Overview

URL rostockvilla.com/
IP185.51.8.94
ASNNessus GmbH
Location Austria
Report completed2022-09-27 00:45:33 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-27 2 rostockvilla.com/ Phishing
2022-09-27 2 www.rostockvilla.com/ Phishing
2022-09-27 2 www.rostockvilla.com/media/system/js/caption.js Phishing
2022-09-27 2 www.rostockvilla.com/modules/mod_responsive_contact_form/js/jqBootstrapVali (...) Phishing
2022-09-27 2 www.rostockvilla.com/media/jui/js/bootstrap.min.js Phishing
2022-09-27 2 www.rostockvilla.com/media/jui/js/jquery-noconflict.js Phishing
2022-09-27 2 www.rostockvilla.com/media/jui/js/jquery.min.js Phishing
2022-09-27 2 www.rostockvilla.com/media/jui/fonts/IcoMoon.woff Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (20)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-26 22:11:41 UTC 93.184.220.29
mnemonic passive DNS www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-09-26 19:55:31 UTC 142.250.74.174
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-26 12:15:18 UTC 34.120.237.76
mnemonic passive DNS rostockvilla.com (1) 0 2015-05-31 02:59:57 UTC 2021-01-28 17:18:40 UTC 185.51.8.94 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-26 04:26:56 UTC 143.204.55.35
mnemonic passive DNS ajax.googleapis.com (1) 12905 2014-10-18 20:16:48 UTC 2022-09-26 18:50:02 UTC 216.58.207.202
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-26 16:59:48 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-26 18:38:08 UTC 143.204.55.36
mnemonic passive DNS www.rostockvilla.com (13) 0 2020-06-14 00:03:59 UTC 2022-09-26 21:37:55 UTC 185.51.8.94 Unknown ranking
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-26 04:26:58 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS m.addthis.com (1) 1448 2013-11-06 20:12:22 UTC 2022-09-26 08:00:37 UTC 23.38.200.123
mnemonic passive DNS api-public.addthis.com (3) 4111 2012-05-21 13:44:35 UTC 2022-09-26 11:38:55 UTC 23.38.200.123
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-26 04:28:07 UTC 34.117.237.239
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-26 21:09:16 UTC 142.250.74.164
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-26 05:45:55 UTC 54.187.71.185
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-09-26 04:27:13 UTC 142.250.74.3
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-26 04:35:11 UTC 23.36.76.226
mnemonic passive DNS s7.addthis.com (5) 1504 2012-05-21 03:34:04 UTC 2022-09-26 04:42:26 UTC 23.38.200.123
mnemonic passive DNS z.moatads.com (1) 374 2014-02-11 16:19:47 UTC 2022-09-26 04:34:46 UTC 23.38.201.146
mnemonic passive DNS v1.addthisedge.com (1) 1721 2019-05-22 18:56:22 UTC 2022-09-26 04:42:27 UTC 23.38.200.123


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 185.51.8.94

Date UQ / IDS / BL URL IP
2022-09-27 00:45:33 +0000
0 - 0 - 8 rostockvilla.com/ 185.51.8.94

Last 5 reports on ASN: Nessus GmbH

Date UQ / IDS / BL URL IP
2022-11-22 00:54:38 +0000
0 - 0 - 3 michaelfrankenberger.com/soundbranding 185.51.8.58
2022-11-06 07:04:51 +0000
0 - 0 - 7 geschu.com/ 185.51.8.58
2022-10-25 18:23:32 +0000
0 - 0 - 35 www.turmhof.at/ 185.51.8.60
2022-10-25 15:36:56 +0000
0 - 0 - 40 www.turmhof.at/ 185.51.8.60
2022-10-24 10:17:49 +0000
0 - 0 - 14 www.turmhof.at/aktuelles 185.51.8.60

Last 1 reports on domain: rostockvilla.com

Date UQ / IDS / BL URL IP
2022-09-27 00:45:33 +0000
0 - 0 - 8 rostockvilla.com/ 185.51.8.94

No other reports with similar screenshot



JavaScript

Executed Scripts (21)


Executed Evals (2)

