Report - reisewelt-klein.de/

Report Overview

Submitted URL
reisewelt-klein.de/
IP
92.51.134.215
ASN
#8972 Host Europe GmbH
Submitted
2022-11-15 07:39:59
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
reisewelt-klein.de	unknown	2022-06-02T22:38:08Z	2023-03-09T02:38:49Z	350 B	544 B	92.51.134.215
www.tourcontact.eu	unknown	2019-11-05T01:21:59Z	2023-01-08T01:08:43Z	433 B	746 B	92.51.134.215
privacy-proxy-server.usercentrics.eu	265938	2019-07-04T16:11:24Z	2023-03-10T13:04:28Z	451 B	139 kB	34.149.163.237
kit-pro.fontawesome.com	21124	2019-05-02T14:15:01Z	2023-03-10T11:49:25Z	3.9 kB	76 kB	104.18.22.52
www.reiseweltklein.de	unknown	2015-10-30T15:39:42Z	2023-01-30T15:02:11Z	15 kB	3.2 MB	5.175.22.217
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	4.6 kB	9.2 kB	142.250.74.3
backend.tcautor.de	unknown	2020-06-28T07:48:07Z	2023-01-30T14:52:15Z	447 B	182 kB	5.175.22.217
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.3 kB	55 kB	34.120.237.76
graphql.usercentrics.eu	14191	2018-08-08T11:42:38Z	2023-03-10T13:12:15Z	1.1 kB	751 B	34.120.238.166
uc.e-recht24.de	386358	2021-02-25T10:55:23Z	2023-03-10T00:27:59Z	401 B	3.4 kB	159.69.24.179
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
app.usercentrics.eu	12624	2018-08-08T11:42:22Z	2023-03-10T13:12:14Z	377 B	231 kB	35.190.14.188
privacy-proxy.usercentrics.eu	43696	2019-09-20T10:09:07Z	2023-03-10T13:04:27Z	396 B	43 kB	35.190.14.188
aggregator.service.usercentrics.eu	14703	2020-07-29T15:16:57Z	2023-03-10T12:03:36Z	665 B	6.4 kB	34.120.28.121
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	4.7 kB	12 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-10T08:04:05Z	879 B	12 kB	104.17.24.14
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.13.173.34
www.backend.tcautor.de	unknown	2020-06-28T07:47:24Z	2023-01-30T14:56:56Z	7.5 kB	1.8 MB	5.175.22.217
api.usercentrics.eu	11845	2018-04-17T10:09:01Z	2023-03-10T13:12:15Z	429 B	9.2 kB	35.241.3.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-15	medium	reisewelt-klein.de/	Phishing
2022-11-15	medium	www.reiseweltklein.de/	Phishing
2022-11-15	medium	www.reiseweltklein.de/fonts/flaticon/Flaticon.woff2	Phishing
2022-11-15	medium	www.reiseweltklein.de/assets/images/partnerlogos/DER_Touristik_Partner_4C.svg	Phishing
2022-11-15	medium	www.reiseweltklein.de/assets/js/core.min.js	Phishing
2022-11-15	medium	www.reiseweltklein.de/assets/js/jquery-3.4.1_plusUI.min.js	Phishing
2022-11-15	medium	www.reiseweltklein.de/assets/js/vendor_bundle.min.js	Phishing
2022-11-15	medium	www.reiseweltklein.de/assets/fonts/flaticon/Flaticon.woff2	Phishing
2022-11-15	medium	www.reiseweltklein.de/assets/js/scripts.min.js?_=1668497987803	Phishing
2022-11-15	medium	www.reiseweltklein.de/assets/js/vendor.swiper.min.js	Phishing
2022-11-15	medium	www.reiseweltklein.de/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js	28 kB	2023-03-07	2024-03-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2024-03-04 15:30:38 Times Seen275 Hash 1d6ae7e6b82dd230033595eac215ac28 4feda8ad306195d129c2d9bc918150979c68a726 29af286f1b07342cfa1fd851a65f17e105775e68715b2a81a64fc4a476328fd9 Loading...

	www.reiseweltklein.de/	132 B	2023-03-07	2023-03-29
Pretty URL www.reiseweltklein.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 206d3035e76fe3cddd8a2a036fddef75 0ea3fd3e269c16e3dc467d340dc107ba72b47c55 1309ebd1087c85cff2a226e2ae661bcfba4c1de0fc31b2f8233a40b38f8842f3 Loading...

	www.reiseweltklein.de/	1.7 kB	2023-03-10	2023-03-29
Pretty URL www.reiseweltklein.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:25:47 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 30a85f9a6353d661cab1765890b2e5e5 cc6791d1b0428a250cc9871880ca0cd1ba308983 af0ed76acfd7e78cec33359310f60e2983f5a5255019209358e935814b2c5ebb Loading...

	www.reiseweltklein.de/assets/js/vendor_bundle.min.js	421 kB	2023-03-07	2023-03-29
Pretty URL www.reiseweltklein.de/assets/js/vendor_bundle.min.js IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:26 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 2b5b6c884ee703467573b96a50275262 451d0a95b007aff5d246263ea65dda904a7c41c2 5b28a15fae3f9860278e2133e3c9e7348cb6ab4db151db86406afd04800c3aaa Loading...

	app.usercentrics.eu/latest/main.js	25 kB	2023-03-07	2024-04-18
Pretty URL app.usercentrics.eu/latest/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-04-18 15:22:55 Times Seen360 Hash 2f6ee33ec707f2be99eab89a14bf538d f2164827c88ba17ef1488c6c976b27cc1376f2a3 c33a649699a0dba95a5914251da89c9a6439c07cad273e1138245c012169738b Loading...

	www.reiseweltklein.de/	141 kB	2023-03-07	2023-03-29
Pretty URL www.reiseweltklein.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 6c4b78281edfb785e3a4c763912719a6 d9d9134ce3dbd015001d53d733d0253f32932b5d 0b0d7f064405e1ece0b32d80e4f5ebcdf52a95c34c4cfcb4194dfdda2e92138a Loading...

	app.usercentrics.eu/latest/bundle.js	1.2 MB	2023-03-08	2024-04-18
Pretty URL app.usercentrics.eu/latest/bundle.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:03:34 Last Seen2024-04-18 15:22:53 Times Seen276 Hash 6cfb75735980ceeeb2cb1b0ec5c47499 63e1ef864831ed7c2a73058472b8c94c4bbb77ef 39e0136306d0dfd62d513db4eb0d2ea1a831ff00edf00446de67b031e6a6b9b1 Loading...

	www.reiseweltklein.de/assets/js/core.min.js	279 kB	2023-03-07	2023-03-17
Pretty URL www.reiseweltklein.de/assets/js/core.min.js IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-17 12:39:05 Times Seen1 Hash d185bd1dfdc64366e486dbbdbb8b1e0b 61de9d69c59be9b7859d2e6d1537bfaf076fad51 d74587ea895404943e576fb691bbf01c684fbc2887b30c08026738865bf0ad4c Loading...

	www.reiseweltklein.de/	7.9 kB	2023-03-07	2023-03-29
Pretty URL www.reiseweltklein.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 269f13584fe0b6ffe232701487e42478 cf83bc0e51753e938c0bd704fe6c84e8c5a686c2 c10fea60a9bfd1a76e8a0c9bc550de49668a3529b971a058ae1826beba17e51b Loading...

	www.reiseweltklein.de/	9.5 kB	2023-03-07	2023-03-29
Pretty URL www.reiseweltklein.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash b37c16552c444a1e10761ac0a8a4191f d845da399730dcfffebeafe2fcc743faf4b6f482 3039ad005dab183cf141a88f50b31a88ec72af6469f1dda66e6d4816ef6d8381 Loading...

	privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js	158 kB	2023-03-10	2023-03-11
Pretty URL privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:31:23 Last Seen2023-03-11 12:21:17 Times Seen1 Hash 24680c95cc754147cd6672ff826c5980 42e839240cab0af284f8cbadd74fe03c7ae40193 6b7880200ff1b32f545df2b7bbb24e5406d655345f63be253e93d3a0788f3dab Loading...

	www.reiseweltklein.de/	10 kB	2023-03-07	2023-03-29
Pretty URL www.reiseweltklein.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash bc181d89c903325ebfff3cc312b3fa25 5d24d486f72d8e5d978fb9239bce0e98e9df6211 c7a047fdc86d0e046d89b5ec7d63a7be79c761e8c7971eed21c0b230f245a157 Loading...

	www.reiseweltklein.de/assets/js/jquery-3.4.1_plusUI.min.js	342 kB	2023-03-07	2023-03-29
Pretty URL www.reiseweltklein.de/assets/js/jquery-3.4.1_plusUI.min.js IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash 9e0b7c6f995445028697316f74ac529d 19017a63f3c3716758d003319be5bdbb82bb816c b63b95393e3b4d95fdcaf2c499d3e3b5bf230d0b3b115748a3beefc42aa2b753 Loading...

	www.reiseweltklein.de/	106 B	2023-03-07	2023-03-29
Pretty URL www.reiseweltklein.de/ IP 5.175.22.217 ASN #20773 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:25 Last Seen2023-03-29 21:58:23 Times Seen2 Hash fc216d7510d31dde74f4401325fa1e13 eb1ccb57c28628989a36f694c96648f672069349 24b70705c3490ec56793f741d0ad5a8e2fe57e96af4b0d2c8902da125809d4cf Loading...

