjU7nCNtx4AX9qqLo-&_nc_ht=video.xx&edm=AItmks8EAAAA&oh=00_AfAsjyuUSgQzEeAHrizBvYuELghbp0UncgHbwqxhUUSzjQ&oe=63D61C49&bytestart=0&byteend=907
IP 157.240.200.8:0
File type ISO Media, MP4 Base Media v5 \012- data
Hash 7aa97e06536820d1ababa31bb5042dc5
d3c862770d52b4c3aeac88070cbc674b40fad9ff
28d62dea39870caf9219dea59ce66964b978d3db9b5ff7662117da61f902f6f3
GET /v/t42.1790-2/275877392_539795064082324_1545888292363200632_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=vFjU7nCNtx4AX9qqLo-&_nc_ht=video.xx&edm=AItmks8EAAAA&oh=00_AfAsjyuUSgQzEeAHrizBvYuELghbp0UncgHbwqxhUUSzjQ&oe=63D61C49&bytestart=0&byteend=907 HTTP/1.1
Host: video.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Wed, 16 Mar 2022 14:28:57 GMT
content-type: video/mp4
x-haystack-needlechecksum: 2144329829
x-needle-checksum: 949076142
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=949076142
content-length: 908
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Sun, 29 Jan 2023 05:06:37 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video.xx.fbcdn.net/v/t42.1790-2/275877392_539795064082324_1545888292363200632_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=vFjU7nCNtx4AX9qqLo-&_nc_ht=video.xx&edm=AItmks8EAAAA&oh=00_AfAsjyuUSgQzEeAHrizBvYuELghbp0UncgHbwqxhUUSzjQ&oe=63D61C49&bytestart=908&byteend=1323
157.240.200.8200 OK 416 B URL HTTP/2 video.xx.fbcdn.net/v/t42.1790-2/275877392_539795064082324_1545888292363200632_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=vFjU7nCNtx4AX9qqLo-&_nc_ht=video.xx&edm=AItmks8EAAAA&oh=00_AfAsjyuUSgQzEeAHrizBvYuELghbp0UncgHbwqxhUUSzjQ&oe=63D61C49&bytestart=908&byteend=1323
IP 157.240.200.8:0
Hash 5990eda31ea1d2e230ff0b5c0d73cb48
32f84f20aa4235c7ab1aa0601a9f17ac74ee5ca4
e02ca999463f3746a4cfe4b5c5c1ecb23efb177820a10ca3da5af3ea0b096e3f
GET /v/t42.1790-2/275877392_539795064082324_1545888292363200632_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=vFjU7nCNtx4AX9qqLo-&_nc_ht=video.xx&edm=AItmks8EAAAA&oh=00_AfAsjyuUSgQzEeAHrizBvYuELghbp0UncgHbwqxhUUSzjQ&oe=63D61C49&bytestart=908&byteend=1323 HTTP/1.1
Host: video.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Wed, 16 Mar 2022 14:28:57 GMT
content-type: video/mp4
x-haystack-needlechecksum: 2144329829
x-needle-checksum: 949076142
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=949076142
content-length: 416
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Sun, 29 Jan 2023 05:06:37 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video.xx.fbcdn.net/v/t42.1790-2/275877392_539795064082324_1545888292363200632_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=vFjU7nCNtx4AX9qqLo-&_nc_ht=video.xx&edm=AItmks8EAAAA&oh=00_AfAsjyuUSgQzEeAHrizBvYuELghbp0UncgHbwqxhUUSzjQ&oe=63D61C49&bytestart=1324&byteend=18000
157.240.200.8200 OK 17 kB URL HTTP/2 video.xx.fbcdn.net/v/t42.1790-2/275877392_539795064082324_1545888292363200632_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=vFjU7nCNtx4AX9qqLo-&_nc_ht=video.xx&edm=AItmks8EAAAA&oh=00_AfAsjyuUSgQzEeAHrizBvYuELghbp0UncgHbwqxhUUSzjQ&oe=63D61C49&bytestart=1324&byteend=18000
IP 157.240.200.8:0
File type Maple something\012- data
Hash 3410eaf1bf596e5e3ee39c5d84d27188
37f8f30ab965f62a1b3c3dc6ae3c819d1cf18571
d30d8d81520fd4caf5f1da6dc3e3f52287145bc5b6b4421a6a059186a4067782
GET /v/t42.1790-2/275877392_539795064082324_1545888292363200632_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=vFjU7nCNtx4AX9qqLo-&_nc_ht=video.xx&edm=AItmks8EAAAA&oh=00_AfAsjyuUSgQzEeAHrizBvYuELghbp0UncgHbwqxhUUSzjQ&oe=63D61C49&bytestart=1324&byteend=18000 HTTP/1.1
Host: video.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Wed, 16 Mar 2022 14:28:57 GMT
content-type: video/mp4
x-haystack-needlechecksum: 2144329829
x-needle-checksum: 949076142
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=949076142
content-length: 16677
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Sun, 29 Jan 2023 05:06:37 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/HCT/header/home-neu.jpg
78.47.185.214200 OK 0 B URL HTTP/2 www.hct-busvermietung.de/images/HCT/header/home-neu.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
GET /images/HCT/header/home-neu.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/media/plg_jchoptimize/assets/gz/30/0/7763cd124048b8f311b531a4d84c3341.css
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE; _gcl_au=1.1.891073297.1674968796
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:12 GMT
etag: "25442-5e79c6cf9f991"
accept-ranges: bytes
content-length: 152642
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/index.php
78.47.185.214200 OK 0 B URL HTTP/2 www.hct-busvermietung.de/index.php