#1 JavaScript::Eval (size: 11, repeated: 1) - SHA256: 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16

                                        addthis.cbs
                                    

#2 JavaScript::Eval (size: 8, repeated: 1) - SHA256: 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f

                                        _ate.cbs
                                    

Executed Writes (0)



HTTP Transactions (51)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         185.51.8.94
HTTP/1.1 302 Found
content-type: text/html; charset=iso-8859-1
                                        
date: Tue, 27 Sep 2022 00:45:21 GMT
server: Apache
location: http://www.rostockvilla.com
content-length: 211
age: 0
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   211
Md5:    85b9cf94b2c29f7d4aaa78daad579bbf
Sha1:   0761550f1d1cba393f7350c3d65ce3ca2e0f9f86
Sha256: 2f972c876e5edc6f4d01ae6891266d136477aaad58a94181976306a6cc43ca84

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3333
Expires: Tue, 27 Sep 2022 01:40:54 GMT
Date: Tue, 27 Sep 2022 00:45:21 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 23:53:57 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PU4paulLFkPdXJUnYud0sjXKf5C6IUr2Xk4UC50ujbcyyR8DDxJXIw==
Age: 3085


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tSfBMX_70aFpS_pQzCvWCgQu1LIhjbNmzH3n1po4FY3ymMWIbpxlgg==
age: 72607
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 00:45:22 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
expires: Wed, 17 Aug 2005 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl; path=/; HttpOnly
last-modified: Tue, 27 Sep 2022 00:45:22 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 10283
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1498), with CRLF, CR, LF line terminators
Size:   10283
Md5:    a5fc5fe2902b6e905c8ff418df093dbf
Sha1:   9b65c9965335b3a34abfa63f12fb8125bd8c4d18
Sha256: 57cd323deb054d4c0e49581db044cbbe822c63bcc4383164c22718e6afa3f4bd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /plugins/content/addthis/css/at-jp-styles.css HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
last-modified: Fri, 08 May 2015 13:51:16 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
cache-control: max-age=604800
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  ASCII text
Size:   189
Md5:    7088f30cb795b6cba9d5eece34b2f1f3
Sha1:   37d0a4967bed06fb477ee56507a367732d28d673
Sha256: 00e91955931330339389a64e714d43964ebe6ab6a5b6462756779a8eb73b414f
                                        
                                            GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/

                                         
                                         216.58.207.202
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33593
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 10:30:19 GMT
Expires: Tue, 26 Sep 2023 10:30:19 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Age: 51303


--- Additional Info ---
Magic:  ASCII text, with very long lines (65483)
Size:   33593
Md5:    a54a444f20643b131117dc2112cca05f
Sha1:   074964746b12ff1d30f7656310d6154ae1cc98b5
Sha256: aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
                                        
                                            GET /css?family=Open+Sans HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 27 Sep 2022 00:45:22 GMT
Date: Tue, 27 Sep 2022 00:45:22 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   601
Md5:    75d181fc850170da6e8f60df6cfc3f07
Sha1:   8c36b95d4b2746668a67479d14c983993d415038
Sha256: 9f8f28568038df45d52650d52e7316819f7f787c480f016af0333127eb11b67e
                                        
                                            GET /recaptcha/api/challenge?k=6Lc7mAYTAAAAANNJs2jVCpmiqx7h--Krx5Aon3gQ HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/

                                         
                                         142.250.74.164
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Content-Encoding: gzip
Date: Tue, 27 Sep 2022 00:45:22 GMT
Expires: Tue, 27 Sep 2022 00:45:22 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 117
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   117
Md5:    50e010e6df7baa397fb4070b6553cff8
Sha1:   fe7f8b322f493e27d54136a1d3d562d8c2afbab7
Sha256: e69da6f4387d34867cfdf001ad4ede46f8e78ddd3d4cceb1535b7cf6f3c84932
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 00:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 00:54:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VzV0_1MmwFFzn9gNDmleojIHpXazug-68V10FA3CS4ClhUjEEF6COg==
Age: 2076