HTTP Transactions (105)

URL IP Response Size

reisewelt-klein.de/

92.51.134.215

301 Moved Permanently

305 B

URL HTTP/1.1
reisewelt-klein.de/
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
305 B (305 bytes)
Hash
84ded1aac57607ac32d3b6032d608f0d
7d79e3e73aab1641117406a3da9ed6a239be73aa
ff1028616c74785ec9452c123e728ab96c609f81865efa277589fc31ff2f57c2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: reisewelt-klein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 15 Nov 2022 07:39:46 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 305
Connection: keep-alive
Location: http://www.reiseweltklein.de/
X-Powered-By: PleskLin

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11149
Expires: Tue, 15 Nov 2022 10:45:35 GMT
Date: Tue, 15 Nov 2022 07:39:46 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2960
Cache-Control: max-age=99651
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:46 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:20:37 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9470
Expires: Tue, 15 Nov 2022 10:17:36 GMT
Date: Tue, 15 Nov 2022 07:39:46 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 06:44:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3323
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ynwxYm///9BSf4LmE3mDFXk6hmtJL71ZNBKBHXqJ8NFLYR6GyL7vTPfGe0G5XFLuXb2nHLOmj0Q=
x-amz-request-id: 3TD0K6VG5SFERPPV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 07:14:10 GMT
age: 1536
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.reiseweltklein.de/

5.175.22.217

301 Moved Permanently

238 B

URL HTTP/1.1
www.reiseweltklein.de/
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
238 B (238 bytes)
Hash
d75aa64e403759c411a19e935803f8ff
db95c204b77913637a9cab0c374218a22680bb69
f066ef0ad94e8207d08f801cd58e78492a6a52fb46fd794de2b5a508278df7d6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 15 Nov 2022 07:39:46 GMT
Server: Apache
Location: https://www.reiseweltklein.de/
Content-Length: 238
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 07:39:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
331ab8afa163a6ff2e07480e8998e664
dc73810e5588f3bea056b81a08009a61e166934a
e84209279921064c4fa9e0f421518be1924445162b80c594f96c1c38b64187ef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E84209279921064C4FA9E0F421518BE1924445162B80C594F96C1C38B64187EF"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 15 Nov 2022 13:39:47 GMT
Date: Tue, 15 Nov 2022 07:39:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 07:25:01 GMT
cache-control: public,max-age=3600
age: 886
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3818
Cache-Control: max-age=95452
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:47 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:10:39 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css

104.17.24.14

200 OK

2.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (22251)
Size
2.9 kB (2880 bytes)
Hash
4dbf1735a5370350943bce0dbad5843d
3a9d68ea18c3aa70887283c3c36b154ddd31ced8
b7cd289c437127d58b709dc9999390fe68d378d506a8a31252c74c70597e162e

HTTP Headers

GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
content-type: text/css; charset=utf-8
content-length: 2880
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-580a"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 23436348
expires: Sun, 05 Nov 2023 07:39:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSk6tst4wtJer5IC1Z8RodTGZHV%2B92t1vghRQ4k7DXmmbzClteCUy5XPESi%2FfrQ80fPz8MY%2BtMcNbtXzzsSfZT%2FFR47PG1RVXqj8e8%2FRyF4uThgsEO2kr1Hs7Ha5V6E663cOSwAN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76a655c5b8f9b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js

104.17.24.14

200 OK

6.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27931)
Size
6.4 kB (6422 bytes)
Hash
beafb90e7e7cb9afd1931dd1ce3d8a6b
ecb8187bf858a727949be0fffbadd1d018e0c169
eabdef01e87e471436dfac8d11edcd16c85d433aa854cdd695165399980ca818

HTTP Headers

GET /ajax/libs/jquery-confirm/3.3.4/jquery-confirm.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.reiseweltklein.de
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 6422
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-6e3e"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14582299
expires: Sun, 05 Nov 2023 07:39:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2Bejg4qyDjw%2FAWe0V4FRMxXb7etgW4bgIEw4dvJapXzFXkv4yxXVM7FQagZDPTJw5Rudjhy0C%2BhAxQUldXH84T3a%2BolFQ1Kn64iTqwNuIjEo%2F1Txajv3ChxQHTf4ZgMf%2Fm5x3qy4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76a655c5dab0b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.reiseweltklein.de/fonts/flaticon/Flaticon.woff2

5.175.22.217

200 OK

37 kB

URL HTTP/2
www.reiseweltklein.de/fonts/flaticon/Flaticon.woff2
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Size
37 kB (36736 bytes)
Hash
e97e6acd6d5fae4dfb1b353ddf3dcf0f
186f523c36cdd4d80122ea6daf40106e0ce3e20d
0b56c2c2e69c2334a1881c975f0a1223b73447cd57a13f6b435b239a87de961e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 36736
content-type: font/woff2
X-Firefox-Spdy: h2

www.reiseweltklein.de/www/fonts/montserrat.css

5.175.22.217

404 Not Found

196 B

URL HTTP/2
www.reiseweltklein.de/www/fonts/montserrat.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

HTTP Headers

GET /www/fonts/montserrat.css HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.reiseweltklein.de/assets/css/colorpalette.min.css

5.175.22.217

200 OK

1.9 kB

URL HTTP/2
www.reiseweltklein.de/assets/css/colorpalette.min.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
assembler source, ASCII text, with very long lines (8960), with CRLF line terminators
Size
1.9 kB (1898 bytes)
Hash
475de567aa0032280982829dcfc11116
4eceb810b11b830494dc13abff7eb578c42c2f0c
e405a2f80f2edb9470ad0a5184108ea934d9e512a8ed7894e60d9d2388ce219b

HTTP Headers

GET /assets/css/colorpalette.min.css HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Wed, 08 Jul 2020 05:55:56 GMT
etag: "3e89-5a9e7c2ecfd8b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 1898
content-type: text/css
X-Firefox-Spdy: h2

www.reiseweltklein.de/assets/css/custom.css

5.175.22.217

200 OK

3.0 kB

URL HTTP/2
www.reiseweltklein.de/assets/css/custom.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
assembler source, ASCII text, with CRLF, LF line terminators
Size
3.0 kB (2987 bytes)
Hash
3f3dcde275d75ccd807e2e5e2f616812
e530d19c468592f6d6b2e217ca8b4b62aa6e5688
476ee261ef6f668eadf94cfffb6d64d227d6ccc1ee23659ab6f29835c61d94ac

HTTP Headers

GET /assets/css/custom.css HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Wed, 29 Jul 2020 14:42:41 GMT
etag: "3fbb-5ab959162640a-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 2987
content-type: text/css
X-Firefox-Spdy: h2

www.reiseweltklein.de/assets/css/color_scheme/customcolor.css

5.175.22.217

200 OK

3.1 kB

URL HTTP/2
www.reiseweltklein.de/assets/css/color_scheme/customcolor.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
assembler source, ASCII text, with very long lines (582), with CRLF line terminators
Size
3.1 kB (3095 bytes)
Hash
60d56c255a871ae01312cdbdf6ec1e27
8d986fa1d7258c73f1d6d2a043fc0bea80b88ca7
598057d50bdcc975d1742a5b6e8cc49575cb5394cead95b3a4d34aa94ffa97a5

HTTP Headers

GET /assets/css/color_scheme/customcolor.css HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Sun, 12 Jul 2020 12:43:45 GMT
etag: "4498-5aa3decc0656d-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 3095
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9781cdb72210125921ff514ed6bb2088
1bf1700cacbb19ba6cdb241b5b24ebbfa296cda6
7e2a09d56b557a105aa6a24b401f5f5e10c62908a6492921b4c7b38c27209378

HTTP Headers

POST /s/gts1d4/AO43Z6OvIBc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9781cdb72210125921ff514ed6bb2088
1bf1700cacbb19ba6cdb241b5b24ebbfa296cda6
7e2a09d56b557a105aa6a24b401f5f5e10c62908a6492921b4c7b38c27209378

HTTP Headers

POST /s/gts1d4/AO43Z6OvIBc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.reiseweltklein.de/www/reiseweltklein.de/img/logo_WEB.png

5.175.22.217

200 OK

31 kB

URL HTTP/2
www.reiseweltklein.de/www/reiseweltklein.de/img/logo_WEB.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
PNG image data, 1050 x 250, 8-bit colormap, non-interlaced\012- data
Size
31 kB (31311 bytes)
Hash
711a7a3f67f566e53ecd8fc1b5595132
25768acf263514a87150855a0c840ae7b0dace32
7af3e62a7f231fe78212f82b0456ef2b5fdb428ee93526e65f7a932ddccd7997