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
GET /index.php HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: gzip
expires: Mon, 1 Jan 2001 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; path=/; HttpOnly
474d34055f4bac50e70963951e35f40c=de-DE; path=/; secure
last-modified: Sun, 29 Jan 2023 05:06:29 GMT
content-type: text/html; charset=utf-8
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=511926995622995&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df104e0a4a47a194%26domain%3Dwww.hct-busvermietung.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hct-busvermietung.de%252Ff12edc18debd178%26relation%3Dparent.parent&container_width=1140&height=281&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhctbusvermietung&locale=de_DE&sdk=joey&show_facepile=true&show_posts=true&small_header=true&width=500
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=511926995622995&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df104e0a4a47a194%26domain%3Dwww.hct-busvermietung.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hct-busvermietung.de%252Ff12edc18debd178%26relation%3Dparent.parent&container_width=1140&height=281&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhctbusvermietung&locale=de_DE&sdk=joey&show_facepile=true&show_posts=true&small_header=true&width=500
IP 157.240.200.35:0
GET /v2.3/plugins/page.php?adapt_container_width=true&app_id=511926995622995&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df104e0a4a47a194%26domain%3Dwww.hct-busvermietung.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hct-busvermietung.de%252Ff12edc18debd178%26relation%3Dparent.parent&container_width=1140&height=281&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhctbusvermietung&locale=de_DE&sdk=joey&show_facepile=true&show_posts=true&small_header=true&width=500 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: mulOF9uNRUHRTreE6UJ2GBlmEyOZ3BaLR51NZuDyAOU7C/yixEH7U/MvrREiyZXq9OP8GpzH8hgaVCKzI8+TdA==
date: Sun, 29 Jan 2023 05:06:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.hct-busvermietung.de/images/HCT/slider/Neue-Perspektiven.jpg
78.47.185.214200 OK 0 B URL HTTP/2 www.hct-busvermietung.de/images/HCT/slider/Neue-Perspektiven.jpg
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
GET /images/HCT/slider/Neue-Perspektiven.jpg HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:05:05 GMT
etag: "51bb-5e79c6c8af306"
accept-ranges: bytes
content-length: 20923
content-type: image/jpeg
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/media/plg_jchoptimize/assets/gz/30/0/7763cd124048b8f311b531a4d84c3341.css
78.47.185.214200 OK 0 B URL HTTP/2 www.hct-busvermietung.de/media/plg_jchoptimize/assets/gz/30/0/7763cd124048b8f311b531a4d84c3341.css
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
GET /media/plg_jchoptimize/assets/gz/30/0/7763cd124048b8f311b531a4d84c3341.css HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
expires: Mon, 31 Oct 2022 13:01:15 GMT
accept-ranges: bytes
cache-control: Public
vary: Accept-Encoding
content-encoding: gzip
last-modified: Sat, 01 Oct 2022 13:01:15 GMT
content-type: text/css;charset=utf-8
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/media/plg_jchoptimize/assets/gz/30/0/7f7d0dd7c2c5700a58a1a5e6f1c60713.js
78.47.185.214200 OK 0 B URL HTTP/2 www.hct-busvermietung.de/media/plg_jchoptimize/assets/gz/30/0/7f7d0dd7c2c5700a58a1a5e6f1c60713.js
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
GET /media/plg_jchoptimize/assets/gz/30/0/7f7d0dd7c2c5700a58a1a5e6f1c60713.js HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
expires: Mon, 31 Oct 2022 13:01:15 GMT
accept-ranges: bytes
cache-control: Public
vary: Accept-Encoding
content-encoding: gzip
last-modified: Sat, 01 Oct 2022 13:01:15 GMT
content-type: application/javascript
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2
www.hct-busvermietung.de/media/mod_languages/images/ru_ru.gif
78.47.185.214200 OK 0 B URL HTTP/2 www.hct-busvermietung.de/media/mod_languages/images/ru_ru.gif
IP 78.47.185.214:0
ASN #24940 Hetzner Online GmbH
GET /media/mod_languages/images/ru_ru.gif HTTP/1.1
Host: www.hct-busvermietung.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hct-busvermietung.de/index.php
Cookie: 6b641c1c2d80877fea4f8f1b317af201=3a0876f51843b2e7dea13035ea9b19da; 474d34055f4bac50e70963951e35f40c=de-DE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:06:57 GMT
etag: "66-5e79c733be156"
accept-ranges: bytes
content-length: 102
content-type: image/gif
date: Sun, 29 Jan 2023 05:06:29 GMT
server: Apache
X-Firefox-Spdy: h2