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/

                                         
                                         23.38.200.123
HTTP/1.1 308 Permanent Redirect
Content-Type: text/html
                                        
Server: nginx/1.15.8
Content-Length: 171
Location: https://s7.addthis.com/js/300/addthis_widget.js
Date: Tue, 27 Sep 2022 00:45:22 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   171
Md5:    3c417e9efbcaeb3bf7e7df75cf3b22fd
Sha1:   00465aec6b8ec302eae8abb99678fc5c09c3f343
Sha256: 21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
                                        
                                            GET /media/system/js/caption.js HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
last-modified: Fri, 21 Oct 2016 17:38:56 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 336
cache-control: max-age=604800
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  ASCII text, with very long lines (413)
Size:   336
Md5:    6d37e4491c806fe1280ea6af868c307c
Sha1:   76bd49025156b7c2507189bb48cc83142e8177dd
Sha256: fcdc70db37bd7884b1b94358f4849eb7e6a88bcafe82c93df635913ae03039cb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /modules/mod_responsive_contact_form/css/style.css HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
last-modified: Fri, 08 May 2015 22:12:08 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 363
cache-control: max-age=604800
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  ASCII text
Size:   363
Md5:    2e203c3271047fc4f4bd63198fc08b44
Sha1:   e03f45baacb2d99c97629a66e93fedb58761351a
Sha256: c62ec33c1b6def2ab025c676b93f443651d7f6913099af0b56e0933865ad1cdf
                                        
                                            GET /modules/mod_responsive_contact_form/js/jqBootstrapValidation.min.js HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
last-modified: Fri, 08 May 2015 22:12:08 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4062
cache-control: max-age=604800
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (15306), with no line terminators
Size:   4062
Md5:    0a2dae2edf9979df00a9cb521290b400
Sha1:   4f867ab31f00228e912dc4a565221d51dd63a879
Sha256: d93e3e721f87ce120a8e39893147a69157f56ff6f8b4f118b4377cc5a2b171a9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /media/jui/js/bootstrap.min.js HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
last-modified: Fri, 21 Oct 2016 17:38:56 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 7701
cache-control: max-age=604800
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  ASCII text, with very long lines (29002)
Size:   7701
Md5:    fc8b97507794f272cffac61360a304c0
Sha1:   9ea0634a66aec33fa44b92c71fc09c9fbb37b3d9
Sha256: 1004988d51baf8a1b7a14bd468fc219ecb180644a1baa36076dcb09c440bef19

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /media/jui/js/jquery-noconflict.js HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
last-modified: Fri, 21 Oct 2016 17:38:56 GMT
content-length: 21
cache-control: max-age=604800
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  ASCII text
Size:   21
Md5:    e2060c4e5e5955c824723b13a212d3ec
Sha1:   18420ce484978f8ba3d7371febf1638828bb7a67
Sha256: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.rostockvilla.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116360
date: Tue, 27 Sep 2022 00:45:22 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54602)
Size:   116360
Md5:    5d974241edf8b0e9527678a1368b0119
Sha1:   53101308ccc3a8539cd1e73059be1ef980342c90
Sha256: fcb5fc6ca11a424598604e82eb0cf2d7412f5b0222304c535fe356ea3743be2e
                                        
                                            GET /templates/rostockvilla/css/template.css HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
last-modified: Wed, 10 Jun 2015 17:35:31 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 21484
cache-control: max-age=604800
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   21484
Md5:    46e54a2d7e5695cc9f9f3481107aa192
Sha1:   8da8c6af658f6e72f6467d61527c7894daa0d6fc
Sha256: 5abb2e5bccee11d9b7488ce887ff85d677df1e0957bfc0c672b329804fd3b412
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4606
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 00:45:22 GMT
Last-Modified: Mon, 26 Sep 2022 23:28:36 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /images/rostockvilla-aussen-ausschnitt.jpg HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
last-modified: Tue, 18 Jun 2013 07:46:24 GMT
etag: "714c-4df68e8e8b400"
content-length: 29004
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 350x186, components 3\012- data
Size:   29004
Md5:    639d5e38621d9a2f4dd6017bd21532fa
Sha1:   461dab42c9abb89263f57190603e0bd09107db4f
Sha256: 499e5231049bc984ad1e85f8deeb2a15a5f034926ef880650115d86e9ca5f157
                                        