HTTP Headers

GET /www/reiseweltklein.de/img/logo_WEB.png HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Thu, 27 Jan 2022 14:23:17 GMT
accept-ranges: bytes
content-length: 31311
cache-control: max-age=2592000, public
expires: Wed, 16 Nov 2022 07:39:47 GMT
x-cache: MISS from www.reiseweltklein.de
content-type: image/png
X-Firefox-Spdy: h2

www.reiseweltklein.de/assets/css/vendor.swiper.min.css

5.175.22.217

200 OK

4.2 kB

URL HTTP/2
www.reiseweltklein.de/assets/css/vendor.swiper.min.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (21675), with no line terminators
Size
4.2 kB (4187 bytes)
Hash
21888b586f9fd75d444d25f8e118f5d7
3f92c9c4fe3cb925d4e4f78f5af3b681b3c8c9e5
4151ce7b54bb179dd95e4b52465aeb2e0396d1868207e9ba98f8490cb1b352c0

HTTP Headers

GET /assets/css/vendor.swiper.min.css HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Tue, 07 Jul 2020 09:54:09 GMT
etag: "54b2-5a9d6f907ba36-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 4187
content-type: text/css
X-Firefox-Spdy: h2

www.reiseweltklein.de/assets/images/partnerlogos/DER_Touristik_Partner_4C.svg

5.175.22.217

200 OK

1.9 kB

URL HTTP/2
www.reiseweltklein.de/assets/images/partnerlogos/DER_Touristik_Partner_4C.svg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.9 kB (1874 bytes)
Hash
22419f55c0f2cf167b4a7e3ab34ea26d
167d64d34b221ee6fbc745da7d741da6a687f504
b2512ae142a1aea026ab25487c19647bf751141cc2da51529442efbdfb3aac9a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/images/partnerlogos/DER_Touristik_Partner_4C.svg HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Wed, 08 Jul 2020 10:57:30 GMT
etag: "11b7-5a9ebf9635a80-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 1874
content-type: image/svg+xml
X-Firefox-Spdy: h2

www.reiseweltklein.de/assets/css/vendor_bundle.min.css

5.175.22.217

200 OK

3.8 kB

URL HTTP/2
www.reiseweltklein.de/assets/css/vendor_bundle.min.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (39344)
Size
3.8 kB (3836 bytes)
Hash
f95b5a6991b49a2d93a49c25b0507269
7ddba3d5c0fec9763dc37659af52ddc9a5fdb9ca
5c88a4b0439697d533ea190a067005a323d0a9e481b871985ebf30f8b854ed58

HTTP Headers

GET /assets/css/vendor_bundle.min.css HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:43 GMT
etag: "99c6-5a67923a7b3c0-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 3836
content-type: text/css
X-Firefox-Spdy: h2

app.usercentrics.eu/latest/bundle.js

35.190.14.188

200 OK

230 kB

URL HTTP/2
app.usercentrics.eu/latest/bundle.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (65470)
Size
230 kB (230157 bytes)
Hash
66cf4a8df76a5634eb0a576bf197b3c9
316e22421f1fdc6387978f20484d4ed2d5662fa5
bafed4c1f3bfb8cf821a0d86370090534d283199f9c665e2e3bed8e29c0bd6bc

HTTP Headers

GET /latest/bundle.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdudsPpwki32f0Wt12l9nHN5u8T83DoNMMVsFIee7JEulwJH4BOQjxWlZXO2yZUpnDgqXYpqeO-TpBHNsGRyBfBw8ItrnOEa
x-goog-generation: 1666097577382615
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 230157
x-goog-meta-version: 2.18.1
content-encoding: gzip
x-goog-hash: crc32c=dNeQCQ==, md5=Zs9KjfdqVjTrCldr8ZezyQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 230157
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Mon, 14 Nov 2022 08:12:48 GMT
expires: Tue, 15 Nov 2022 08:12:48 GMT
cache-control: public, max-age=86400, no-transform
age: 84419
last-modified: Tue, 18 Oct 2022 12:52:57 GMT
etag: "66cf4a8df76a5634eb0a576bf197b3c9"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js

35.190.14.188

200 OK

42 kB

URL HTTP/2
privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
42 kB (41812 bytes)
Hash
54b6b898832d24535f03a1eb80f8f84a
40de73f5b117d0ac4ab0ee9ed88e0e295a1cc4b5
16a6b0d3f4aee0f3e43d15ee8571af111cba7424099e9a079bda1dcf02c64689

HTTP Headers

GET /latest/uc-block.bundle.js HTTP/1.1
Host: privacy-proxy.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtybtoPg6ws4ZsIyVjCHygq0YJQnxg2QJdtJnppl0DOQy5gFI9nrAMWgWIUHWmPW8BFi-0gnrLuhfIFGC2d22h_nFo0zDc9
x-goog-generation: 1667392245922040
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 41812
x-goog-meta-version: 2.6.27
content-encoding: gzip
x-goog-hash: crc32c=8fwuJA==, md5=VLa4mIMtJFNfA6HrgPj4Sg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 41812
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
server: UploadServer
date: Tue, 15 Nov 2022 06:49:17 GMT
expires: Tue, 15 Nov 2022 07:49:17 GMT
cache-control: public, max-age=3600
age: 3030
last-modified: Wed, 02 Nov 2022 12:30:45 GMT
etag: "54b6b898832d24535f03a1eb80f8f84a"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.reiseweltklein.de/assets/js/core.min.js

5.175.22.217

200 OK

64 kB

URL HTTP/2
www.reiseweltklein.de/assets/js/core.min.js
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65512)
Size
64 kB (64543 bytes)
Hash
21485a5c91a6e030255faa364281aa40
69e8f4ae330ece58c4c9dc6fa319187d907bc2bd
af79c3c862f29c5011444e6c6a4259961c61f414202b97559225b92339095f84

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/core.min.js HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Thu, 09 Jul 2020 18:02:01 GMT
etag: "4432f-5aa0605764a50-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 64543
content-type: application/javascript
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1a9bc1c0d97206ad57e2d4ff6c2716e0
23509c3a1bec83cf3dcc4f2f3b8864120204f003
eb464dbde4a7d12e5583e3da28b1a494cb597d15d3ae2799fa5585cd231cc4c5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB464DBDE4A7D12E5583E3DA28B1A494CB597D15D3AE2799FA5585CD231CC4C5"
Last-Modified: Mon, 14 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17994
Expires: Tue, 15 Nov 2022 12:39:41 GMT
Date: Tue, 15 Nov 2022 07:39:47 GMT
Connection: keep-alive

push.services.mozilla.com/

52.13.173.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.13.173.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tlFJwmP6/OEllK4rp2deEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sxnzIHRiw15+0SbH84us7KGcAs0=

ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/AO43Z6OvIBc
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9781cdb72210125921ff514ed6bb2088
1bf1700cacbb19ba6cdb241b5b24ebbfa296cda6
7e2a09d56b557a105aa6a24b401f5f5e10c62908a6492921b4c7b38c27209378

HTTP Headers

POST /s/gts1d4/AO43Z6OvIBc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1a9bc1c0d97206ad57e2d4ff6c2716e0
23509c3a1bec83cf3dcc4f2f3b8864120204f003
eb464dbde4a7d12e5583e3da28b1a494cb597d15d3ae2799fa5585cd231cc4c5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB464DBDE4A7D12E5583E3DA28B1A494CB597D15D3AE2799FA5585CD231CC4C5"
Last-Modified: Mon, 14 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21515
Expires: Tue, 15 Nov 2022 13:38:22 GMT
Date: Tue, 15 Nov 2022 07:39:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
19a7770f32a799cb28cda8dfaf3d3dcc
be5906e1a6c4b61a87aecc0e6fb8f1f350976b1e
74d21dd7346b7dc06b510fc8efeec9dada63d4e1f97197e355ef958a82c7998b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "74D21DD7346B7DC06B510FC8EFEEC9DADA63D4E1F97197E355EF958A82C7998B"
Last-Modified: Tue, 15 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 15 Nov 2022 13:39:47 GMT
Date: Tue, 15 Nov 2022 07:39:47 GMT
Connection: keep-alive

www.reiseweltklein.de/assets/css/core.min.css

5.175.22.217

200 OK

41 kB

URL HTTP/2
www.reiseweltklein.de/assets/css/core.min.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Unicode text, UTF-8 text, with very long lines (65516)
Size
41 kB (41057 bytes)
Hash
06249bcfa64e75d0dd5d3e77f960cdd9
078839991c838dd732613ae7a8b4d1201aca8017
99fae1a53fa84932d6a5c938f27b7e776b99c7b27e3709a51f28d84ca65b9306