                                            GET /images/aufzurrostockvilla.jpg HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
last-modified: Wed, 09 Sep 2015 07:27:32 GMT
etag: "558b-51f4b6a6ba100"
content-length: 21899
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x379, components 3\012- data
Size:   21899
Md5:    ef30dc65c7c101579b79037efd012fd8
Sha1:   626c6fe3931904d42e6d501ebee8c7e48c37b705
Sha256: d3f517bdd0526f861373ca5617a22dd6218af6e0706da22d4dbe64b471905085
                                        
                                            GET /media/jui/js/jquery.min.js HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
last-modified: Fri, 21 Oct 2016 17:38:56 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 33760
cache-control: max-age=604800
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   117
Md5:    50e010e6df7baa397fb4070b6553cff8
Sha1:   fe7f8b322f493e27d54136a1d3d562d8c2afbab7
Sha256: e69da6f4387d34867cfdf001ad4ede46f8e78ddd3d4cceb1535b7cf6f3c84932

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rostockvilla.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 19:01:11 GMT
Expires: Tue, 26 Sep 2023 19:01:11 GMT
Cache-Control: public, max-age=31536000
Age: 20651
Last-Modified: Mon, 15 Aug 2022 18:14:44 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size:   16740
Md5:    e43b535855a4ae53bd5b07a6eeb3bf67
Sha1:   6507312d9491156036316484bf8dc41e8b52ddd9
Sha256: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
                                        
                                            GET /media/jui/fonts/IcoMoon.woff HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rostockvilla.com/templates/rostockvilla/css/template.css
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: font/woff
                                        
date: Tue, 27 Sep 2022 00:45:22 GMT
server: Apache
last-modified: Fri, 21 Oct 2016 17:38:56 GMT
etag: "6350-53f6384360c00"
content-length: 25424
age: 0
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  Web Open Font Format, CFF, length 25424, version 1.0\012- data
Size:   25424
Md5:    910a8fd387e6c5ac62dbe014dc131960
Sha1:   78d797741e92a0fb3094ad076dfd0ae8f1c36713
Sha256: 6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /addthismoatframe568911941483/moatframe.js HTTP/1.1 
Host: z.moatads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.146
HTTP/2 200 OK
content-type: application/x-javascript
                                        
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=33321
date: Tue, 27 Sep 2022 00:45:22 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (523)
Size:   948
Md5:    f14b4e1f799b14f798a195f43cf58376
Sha1:   b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
Sha256: 92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/

                                         
                                         142.250.74.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 19826
Date: Tue, 27 Sep 2022 00:20:53 GMT
Expires: Tue, 27 Sep 2022 02:20:53 GMT
Cache-Control: public, max-age=7200
Age: 1469
Last-Modified: Sun, 11 Sep 2022 13:50:09 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET /templates/rostockvilla/favicon.ico HTTP/1.1 
Host: www.rostockvilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Cookie: b340f626f12e380272078e4fa21301eb=ipgrjnbv3ug45oil2h4dq9t8hl8nbetl

                                         
                                         185.51.8.94
HTTP/1.1 200 OK
content-type: image/vnd.microsoft.icon
                                        
date: Mon, 26 Sep 2022 22:49:10 GMT
server: Apache
last-modified: Mon, 17 Jun 2013 16:41:18 GMT
etag: "47e-4df5c4404e780"
content-length: 1150
age: 6972
accept-ranges: bytes
permissions-policy: interest-cohort=()


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    8894791e84f5cafebd47311d14a3703c
Sha1:   a62b63f076c81788c95a06d586135e6a36bfd217
Sha256: 24168e09893e89aee7daa843fad42b5719bee447b3a2c588b933397822c9637b
                                        
                                            GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 27 Sep 2022 00:45:22 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size:   26421
Md5:    707317ccaabe08d32d1bd781754e6871
Sha1:   bb82dcd3e044c960e0861c2ce878f5504e628f78
Sha256: d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
                                        
                                            GET /l10n/client.de.min.json HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.rostockvilla.com
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.15.8
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
etag: W/"5d77be05-df3"
cache-control: public, s-maxage=604800
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 1751
date: Tue, 27 Sep 2022 00:45:23 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (3547), with no line terminators
Size:   1751
Md5:    4716bfc23f1c3a2636fd777b3ea4cb0c
Sha1:   1c87c8dcbbcffce95e4694f1658de31f4f2e5767
Sha256: 300a335221e0083c8bf4a15eb95fd1fda652ffbd3f6d016bf0cb81b23a3f89a4
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K/bTzmLmmflbTMMi5tAj8g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.187.71.185
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Rq2L6dnbxt8+Y+Bqn1+48yaPcqY=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 00:45:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?v=1&_v=j97&a=532112674&t=pageview&_s=1&dl=http%3A%2F%2Fwww.rostockvilla.com%2F&ul=en-us&de=UTF-8&dt=HOME&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=1239157473&gjid=975913752&cid=624189588.1664239521&tid=UA-63427726-1&_gid=708896222.1664239521&_r=1&_slc=1&z=423005400 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.rostockvilla.com
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://www.rostockvilla.com
date: Tue, 27 Sep 2022 00:45:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    38684612f0c6bb6dfa16da92f4a6878f
Sha1:   6fe62d0dd7db314b7f9bb945672f078e01d27f0f
Sha256: a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 00:45:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /live/red_lojson/300lo.json?si=633247a0ab7ac6a9&bkl=0&bl=1&pdt=817&sid=633247a0ab7ac6a9&pub=ra-554cc05662342a36&rev=v8.28.8-wp&ln=de&pc=jlp&cb=0&ab=-&dp=www.rostockvilla.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664239520995&jsl=1&uvs=633247a055d4d182000&skipb=1&callback=addthis.cbs.jsonp__50781652857131170 HTTP/1.1 
Host: m.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Tue, 27 Sep 2022 00:45:23 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   89
Md5:    452bae1396a8ed74f0368ad0c10b9628
Sha1:   ddfaad43cf55dacba5828cede09b03553497cdfa
Sha256: 4f0aaa294230e42b5a71c3c06c13b54abee3fe9a08768ba4dcf97218f7f44bd3
                                        
                                            GET /live/boost/ra-554cc05662342a36/_ate.track.config_resp HTTP/1.1 
Host: v1.addthisedge.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
etag: 659743217
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 154
cache-control: public, max-age=57, s-maxage=86400
date: Tue, 27 Sep 2022 00:45:23 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   154
Md5:    1798455c51e19a1de93e52339a502e8d
Sha1:   a0457d200050e575fe5fce342ef18826773a19a2
Sha256: 3f695eaf6f5245ffc8385edd6ed3d174509a3faedc9b9e14e4bffb1f0a881fb0
                                        
                                            GET /static/counter.d27508c102582d608697.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5fd2"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 8265
date: Tue, 27 Sep 2022 00:45:23 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24530), with no line terminators
Size:   8265
Md5:    47fcfb824ad738c29e3195451d5c755e
Sha1:   8a955f27a30f4a8c9cde94567c041040e3c60d61
Sha256: 1508b4ae159e51231031ce58f3a5c31aca11a438f4ea3c12ea3581bbc97f4305
                                        
                                            GET /url/shares.json?url=http%3A%2F%2Fwww.rostockvilla.com%2F2-uncategorised%2F2-die-rostock-villa-erhalt-als-museums-und-kulturstandort&callback=_ate.cbs.sc_httpwwwrostockvillacom2uncategorised2dierostockvillaerhaltalsmuseumsundkulturstandort0 HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.15.8
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.rostockvilla.com/2-uncategorised/2-die-rostock-villa-erhalt-als-museums-und-kulturstandort
last-modified: Tue, 27 Sep 2022 00:45:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 113
date: Tue, 27 Sep 2022 00:45:23 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   113
Md5:    8223bfa355c688990945a74b49cc0bf9
Sha1:   7808f0b64295dbbb15db26eb2d16fcf9b42526af
Sha256: f2b26b152c509db0a31986cd46a2ca628d57c5458c27e3a2069b45a003ecc4a0
                                        