HTTP Headers

GET /assets/css/core.min.css HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:44 GMT
etag: "50315-5a67923b6f600-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 41057
content-type: text/css
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7978818a606c66f2b6775aea10c411cd
52b8af56083b0e55d5da11352f6a482f4ba1e120
c503aa803e92468e08701c90dda59766aafd9a7ee493bc173f372f0b35480d95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C503AA803E92468E08701C90DDA59766AAFD9A7EE493BC173F372F0B35480D95"
Last-Modified: Mon, 14 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Tue, 15 Nov 2022 13:39:18 GMT
Date: Tue, 15 Nov 2022 07:39:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7978818a606c66f2b6775aea10c411cd
52b8af56083b0e55d5da11352f6a482f4ba1e120
c503aa803e92468e08701c90dda59766aafd9a7ee493bc173f372f0b35480d95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C503AA803E92468E08701C90DDA59766AAFD9A7EE493BC173F372F0B35480D95"
Last-Modified: Mon, 14 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 15 Nov 2022 13:39:47 GMT
Date: Tue, 15 Nov 2022 07:39:47 GMT
Connection: keep-alive

www.reiseweltklein.de/assets/js/jquery-3.4.1_plusUI.min.js

5.175.22.217

200 OK

85 kB

URL HTTP/2
www.reiseweltklein.de/assets/js/jquery-3.4.1_plusUI.min.js
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
85 kB (85178 bytes)
Hash
d12f6a571f27f8f789cf30b5b17bfeea
6b61e7dbdb4fe26ca656015704e4e0270f2e3c05
1f278360aad59de34a97aeebd39d19149d60ccacb878ee9ebc3cbb398bd75437

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery-3.4.1_plusUI.min.js HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Sat, 04 Jul 2020 16:32:09 GMT
etag: "53745-5a9a02ed31440-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 85178
content-type: application/javascript
X-Firefox-Spdy: h2

backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/blue-2705642_1920.jpg

5.175.22.217

200 OK

182 kB

URL HTTP/2
backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/blue-2705642_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
182 kB (181853 bytes)
Hash
9cf84bd65e9f42819059d05b050f4cdb
3a30e6118abbd38ae32bf9dcd2bd4568b745a867
2277b4ab2dbe32ec3d4d4a59363a28d7c6bfb5ea25b8aa82753effd027d2a16b

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/blue-2705642_1920.jpg HTTP/1.1
Host: backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Tue, 19 Oct 2021 14:18:23 GMT
etag: "2c65d-5ceb5558f28e2"
accept-ranges: bytes
content-length: 181853
content-type: image/jpeg
X-Firefox-Spdy: h2

www.reiseweltklein.de/assets/js/vendor_bundle.min.js

5.175.22.217

200 OK

101 kB

URL HTTP/2
www.reiseweltklein.de/assets/js/vendor_bundle.min.js
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (65514)
Size
101 kB (101220 bytes)
Hash
eb1235ec9c4c6300e795fdf0be02224f
d3f8f421bdfc1938f6dbdd41b76b0eb01c3a0bcd
37fe01d6f5a8a0bcf91568940e0202f4728b966b15f2e3141d3729dce8cb2a34

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor_bundle.min.js HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:42:21 GMT
etag: "66b1b-5a67925eb8940-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 101220
content-type: application/javascript
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/medical-563427_1920.jpg

5.175.22.217

200 OK

41 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/medical-563427_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
41 kB (41083 bytes)
Hash
1a14e9bc192ef71737e00e2659b943a3
b34da10383fc7cf2f7588d01f7c7f161ecd3de59
609b9a791933979e096a4778fdd0b046a29d58be123a66fe975951a5db751aff

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/medical-563427_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 09:40:48 GMT
etag: "a07b-5e9cdac1b9435"
accept-ranges: bytes
content-length: 41083
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/florence-1076151_1920.jpg

5.175.22.217

200 OK

43 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/florence-1076151_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
43 kB (42914 bytes)
Hash
c495cd81f5a6c0705828ea4cb35bd7a4
eb58416f33f4a81c4c63c19f0b5c5f08ed2fa805
faba93cd3af2f7af63453df6a1dff0cff4db2497d741b1ba098b08125efcef3e

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/florence-1076151_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Fri, 22 Oct 2021 14:32:32 GMT
etag: "a7a2-5cef1e1af15cd"
accept-ranges: bytes
content-length: 42914
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/woman-4373078_1920.jpg

5.175.22.217

200 OK

55 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/woman-4373078_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
55 kB (55282 bytes)
Hash
a9f3532465426567c8c1ac1c8ec1ae61
bc42eb71d1db2559cb0d197a37d2cc6211ad98cd
48e008b189b0bfa0a9df6bc1361338a96a570331770beb2097f364eb46297196

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/woman-4373078_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "d7f2-5cac1e06512c1"
accept-ranges: bytes
content-length: 55282
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg

5.175.22.217

200 OK

53 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
53 kB (52914 bytes)
Hash
2074572132e9f3e6743aa540110cc27c
965ceb90356ad01c37a5d68f032b7e0e99540f9a
193322064111e8baec20884ca8df731e5a3f99bf8fb326a0915694381613eb17

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/Versicherungen_lifebuoy-4870836_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "ceb2-5ca8ae539421c"
accept-ranges: bytes
content-length: 52914
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg

5.175.22.217

200 OK

54 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
54 kB (54501 bytes)
Hash
a62681ce6032d22369be9e6edcd304b4
9cc14704c06f89d69474ab17d94ac43ef8f11888
6c425443ec0cbf396b7b07fdcea74c95702cef69f15f7305c3eeebf115afe762

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/Mietwagen_camera-1391324_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Fri, 27 Aug 2021 13:59:43 GMT
etag: "d4e5-5ca8ae5390525"
accept-ranges: bytes
content-length: 54501
content-type: image/jpeg
X-Firefox-Spdy: h2

www.reiseweltklein.de/www/fonts/montserrat.css

5.175.22.217

404 Not Found

196 B

URL HTTP/2
www.reiseweltklein.de/www/fonts/montserrat.css
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

HTTP Headers

GET /www/fonts/montserrat.css HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/passport-6012618_1920.jpg

5.175.22.217

200 OK

135 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/passport-6012618_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
135 kB (135254 bytes)
Hash
6c6cce06a97cb2121796d60972afafaa
3a66e9eb3f93e7a004adbd13405588d7b7cc3ef2
55c47ab26263641d379014113b867e685ab1a3747d8419ad5b07c6834ba25623

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/passport-6012618_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Thu, 11 Nov 2021 09:39:05 GMT
etag: "21056-5d0801d0be818"
accept-ranges: bytes
content-length: 135254
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/people-2596150_1920.jpg

5.175.22.217

200 OK

76 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/people-2596150_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
76 kB (75545 bytes)
Hash
f16f4c84dd85f57da7da2951105553b2
23704a18bd51655be537bfee0ea8522aaf982e50
9a86b5df3cf9ce4152b716826490f44b161e74f46eb12f3f60f285213a70d3e8

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/people-2596150_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Fri, 22 Oct 2021 14:32:32 GMT
etag: "12719-5cef1e1b1b533"
accept-ranges: bytes
content-length: 75545
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg

5.175.22.217

200 OK

79 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
79 kB (78687 bytes)
Hash
192a66bef59226d6ab6b3a5097bb2d4d
5d4ef05d8529e310115d7ee15724985469343319
f014df907df2ab80a94cd71c2267a0896ec6c7831308e92a3c726c8592a81eb1

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/guinea-pig-1969698_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1335f-5cac1e06418a1"
accept-ranges: bytes
content-length: 78687
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/statue-of-liberty-g91a003ec7_1920.jpg

5.175.22.217

200 OK

73 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/statue-of-liberty-g91a003ec7_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
73 kB (73186 bytes)
Hash
73991d5ed68858c2a662504dc2183e32
1cedc862bb3824ea216db4591c71d5b3a0b49dc2
21127e3e4b00b57465d7dc43dbbb6bf6adbb931c512aa1b76d7096061556fecc

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/statue-of-liberty-g91a003ec7_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 09:40:48 GMT
etag: "11de2-5e9cdac1c4b5e"
accept-ranges: bytes
content-length: 73186
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/adult-1867588_1920.jpg

5.175.22.217

200 OK

74 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/adult-1867588_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
74 kB (74363 bytes)
Hash
9afa401e03694ab2e6026848686b4c7c
fb05abf2ad235647ff0d1ab7c46f6dd1a6dded2c
523fce8d4212df98896ac7ddde027ff647b0ac1b144fc828ed8f97f489b04695

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/adult-1867588_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Fri, 22 Oct 2021 15:13:38 GMT
etag: "1227b-5cef274a65b30"
accept-ranges: bytes
content-length: 74363
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/caimari-596180_1920.jpg

5.175.22.217

200 OK

99 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/caimari-596180_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
99 kB (99010 bytes)
Hash
9000e7e47d97463fd307024f1688a9d9
0de350d7c131485b994065e5191ac352b40e2c50
ccef35059e473aaaf3129247875536267daf87429e2c27379d552fae14d329df

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/caimari-596180_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Fri, 22 Oct 2021 15:13:38 GMT
etag: "182c2-5cef274a71223"
accept-ranges: bytes
content-length: 99010
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/lake-louise-1761286_1920.jpg

5.175.22.217

200 OK

115 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/lake-louise-1761286_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
115 kB (115135 bytes)
Hash
ae636582e580e0d24e4fedbc84af6894
02040d1ef25f7ec7678ef64ba984a2236dfb0153
836653e3204500f3598e1bc344205a816584c96b5393cea8b4af40e74e736f7d

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/lake-louise-1761286_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 09:40:48 GMT
etag: "1c1bf-5e9cdac1c8868"
accept-ranges: bytes
content-length: 115135
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg

5.175.22.217

200 OK

124 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
124 kB (123987 bytes)
Hash
4d620151c765ed8bdd1ddd6193f9e244
475c4f9ce545458df2a3c53b3f9767508d2b325d
3629b868912b11d754f948b8f297b7ba056e82256ee83c85fc41e401ea0dc1a6

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/women-3266211_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1e453-5cac1e06691e6"
accept-ranges: bytes
content-length: 123987
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg

5.175.22.217

200 OK

114 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
114 kB (114078 bytes)
Hash
7d47e7c0e4644bdb9f6390233fa64b5d
309923c63deee1d97fb8dd2e70a902ee6faf7ac7
653e3553dd08d47e5a964311149365a582a90dfde032adaa54097e17882843f7

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/vacations-2490266_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Mon, 30 Aug 2021 07:35:25 GMT
etag: "1bd9e-5cac1e0664f6e"
accept-ranges: bytes
content-length: 114078
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/agriculture-1807581_1920.jpg

5.175.22.217

200 OK

157 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1009/files/BilderPool/Thementeaser/agriculture-1807581_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x800, components 3\012- data
Size
157 kB (157263 bytes)
Hash
8c556bb1a34f481967afe8fa4cdec561
54608b265c37922517b49b04be63209ce2d62df5
4576d192a79949e88ad8c4aed21b85b980907769c4dd6e8ae55a38e0141a1c6c

HTTP Headers

GET /www/_data/1009/files/BilderPool/Thementeaser/agriculture-1807581_1920.jpg HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Tue, 19 Oct 2021 14:18:23 GMT
etag: "2664f-5ceb5558eaecf"
accept-ranges: bytes
content-length: 157263
content-type: image/jpeg
X-Firefox-Spdy: h2

www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif

5.175.22.217

200 OK

489 kB

URL HTTP/2
www.backend.tcautor.de/www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
GIF image data, version 89a, 2000 x 400\012- data
Size
489 kB (488926 bytes)
Hash
5d4acf5c3a2b71be434b261b76b7e6a9
d9e2645d08cec0a26fe80d30e973de6a4a0b7455
05655f50624596e80672653afde7d5ff99e5efa933bab177057a92812cb659f5

HTTP Headers

GET /www/_data/1025/files/BilderPool/Werbebanner-Mailings/tc_aktueller_banner.gif HTTP/1.1
Host: www.backend.tcautor.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
last-modified: Tue, 23 Aug 2022 16:09:31 GMT
etag: "775de-5e6eaca279e6a"
accept-ranges: bytes
content-length: 488926
content-type: image/gif
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8094f6d66cd067b92b99cc3c1ec916c6
cdb6d27ace38846e7a770dafce189f90a30db886
f07248933eddbab19c1153daaece5a2c3bcb421598bfab2c4b0f4c547d75e817

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.reiseweltklein.de/assets/fonts/flaticon/Flaticon.woff2

5.175.22.217

200 OK

37 kB

URL HTTP/2
www.reiseweltklein.de/assets/fonts/flaticon/Flaticon.woff2
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 36732, version 1.0\012- data
Size
37 kB (36732 bytes)
Hash
ae2dd4b29a7c28b5cc6e9364c7a69983
602976fc50a9aa00adc99bc2d93888db7a81d2fc
0ebd2de93302226f320140f8051d5cff7c3752be9700d0d598e498bbe0dde638

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.reiseweltklein.de/assets/css/core.min.css
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:48 GMT
server: Apache
last-modified: Sat, 09 May 2020 10:20:16 GMT
etag: "8f7c-5a53475c0b800"
accept-ranges: bytes
content-length: 36732
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:48 GMT
vary: Accept-Encoding
x-cache: MISS from www.reiseweltklein.de
content-type: font/woff2
X-Firefox-Spdy: h2

www.reiseweltklein.de/images/BilderPool/Destinationen/Bora-Bora/bora-bora-3023437_1920.jpg

5.175.22.217

200 OK

521 kB

URL HTTP/2
www.reiseweltklein.de/images/BilderPool/Destinationen/Bora-Bora/bora-bora-3023437_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1281, components 3\012- data
Size
521 kB (520637 bytes)
Hash
6605ad81ec201b7ea71b338f719495f5
a31e4abefb2eaf7d9857901ca76745b4793d7c57
9df2edbeff75a306661359bb1ccd316e8febf9615315de67b02987573f30d910

HTTP Headers

GET /images/BilderPool/Destinationen/Bora-Bora/bora-bora-3023437_1920.jpg HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:48 GMT
server: Apache
last-modified: Mon, 18 Oct 2021 11:45:32 GMT
etag: "7f1bd-5ce9f151dee32"
accept-ranges: bytes
content-length: 520637
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:48 GMT
x-cache: MISS from www.reiseweltklein.de
content-type: image/jpeg
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/cGpVLbInt0o

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/cGpVLbInt0o
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6d9d9af7e8d627d3e4f11e6ec5d05a23
afbade6f3908aa14e54c56e4fa06db682cc9bad8
006d556178023aa477d7a01d56b0c5108e9c294cc27b438df785fc8c97b938b7

HTTP Headers

POST /s/gts1d4/cGpVLbInt0o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b10c54f139cb264d0b4ab0fccd004fe3
162a64622e0d910516cf3748a8192f11767407e6
2f905997d7fbbdb91dc1a8bdd4537ad20753f8947eae7e3ba9d80a0885110dde

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F905997D7FBBDB91DC1A8BDD4537AD20753F8947EAE7E3BA9D80A0885110DDE"
Last-Modified: Sun, 13 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21562
Expires: Tue, 15 Nov 2022 13:39:10 GMT
Date: Tue, 15 Nov 2022 07:39:48 GMT
Connection: keep-alive

www.tourcontact.eu/pages/reisebueros/allgemein/Absenden_165281207_2.png

92.51.134.215

200 OK

471 B

URL HTTP/2
www.tourcontact.eu/pages/reisebueros/allgemein/Absenden_165281207_2.png
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
PNG image data, 30 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
471 B (471 bytes)
Hash
a0a50bed7bc7c699431ff21345890818
71506eec2db7382492f16952f157e35a454aaf47
b0854cc18c966410630e7a28713b970e3239cb58437db24b915737d0f4c4e835

HTTP Headers

GET /pages/reisebueros/allgemein/Absenden_165281207_2.png HTTP/1.1
Host: www.tourcontact.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 07:39:48 GMT
content-type: image/png
content-length: 471
x-accel-version: 0.01
last-modified: Wed, 03 Nov 2021 10:59:56 GMT
etag: "1d7-5cfe04f71c5b2"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.reiseweltklein.de/assets/js/scripts.min.js?_=1668497987803

5.175.22.217

200 OK

3.2 kB

URL HTTP/2
www.reiseweltklein.de/assets/js/scripts.min.js?_=1668497987803
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (5449), with CRLF line terminators
Size
3.2 kB (3166 bytes)
Hash
1d16ebc0b3c66d6a10a2f844da041250
0bfc5df3e06ecc3af5ea0e5e4ec0c277d887c58f
7ddfb4f8b171063568c5f9d506d3777cfc061d6eff3deff43fcb5af2b6e38f11

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/scripts.min.js?_=1668497987803 HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:48 GMT
server: Apache
last-modified: Sun, 05 Jul 2020 10:17:52 GMT
etag: "2541-5a9af1222b05b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:48 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 3166
content-type: application/javascript
X-Firefox-Spdy: h2

www.reiseweltklein.de/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1668497987804

5.175.22.217

200 OK

2.8 kB

URL HTTP/2
www.reiseweltklein.de/assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1668497987804
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
Unicode text, UTF-8 (with BOM) text
Size
2.8 kB (2824 bytes)
Hash
ff02a0dc373adfb3ebe39af4c7eef961
dac0bdc76620735d11975d970215c5d70207334c
7cdb80f8f5dea5cabf2936d0241e5d8a4b07f1cddaa5123a0c83b764c8f2c798

HTTP Headers

GET /assets/js/hyphenopoly/Hyphenopoly_Loader.js?_=1668497987804 HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:48 GMT
server: Apache
last-modified: Sat, 18 Jul 2020 18:48:04 GMT
etag: "2936-5aabbb6b6819b-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:48 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 2824
content-type: application/javascript
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/cGpVLbInt0o

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/cGpVLbInt0o
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6d9d9af7e8d627d3e4f11e6ec5d05a23
afbade6f3908aa14e54c56e4fa06db682cc9bad8
006d556178023aa477d7a01d56b0c5108e9c294cc27b438df785fc8c97b938b7

HTTP Headers

POST /s/gts1d4/cGpVLbInt0o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

privacy-proxy-server.usercentrics.eu/googleMaps?center=50.070,7.440&size=1000x500&zoom=12

34.149.163.237

200 OK

139 kB

URL HTTP/2
privacy-proxy-server.usercentrics.eu/googleMaps?center=50.070,7.440&size=1000x500&zoom=12
IP
34.149.163.237:0
ASN
#15169 GOOGLE