                                            GET /url/shares.json?url=http%3A%2F%2Fwww.rostockvilla.com%2F2-uncategorised%2F11-strassenfest-am-26-september-2015&callback=_ate.cbs.sc_httpwwwrostockvillacom2uncategorised11strassenfestam26september20150 HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.15.8
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.rostockvilla.com/2-uncategorised/11-strassenfest-am-26-september-2015
last-modified: Tue, 27 Sep 2022 00:45:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 106
date: Tue, 27 Sep 2022 00:45:23 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   106
Md5:    a97b590c76fef4700b2be5ca0a90e1f5
Sha1:   df9382a0fc687e74175321c740e5dc1091aa4f67
Sha256: b5bea0a82208df90d139268442bb32e0b937624ff613795ef98e3e7f6770acf4
                                        
                                            GET /url/shares.json?url=http%3A%2F%2Fwww.rostockvilla.com%2Fwo-kann-ich-unterschreiben&callback=_ate.cbs.sc_httpwwwrostockvillacomwokannichunterschreiben0 HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rostockvilla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.15.8
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.rostockvilla.com/wo-kann-ich-unterschreiben
last-modified: Tue, 27 Sep 2022 00:45:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 89
date: Tue, 27 Sep 2022 00:45:23 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   89
Md5:    1599fe506e59b4b1d7e82c9aa397de61
Sha1:   5b6e352d17112cc75b2dc525c5b637662ee0eeee
Sha256: 6c7480cefd2ce366e533d2a2735de44d0302600e0aa33b87b8af141b162dddbc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5853
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Tue, 27 Sep 2022 00:45:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5853
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Tue, 27 Sep 2022 00:45:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5853
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Tue, 27 Sep 2022 00:45:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5853
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Tue, 27 Sep 2022 00:45:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5853
Expires: Tue, 27 Sep 2022 02:22:57 GMT
Date: Tue, 27 Sep 2022 00:45:24 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 11187
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 10141
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10211
Md5:    347dca206e13a3b13953f0ab398310b4
Sha1:   be60bbc96c832ae385cc9ae5828bd32703011b21
Sha256: f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 11177
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5383
x-amzn-requestid: d7b677b7-25f9-4197-a664-ec68b0dfedfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y8ydSEuLoAMF6PA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e9788-7b57acc9288de40d252766a5;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 05:37:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iTzA2XJ0QFByhrYBer4ULW96ZdCeXhceaxWEAvznURvaZadKQniVRg==
via: 1.1 0da9bec11a1bde5ca7f71b28194afd5a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 23:29:31 GMT
age: 4553
etag: "481ec2135ca0a96484c36cced30776c871aedf8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5383
Md5:    e6c9691e104001fe54d3c6273b7b8596
Sha1:   481ec2135ca0a96484c36cced30776c871aedf8f
Sha256: f9e5e087d8b6e9b357c9f93b00c5919d89d90ac9b48d2dcd1ac72bf775a5cf49
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eE2AvjvM7j07Go69VVEmTF8Q-KA5bZwOBdn_SgR5fcZj8lL760_q2Q==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 17:57:22 GMT
age: 24482
etag: "2b53c4f836970501a682dae07235215c487d35cc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7716
Md5:    8ef8d9284ebd57a7cf76ceb762291356
Sha1:   2b53c4f836970501a682dae07235215c487d35cc
Sha256: 3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6829
x-amzn-requestid: cc3229a7-7c7e-472b-b7a4-1216594c4068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yshb2FwhoAMF2EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632815e5-0964e463192712fb08a29ee7;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:10:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 38UTZEh7vpUlYc9mGIdNrIy4fgLQf4iErqzZLY5mM5fdMQwvJvoBvQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:12:45 GMT
age: 9159
etag: "c80d9ce02eeaa7b0166a696e811d2cffde4997d0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6829
Md5:    62ece01d7e0036711832df5a25175b3b
Sha1:   c80d9ce02eeaa7b0166a696e811d2cffde4997d0
Sha256: 8a1968c18b44495571ff382a9cacfb7f98d3e1275d650e84cb310d635eae7e70