File type
PNG image data, 1280 x 1000, 8-bit colormap, non-interlaced\012- data
Size
139 kB (138646 bytes)
Hash
a936ede94fe64f90f00f0fe5d5eb9ae5
ffcb822d3ccf0aa3e8770171065190d5f27c8fa7
472f4bda6835597a3316bf90ce7751ecd5a11ec8045c121de2f1448cb8a99aba

HTTP Headers

GET /googleMaps?center=50.070,7.440&size=1000x500&zoom=12 HTTP/1.1
Host: privacy-proxy-server.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
content-type: image/png
expires: Wed, 16 Nov 2022 07:39:48 GMT
cache-control: public, max-age=2592000
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cloud-trace-context: a5fab2bfb2641214dc9e01afa8867850
date: Tue, 15 Nov 2022 07:39:48 GMT
server: Google Frontend
content-length: 138646
via: 1.1 google
X-Firefox-Spdy: h2

www.reiseweltklein.de/assets/js/vendor.swiper.min.js

5.175.22.217

200 OK

32 kB

URL HTTP/2
www.reiseweltklein.de/assets/js/vendor.swiper.min.js
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
32 kB (31466 bytes)
Hash
ed605729945876db2c8be9bb08804fe7
afc15092fc62fe09bbca09167410dac0f69f4b2e
a635d2fe17bba098e4d878bb51bd01c7e04655d1ace2b4164b65c9b209b14f2a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor.swiper.min.js HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:48 GMT
server: Apache
last-modified: Mon, 25 May 2020 13:41:50 GMT
etag: "22538-5a67924128380-br"
accept-ranges: bytes
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:48 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-length: 31466
content-type: application/javascript
X-Firefox-Spdy: h2

www.reiseweltklein.de/img/android-icon-192x192.png

5.175.22.217

200 OK

8.0 kB

URL HTTP/2
www.reiseweltklein.de/img/android-icon-192x192.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26961), with no line terminators
Size
8.0 kB (8039 bytes)
Hash
fa4736405f139a1b8e01880d51fee8d6
e24abbd4aa944620903ebc99c28877f20a5129a0
0f303954e0d2323db38512a056b666ba91074145d190951c98c2e9f828c3734b

HTTP Headers

GET /img/android-icon-192x192.png HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:48 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Wed, 16 Nov 2022 07:39:48 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17930
Expires: Tue, 15 Nov 2022 12:38:38 GMT
Date: Tue, 15 Nov 2022 07:39:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17930
Expires: Tue, 15 Nov 2022 12:38:38 GMT
Date: Tue, 15 Nov 2022 07:39:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17930
Expires: Tue, 15 Nov 2022 12:38:38 GMT
Date: Tue, 15 Nov 2022 07:39:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17930
Expires: Tue, 15 Nov 2022 12:38:38 GMT
Date: Tue, 15 Nov 2022 07:39:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8025 bytes)
Hash
94c82cd0e4204ea23b9bd86a3f576fa8
1651325ad361d1c86a4b81edb6b75af27f490a39
0173a565be87e87b2a8fccb3bfe4f237ddd9fdafa5711e79f0c4381882238886

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8025
x-amzn-requestid: c876c502-bde1-4c03-a946-7af2117240ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bg3EUF0foAMFfyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63703881-0594a8076fb64f570f824ad1;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 00:21:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eWpoQ8Bkfez0fw2HBZVlPIWIrtjeS6i6V-Dn0NthrKeeDYQEYq62kQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:49:06 GMT
etag: "1651325ad361d1c86a4b81edb6b75af27f490a39"
content-type: image/jpeg
age: 35442
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.reiseweltklein.de/img/favicon-16x16.png

5.175.22.217

200 OK

15 kB

URL HTTP/2
www.reiseweltklein.de/img/favicon-16x16.png
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26961), with no line terminators
Size
15 kB (15409 bytes)
Hash
2476829edb6087e9331ddcb8402806ac
ea9e25b3c61b6f55ab0b1f93b6a3a19b7e4832b7
39c9c8064b169be43bb3171b6d7eb4470cfd2089954eff328c471fd768b0ae64

HTTP Headers

GET /img/favicon-16x16.png HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:48 GMT
server: Apache
cache-control: max-age=420, private, must-revalidate
expires: Wed, 16 Nov 2022 07:39:48 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5856 bytes)
Hash
b891dd714ee24b92f59f0697dd45c2b4
8b54f502df3eb318b87ff8a3313007876752e181
d50396bc97a46452ed3af30dbfffc9fe75cf7d4ec347c0a8460d99a6affd1fb2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5856
x-amzn-requestid: 5261109d-ca5e-4b77-b0a2-17b634a51fd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPtpFvRoAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705ff0-570bdfbd329fe34b47d8c7a4;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8XeCtd88wwfynTV2w67E7r__KCAAIAsfv7sg67o_HSehIsIBae_SkQ==
via: 1.1 ba55932f4947672586f0865cea81e028.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 04:01:21 GMT
age: 13107
etag: "8b54f502df3eb318b87ff8a3313007876752e181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07797f-dd0a-4d91-86dd-362bcde1053e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12942 bytes)
Hash
14d5eaa5fe940564f077ca611f6e3fbe
032b8bfc63294a55ff49ee7186768bd9728ce103
7bed85f8f78ba7e1fad560d0ea311a65bff33aaf5f3226bef392ddc10f52d620

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07797f-dd0a-4d91-86dd-362bcde1053e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12942
x-amzn-requestid: fd589c13-7784-4e3a-b928-908fd2b8f98a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8hgHQvIAMFmfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-29db9a7832efa131593951f2;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f-hb5cPg2rs4xJls_0z3RbITwQlh__E1X7YkHZeISA2jOm3MX0CKrA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 07:49:47 GMT
age: 85801
etag: "032b8bfc63294a55ff49ee7186768bd9728ce103"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11667 bytes)
Hash
032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 00:41:48 GMT
age: 25080
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4394 bytes)
Hash
b18dc101656c2e449e5f54ff7b7fb10b
d5ba3b6a069a74b5db3560a265728e627f6fe18d
53a73577e37651a936a5841fe06e40475e06ce6fa9e14fc0590ddc7aba421dd2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4394
x-amzn-requestid: fd389a5e-b816-4bd8-a073-2f52fea5bfab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhtFfnIAMF1rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b471-133a3285137912af436daffd;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:41 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6i-blK0B05DT_CvizlmYpcDTpDV8IZLOIrukIQPW6FISAuXa1T0FdQ==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:53 GMT
age: 35635
etag: "d5ba3b6a069a74b5db3560a265728e627f6fe18d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.reiseweltklein.de/images/BilderPool/Landingpages/Packliste/luggage-933487_1280.jpg

5.175.22.217

200 OK

303 kB

URL HTTP/2
www.reiseweltklein.de/images/BilderPool/Landingpages/Packliste/luggage-933487_1280.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x853, components 3\012- data
Size
303 kB (303393 bytes)
Hash
8bbc34ac597d01dc8b53cf68ade9006c
0e5263b8ad51909d97ca952fd79030f17cd6f754
6770fdb346fcd254cd284af3e3ea21dfcf92429595382d350ca98c8b7a801240

HTTP Headers

GET /images/BilderPool/Landingpages/Packliste/luggage-933487_1280.jpg HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:48 GMT
server: Apache
last-modified: Fri, 21 Jan 2022 08:42:23 GMT
etag: "4a121-5d6139900227f"
accept-ranges: bytes
content-length: 303393
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:48 GMT
x-cache: MISS from www.reiseweltklein.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.reiseweltklein.de/images/Reisewelt-Klein/Team/Christian_Klein_Slider.jpg

5.175.22.217

200 OK

217 kB

URL HTTP/2
www.reiseweltklein.de/images/Reisewelt-Klein/Team/Christian_Klein_Slider.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3500x1800, components 3\012- data
Size
217 kB (217160 bytes)
Hash
9810e54eaa1c84b6f920064e4291f89d
90ee3d5fbb147a8da63a407e52a5987aaedc1747
cd18f9a6a709743152c1b275dadd98bad1b0d6f310f7c9cf115e7256d8b1019b

HTTP Headers

GET /images/Reisewelt-Klein/Team/Christian_Klein_Slider.jpg HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:49 GMT
server: Apache
last-modified: Thu, 27 Jan 2022 14:46:51 GMT
etag: "35048-5d691637ccab0"
accept-ranges: bytes
content-length: 217160
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:49 GMT
x-cache: MISS from www.reiseweltklein.de
content-type: image/jpeg
X-Firefox-Spdy: h2

www.reiseweltklein.de/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg

5.175.22.217

200 OK

298 kB

URL HTTP/2
www.reiseweltklein.de/images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size
298 kB (297622 bytes)
Hash
3b79d15ffab5a3bf79230f1267583e04
d52e852edaafb33ae8685188a9e8cdaae25a3a22
b1b7249a0435d37be3a8b06e71afafe1f56962a9c3fd167b7b5136efdc25cd8d

HTTP Headers

GET /images/BilderPool/Reisethemen/Relax/jetty-1834801_1920.jpg HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:49 GMT
server: Apache
last-modified: Thu, 24 Jun 2021 07:47:06 GMT
etag: "48a96-5c57e3ac51ad4"
accept-ranges: bytes
content-length: 297622
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:49 GMT
x-cache: MISS from www.reiseweltklein.de
content-type: image/jpeg
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2

104.18.22.52

200 OK

2.4 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 2412, version 331.-31196\012- data
Size
2.4 kB (2412 bytes)
Hash
714ee8de820748bab5090d91cd5b7690
07f4d4dfe5e3c9045f41996eb1ac8ecbbcc779bf
322c181b1aab5807cd0a7ed9e249ddbd97fa385ca3d338aa59ef1f610ca24601

HTTP Headers

GET /releases/latest/webfonts/pro-fa-brands-400-5.8.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.reiseweltklein.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:49 GMT
content-type: font/woff2
content-length: 2412
x-amz-id-2: /ptR1/X3fOEbHRkzHKFkQ21TB1hvSNgaSamnzMHqQDEHILkaN+lORUtOyGYtRe91x1iaBCL4qqY=
x-amz-request-id: KTZZFNFFPGW1QNQ8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:37 GMT
etag: "714ee8de820748bab5090d91cd5b7690"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Tue, 15 Nov 2022 08:09:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 76a655cedc040b31-OSL
X-Firefox-Spdy: h2

www.reiseweltklein.de/images/BilderPool/Reisethemen/Ferienwohnung/caimari-596180_1920.jpg

5.175.22.217

200 OK

896 kB

URL HTTP/2
www.reiseweltklein.de/images/BilderPool/Reisethemen/Ferienwohnung/caimari-596180_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1436, components 3\012- data
Size
896 kB (895653 bytes)
Hash
5a442903782bc49f02e705d518e66d74
1c102cf20e60fb8b2ca6ec3f8fda251ba44debc5
61809823524216e6b8c32a8b95e43f83e9219b87d4b7d17eb1e1783d1b59e850

HTTP Headers

GET /images/BilderPool/Reisethemen/Ferienwohnung/caimari-596180_1920.jpg HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:49 GMT
server: Apache
last-modified: Fri, 05 Nov 2021 16:10:44 GMT
etag: "daaa5-5d00ce2a49b14"
accept-ranges: bytes
content-length: 895653
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:49 GMT
x-cache: MISS from www.reiseweltklein.de
content-type: image/jpeg
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2

104.18.22.52

200 OK

11 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10884, version 331.-31196\012- data
Size
11 kB (10884 bytes)
Hash
b297f9c677379a25dab795e0546e1e07
c0eeb3115545926ad1cb5d9b37a2fe573acf4b03
272922821dedf161cdf3bebb80a3353ae53e530698f4f92606e3f76b5415c158

HTTP Headers

GET /releases/latest/webfonts/pro-fa-duotone-900-5.7.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.reiseweltklein.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:49 GMT
content-type: font/woff2
content-length: 10884
x-amz-id-2: PeXtbfSu3CHr9DjUQcPmVJk2L/eEW+60Ty1EwCuMHPO5NYg9+q6sNqnCS6id1oWL5v6XtEIJcDE=
x-amz-request-id: KTZWJ3YYWPKED2QJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:39 GMT
etag: "b297f9c677379a25dab795e0546e1e07"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Tue, 15 Nov 2022 08:09:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 76a655cedbfe0b31-OSL
X-Firefox-Spdy: h2

www.reiseweltklein.de/images/BilderPool/Destinationen/Amerika/Karibik/beach-84561_1920.jpg

5.175.22.217

200 OK

457 kB

URL HTTP/2
www.reiseweltklein.de/images/BilderPool/Destinationen/Amerika/Karibik/beach-84561_1920.jpg
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size
457 kB (456847 bytes)
Hash
8fd800a3e7fadbbca35ab6d539913944
2e2203f474c4ac91e0d35233b8dcab8bff276ab1
b0dfc834585764b5a56558718ece202683b632d369fd34cad69af47e02d55f66

HTTP Headers

GET /images/BilderPool/Destinationen/Amerika/Karibik/beach-84561_1920.jpg HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Cookie: CFID=36553026; CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; cross-site-cookie=sow
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:49 GMT
server: Apache
last-modified: Mon, 18 Oct 2021 11:40:58 GMT
etag: "6f88f-5ce9f04bd06fd"
accept-ranges: bytes
content-length: 456847
cache-control: max-age=86400
expires: Wed, 16 Nov 2022 07:39:49 GMT
x-cache: MISS from www.reiseweltklein.de
content-type: image/jpeg
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2

104.18.22.52

200 OK

16 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 15748, version 331.-31196\012- data
Size
16 kB (15748 bytes)
Hash
1894bebba876a67d0cb7cd7351ab6ae4
0c2e2d2e73311bbd4c429e33e4e4c4036207b4b1
ec540bd82697b5fb43f1584f25446b7d58a0cf0a51e1544b0b278a2aaa5f1e77

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.11.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.reiseweltklein.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:49 GMT
content-type: font/woff2
content-length: 15748
x-amz-id-2: bg19ZHl3pC02sC1vIQW5nNxCaOuXC34FpDsuVew7iz6auA09I0wdauMlix1Z7VIvFFmWhzJLPtI=
x-amz-request-id: KTZPYS82BYRHV21M
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "1894bebba876a67d0cb7cd7351ab6ae4"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Tue, 15 Nov 2022 08:09:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 76a655cedc070b31-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d237060aa2f188c9490ae2af0977693b
6e0d37886d7c7351e9defe89b3ad927484b3a5c5
ab910441d28b90591473d4571a4119c974824c8340cce59c251ed1956f46fa94

HTTP Headers

POST /s/gts1d4/qXJ6BhT-uwQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2

104.18.22.52

200 OK

17 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 17168, version 331.-31196\012- data
Size
17 kB (17168 bytes)
Hash
8a43eb7db323b6a82d87a458c34cbe82
968367a39a575ffe38f1cfda07eea12eff885831
2bbaabc785383c5d90abc17e6703ac6a057b9644c6ebdfe9e15709c6ffac9c71

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.10.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.reiseweltklein.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:49 GMT
content-type: font/woff2
content-length: 17168
x-amz-id-2: Tsi2wLvPF+96Zpmqw5ZdhCJ/OzamTGvYKIxDWvKhz0T5db1Y6c+Ry2MtwH7Om9V7BORAir+sp+0=
x-amz-request-id: KTZH7A0PCCQBC198
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:41 GMT
etag: "8a43eb7db323b6a82d87a458c34cbe82"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Tue, 15 Nov 2022 08:09:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 76a655cedc080b31-OSL
X-Firefox-Spdy: h2

api.usercentrics.eu/settings/8EV1oBWbt/latest/de.json

35.241.3.184

200 OK

8.2 kB

URL HTTP/2
api.usercentrics.eu/settings/8EV1oBWbt/latest/de.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (26196), with no line terminators
Size
8.2 kB (8174 bytes)
Hash
c62ae3f23a1b9db989b30786d7623166
c5fa759c2f95c4bcab5393391838ce826948babf
e96186ea046c8600f2cd9200a2298bdb42a9b26bc89a7bcc62f80933d903be7d

HTTP Headers

GET /settings/8EV1oBWbt/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.reiseweltklein.de/
Origin: https://www.reiseweltklein.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvqcz9fp33zkh_h24j4mPpo0HKlkXTGyvCnMhSd7j684CU5yFBzhgq-h6JSOxDNqqkvHdlAjtVMT_MzYMli6Fh4
x-goog-generation: 1667581140461575
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8174
content-encoding: gzip
x-goog-hash: crc32c=R4cBkQ==, md5=xirj8jobnbmJsweG12IxZg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8174
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 15 Nov 2022 07:39:49 GMT
expires: Tue, 15 Nov 2022 07:39:59 GMT
cache-control: public, max-age=1800, s-maxage=10
last-modified: Fri, 04 Nov 2022 16:59:00 GMT
etag: "c62ae3f23a1b9db989b30786d7623166"
content-type: application/json
age: 0
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2

104.18.22.52

200 OK

25 kB

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 24800, version 331.-31196\012- data
Size
25 kB (24800 bytes)
Hash
4abe94f1746789f39110d3ebac7ebd96
bdc3b41f3cc3e5e3e87ca020eeddc2b288f0dd91
299dc8e16be2ab2214e279b5536efd387d17fd3d364f397ce9f1fed602384fea

HTTP Headers

GET /releases/latest/webfonts/pro-fa-light-300-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.reiseweltklein.de
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:49 GMT
content-type: font/woff2
content-length: 24800
x-amz-id-2: q8hScYpoPg0fG53CbIBFMx05NB2HvGzjGLlfbdKMQTLkpgPMcbFacA58zHnTB+rmHVYAwUsk2xw=
x-amz-request-id: KTZG3VV649MH2W5H
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 21:22:40 GMT
etag: "4abe94f1746789f39110d3ebac7ebd96"
cache-control: public, max-age=1800
cf-cache-status: MISS
expires: Tue, 15 Nov 2022 08:09:49 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 76a655cedc090b31-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/qXJ6BhT-uwQ
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d237060aa2f188c9490ae2af0977693b
6e0d37886d7c7351e9defe89b3ad927484b3a5c5
ab910441d28b90591473d4571a4119c974824c8340cce59c251ed1956f46fa94

HTTP Headers

POST /s/gts1d4/qXJ6BhT-uwQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
89ea230243fd387ea23b620558c8d387
6695b00d668ecd878f2cf90ce3c56dbef6ef1c0a
71688ecf4e140a988dc0f8ef7f9217e6563468d79ef5b448e5e7f9ca1fbaf228

HTTP Headers

POST /s/gts1d4/tKUY0ZCyl9k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.38,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,BJz7qNsdj-7@15.7.12,abGHajF1@6.0.1,S1pcEj_jZX@21.9.4,8eIqa_sKr@8.1.0

34.120.28.121

200 OK

6.0 kB

URL HTTP/2
aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.38,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,BJz7qNsdj-7@15.7.12,abGHajF1@6.0.1,S1pcEj_jZX@21.9.4,8eIqa_sKr@8.1.0
IP
34.120.28.121:0
ASN
#15169 GOOGLE

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (39783), with no line terminators
Size
6.0 kB (6044 bytes)
Hash
f75cd277d71161e6911030023f10170c
b24f4dcf8d091e05b834f2429d4e7ea2e3f52dd5
4bdf95fe9d6cb0b624aa74f787273efb63d2a29b571b611bef51f9c2a82e55ae

HTTP Headers

GET /aggregate/de?templates=H1Vl5NidjWX@40.17.38,Hko_qNsui-Q@14.5.15,SJKM9Ns_ibQ@10.5.6,rkUcEjuoWm@16.6.5,ko1w5PpFl@23.12.19,XYQZBUojc@9.6.4,r5-Z_erQ0@6.2.2,QPYQDujT@3.3.0,BJ59EidsWQ@25.6.26,BJz7qNsdj-7@15.7.12,abGHajF1@6.0.1,S1pcEj_jZX@21.9.4,8eIqa_sKr@8.1.0 HTTP/1.1
Host: aggregator.service.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.reiseweltklein.de/
Origin: https://www.reiseweltklein.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding, accept-encoding
access-control-allow-origin: *
content-encoding: br
server: Google Frontend
via: 1.1 google
date: Mon, 14 Nov 2022 11:46:45 GMT
cache-control: public,max-age=604800
etag: "1759h69"
content-type: application/json; charset=utf-8
content-length: 6044
age: 71584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/tKUY0ZCyl9k
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
89ea230243fd387ea23b620558c8d387
6695b00d668ecd878f2cf90ce3c56dbef6ef1c0a
71688ecf4e140a988dc0f8ef7f9217e6563468d79ef5b448e5e7f9ca1fbaf228

HTTP Headers

POST /s/gts1d4/tKUY0ZCyl9k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
274afda4cce81a7f074fa3cdbaedb98c
0867fad9bc6911c5935eaaf73f2a7a3665f7bcbc
d0a5d63bb10d2fa341b648059b4fda2157a34b9fd1d4f5700194789467907c6a

HTTP Headers

POST /s/gts1d4/kHRXVe39NZ4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
274afda4cce81a7f074fa3cdbaedb98c
0867fad9bc6911c5935eaaf73f2a7a3665f7bcbc
d0a5d63bb10d2fa341b648059b4fda2157a34b9fd1d4f5700194789467907c6a

HTTP Headers

POST /s/gts1d4/kHRXVe39NZ4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

graphql.usercentrics.eu/graphql

34.120.238.166

204 No Content

0 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Referer: https://www.reiseweltklein.de/
Origin: https://www.reiseweltklein.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Tue, 15 Nov 2022 07:39:49 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3fcdb3f06f644d8c2f7de98ebfc8038b
1fd83bdc58200fe7444d31a15b32b3ea94b1e937
6764d21e6d67fd71be74bcd84349fdf211b96b199e8b6e0f77d4d5fe0593accf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6764D21E6D67FD71BE74BCD84349FDF211B96B199E8B6E0F77D4D5FE0593ACCF"
Last-Modified: Mon, 14 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6868
Expires: Tue, 15 Nov 2022 09:34:17 GMT
Date: Tue, 15 Nov 2022 07:39:49 GMT
Connection: keep-alive

uc.e-recht24.de/erecht24_logo_white.png

159.69.24.179

200

2.9 kB

URL HTTP/1.1
uc.e-recht24.de/erecht24_logo_white.png
IP
159.69.24.179:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 98 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2889 bytes)
Hash
6ce60860fb4697564e38580a4709ec5c
9806460f6b62a69a9652f8d17afaef69c3e8c287
933400df86c19613e2f9e127e098a0a8eb9e3d9870c8bbcbb8f234629cee5b74

HTTP Headers

GET /erecht24_logo_white.png HTTP/1.1
Host: uc.e-recht24.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 15 Nov 2022 07:39:49 GMT
Content-Type: image/png
Content-Length: 2889
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Fri, 29 Jul 2022 06:46:14 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 16 Nov 2023 07:39:49 GMT
X-Frame-Options: DENY
Pragma: no-cache, public
Cache-Control: max-age=31622400, public

ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/kHRXVe39NZ4
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
274afda4cce81a7f074fa3cdbaedb98c
0867fad9bc6911c5935eaaf73f2a7a3665f7bcbc
d0a5d63bb10d2fa341b648059b4fda2157a34b9fd1d4f5700194789467907c6a

HTTP Headers

POST /s/gts1d4/kHRXVe39NZ4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 07:39:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5882 bytes)
Hash
fe4f5dc12e097182fed4de0161bc5b8a
746804d683bea55f44d5f6456a7e69d0048e4f58
d8a2095cd57455bab301ae68b7478997f3db056039886d85301eb85d7d196cf4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5882
x-amzn-requestid: 3269a61b-6246-42bc-a3f6-ba2fc6708c4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPteF0SIAMFp8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705fef-48758a23646243030346d9d9;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fXm81LDpPcdG5wr5OA5jUT_wDh8oRuNYYRmlyOdjrPzj42J5FAEOQQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:32:32 GMT
age: 14843
etag: "746804d683bea55f44d5f6456a7e69d0048e4f58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/css/pro.min.css

104.18.22.52

200 OK

0 B

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/css/pro.min.css
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/latest/css/pro.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:48 GMT
content-type: text/css
x-amz-id-2: AMRPnx/gGPWzkxpEroVSLO8Pi8J0vSGXWBOtNi24DEDy+QaEMCfu0MKQ1eDa2E4MPiKMDx3QOVg=
x-amz-request-id: Q09J8QG0HPK0XNQC
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"486b13730aafe2a39cdaf1666679fa5b"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 29
expires: Tue, 15 Nov 2022 08:09:48 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a655cd7aee0b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

graphql.usercentrics.eu/graphql

34.120.238.166

200 OK

0 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.reiseweltklein.de/
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 205ae6a3-3c0b-4560-8637-8b4fba325e73
Origin: https://www.reiseweltklein.de
Content-Length: 5763
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:49 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"442-iNKuuso/YSYAFhHR/ZFDkx06gI4"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.reiseweltklein.de/

5.175.22.217

200 OK

0 B

URL HTTP/2
www.reiseweltklein.de/
IP
5.175.22.217:0
ASN
#20773 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.reiseweltklein.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:47 GMT
server: Apache
set-cookie: CFID=36553026; Expires=Wed, 16-Nov-2022 07:39:47 GMT; Path=/; HttpOnly
CFTOKEN=42fd8b24835784f0-C64761CE-084D-3011-ACEAA0DF51F095BD; Expires=Wed, 16-Nov-2022 07:39:47 GMT; Path=/; HttpOnly
cache-control: max-age=420, private, must-revalidate
expires: Wed, 16 Nov 2022 07:39:47 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: MISS from www.reiseweltklein.de
content-type: text/html;charset=UTF-8
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css

104.18.22.52

200 OK

0 B

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/css/pro-v4-font-face.min.css
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/latest/css/pro-v4-font-face.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:48 GMT
content-type: text/css
x-amz-id-2: k3KaRweKXIxA0xKCYeCf5UV9P24XY0pZMfPFsB2YWPmVWFC5XJ7aLVDJGJuyc2Jb0mizxtGvkIM=
x-amz-request-id: 0261H8W942Y6P30A
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"1cb05a2f9541200e1fa0a2cd0abc7663"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1455
expires: Tue, 15 Nov 2022 08:09:48 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a655cd7aeb0b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css

104.18.22.52

200 OK

0 B

URL HTTP/2
kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/latest/css/pro-v4-shims.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.reiseweltklein.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 07:39:48 GMT
content-type: text/css
x-amz-id-2: iT8ZupnOxWpWMAKwfkDwtp9P1xcr8oXnn2QOTNUaLIoyQ5jAD2cANg1mJrCWG1nyuIiPehlhVh0=
x-amz-request-id: V9KX785VYZEKCMK4
last-modified: Wed, 04 Aug 2021 21:18:33 GMT
etag: W/"715826d7cea0f100c00238e5e5dc92b4"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 1177
expires: Tue, 15 Nov 2022 08:09:48 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a655cd6ae70b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations