globaldugunsalonu.de/
136.243.20.96301 Moved Permanently 162 B IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 27 Sep 2022 00:59:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://globaldugunsalonu.de/
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 00:15:29 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3MMmABMMYf-7tA4-zktogQ5m4aTQFcxHMuqV3vwioDJax_kVhvhG3g==
Age: 2666
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2488
Expires: Tue, 27 Sep 2022 01:41:23 GMT
Date: Tue, 27 Sep 2022 00:59:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UhnJRU5e1aD5ZXtLp8bZOus1k-p4mOxnjAVq384KtMrQ3NcTGffI-Q==
age: 73480
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b6e2b99f03652eb12d57326a18f21993
9723b53412ab461912c4354a4e1abb6be42d195f
9910ed78c39b6b1baba0b6c9fcaf0d145ec2885a63baae55d173f405801bea99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9910ED78C39B6B1BABA0B6C9FCAF0D145EC2885A63BAAE55D173F405801BEA99"
Last-Modified: Tue, 27 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Tue, 27 Sep 2022 06:59:30 GMT
Date: Tue, 27 Sep 2022 00:59:55 GMT
Connection: keep-alive
globaldugunsalonu.de/
136.243.20.96200 OK 6.0 kB IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (311), with CRLF line terminators
Hash 8052ac1f1e657ff331fbd3c8a0966209
b78c1dcf6a52f845ede0b3727136e31bf8487d3e
cb31bd4535389fb90f0d520e9cfb8c0c823bdf0f133001126e8910009948a4a0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/html; charset=UTF-8
content-length: 5984
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: global dugun salonu, PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/ui/1.11.4/jquery-ui.js
69.16.175.42200 OK 114 kB URL HTTP/2 code.jquery.com/ui/1.11.4/jquery-ui.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (547)
Size 114 kB (114093 bytes)
Hash 0e45b665669abd2d0dd45fed0e5f0199
d4167d336e4cd359a99daaf01006f59a5e8bc062
cec192e20cf22c995517ee84d3b5a4715f4ad3affb902436b3ee32456e309978
GET /ui/1.11.4/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 00:59:55 GMT
content-encoding: gzip
content-length: 114093
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd700-72e44"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664240395.dop002.sk1.t,1664240395.cds223.sk1.hn,1664240395.cds247.sk1.c
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/font-awesome/css/font-awesome.min.css
136.243.20.96200 OK 24 kB URL HTTP/2 globaldugunsalonu.de/css/font-awesome/css/font-awesome.min.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (23577), with CRLF line terminators
Hash f667e6132f8470a39d2395b81ab4ef09
3e435d5167460aaf367836e1973e90a47039faea
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7
GET /css/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 23742
last-modified: Thu, 01 Jun 2017 20:22:34 GMT
etag: "5930778a-5cbe"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
globaldugunsalonu.de/js/mainmenu/menu.css
136.243.20.96200 OK 20 kB URL HTTP/2 globaldugunsalonu.de/js/mainmenu/menu.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 6ae5092016259cce58f77e4f329e19f3
b36330b168ef0e385946d5566534a41e8772aa0f
a66767ae766df56ce05c119683474e4a6c469fb81c7eb904418dc19d3396f4cf
GET /js/mainmenu/menu.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 20247
last-modified: Wed, 27 Nov 2019 11:36:36 GMT
etag: "5dde5fc4-4f17"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic
142.250.74.10200 OK 51 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic
IP 142.250.74.10:0
Hash 756bdf664b7f9d73b280cf01be9ec57b
1eb1bd23552e616904a736d8344b93bd3a2e35dc
5f4b3696ff59bf1992db1eb4a36ea6f7b3442077872feab5755efaaff6d46f61
GET /css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 00:59:55 GMT
date: Tue, 27 Sep 2022 00:59:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 00:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 00:54:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nyuIXvKv2OUFmMSkMfGMWYdGs7krctufbBc84CcxgTxpZKIvQN1KyQ==
Age: 2950
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube-nocookie.com/s/player/bd1343fa/www-embed-player.vflset/www-embed-player.js
142.250.74.142200 OK 98 kB URL HTTP/2 www.youtube-nocookie.com/s/player/bd1343fa/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (570)
Hash 01d6bed5af1f1a736d1a120e258c71ba
3de8c87c876791701ed38567d04eb5749b8fabfd
702468825ac61e18838fb3dabf7ba1de06c19bc68399c0f674982d542270bd28
GET /s/player/bd1343fa/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 16:23:05 GMT
expires: Tue, 26 Sep 2023 16:23:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 00:16:54 GMT
content-type: text/javascript
age: 31011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/shortcodes.css
136.243.20.96200 OK 21 kB URL HTTP/2 globaldugunsalonu.de/css/shortcodes.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash e1e5db21564f906e82100fe1d2440eed
0841824f0a0c2bfc13e1e4da9a980aaa1e132b7b
0966fabb44e7cf6edf02371246f68f1ddcf87f0feb7ac1559e73e73c3b7e1dc3
GET /css/shortcodes.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 21131
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-528b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d10264.355887448864!2d8.3917!3d49.97219!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x383e13c358ad2f26!2sSalon+Global!5e0!3m2!1sde!2sde!4v1461619906982
142.250.74.164200 OK 1.3 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d10264.355887448864!2d8.3917!3d49.97219!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x383e13c358ad2f26!2sSalon+Global!5e0!3m2!1sde!2sde!4v1461619906982
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2813)
Hash 159a2f9b6d4d121ef947e9f8cc0805ea
823d085ed26cc7ce474f43df479b99ef48657db5
875c6ac670fc87286ef1f1b46289a24c1d20baa4816e9ad5d8bdaf7686f55c0f
GET /maps/embed?pb=!1m14!1m8!1m3!1d10264.355887448864!2d8.3917!3d49.97219!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x383e13c358ad2f26!2sSalon+Global!5e0!3m2!1sde!2sde!4v1461619906982 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 00:59:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-eDQ-U5_3zlfbZsVI1hf-Bg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1338
x-xss-protection: 0
server-timing: gfet4t7; dur=145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/responsive-leyouts.css
136.243.20.96200 OK 48 kB URL HTTP/2 globaldugunsalonu.de/css/responsive-leyouts.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash d4fb9a9e45b01d800d982964566dd5ad
e97151c7389233d3a7b492c171d9c7669860faea
c0fa6e601ba79cfbc706491df56d46abcf94d8382e8f24bdf880ee40189d6ea4
GET /css/responsive-leyouts.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 48294
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-bca6"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube-nocookie.com/s/player/bd1343fa/player_ias.vflset/en_US/base.js
142.250.74.142200 OK 591 kB URL HTTP/2 www.youtube-nocookie.com/s/player/bd1343fa/player_ias.vflset/en_US/base.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (554)
Size 591 kB (591188 bytes)
Hash d72143079a911d16301204054924d045
3d1bf142fabe1f142efdcfa11e0d29f5b1930e3e
24ab22cb1fae32ea35968361327e5802cdd5aa8163a240cdfaf245960cb78afc
GET /s/player/bd1343fa/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 591188
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 16:30:30 GMT
expires: Tue, 26 Sep 2023 16:30:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 00:16:54 GMT
content-type: text/javascript
age: 30566
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/style/masterslider.css
136.243.20.96200 OK 58 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/style/masterslider.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 6d8d5b9259eecfb3cad5359f876455fa
ba93ddb5f3645c27883c1f257533716294294b20
9314f06b3521dd07dfb56771bded554678880bb4e74f5c4fdb6bd1f3ba2d4156
GET /js/masterslider/style/masterslider.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 57702
last-modified: Wed, 27 Nov 2019 11:38:42 GMT
etag: "5dde6042-e166"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/Simple-Line-Icons-Webfont/simple-line-icons.css
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/css/Simple-Line-Icons-Webfont/simple-line-icons.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2600), with CRLF line terminators
Hash 925397028c82f9becaaf576dc7034acb
9d989ac7ef95dac8cbfb3b8ae837d92093809e8c
bb1b54f441f134201c3495fcb8a28ae197861429237dc3ea62ca25d87e7037d3
GET /css/Simple-Line-Icons-Webfont/simple-line-icons.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 11557
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-2d25"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/bootstrap/bootstrap.min.css
136.243.20.96200 OK 116 kB URL HTTP/2 globaldugunsalonu.de/js/bootstrap/bootstrap.min.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65367), with CRLF line terminators
Size 116 kB (116120 bytes)
Hash c5dbd3731a680a1edd84b8cfa71ef238
f7eacf3a9b73512d3de368be41f7b580083f058e
4c65b5252f9af4b95b218def505b68bedc807d741397be7b5cee3f65683fd81f
GET /js/bootstrap/bootstrap.min.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 116120
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-1c598"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/et-line-font/et-line-font.css
136.243.20.96200 OK 7.4 kB URL HTTP/2 globaldugunsalonu.de/css/et-line-font/et-line-font.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1512), with CRLF line terminators
Hash 6cd6db7ff6e40c7868819acc1290b782
32dd750f8243e419e645d7566ee9824132ea8dbd
88724d0da8e1aa54c7446dbfed47b54043dd7e298132bed2f9f120f811eba78c
GET /css/et-line-font/et-line-font.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 7395
last-modified: Thu, 01 Jun 2017 20:22:34 GMT
etag: "5930778a-1ce3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/owl-carousel/owl.carousel.css
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/js/owl-carousel/owl.carousel.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash d39643e9ac5bde4257e4fb947c81d690
ee89b09974f7da4426d3e0fb372934fdd1cd11ae
09396b8514566fe0ba5418240609d9926062281781b3928aa10f508c766f3ce7
GET /js/owl-carousel/owl.carousel.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 12024
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "5930779c-2ef8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/colors/lightblue.css
136.243.20.96200 OK 1.0 kB URL HTTP/2 globaldugunsalonu.de/css/colors/lightblue.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type assembler source, ASCII text, with CRLF line terminators
Hash 4e7b5e6b0938549c311f12fdc9400a4a
a8b1bf27dc00ebf71d0c69aaf6044c03b9db746b
3742c2f8ef88e0a0f6e8739a198af7ecd07430e3fa4cc820c54592035cc7eba5
GET /css/colors/lightblue.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 1026
last-modified: Wed, 27 Nov 2019 11:38:42 GMT
etag: "5dde6042-402"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/cubeportfolio/cubeportfolio.min.css
136.243.20.96200 OK 86 kB URL HTTP/2 globaldugunsalonu.de/js/cubeportfolio/cubeportfolio.min.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (756), with CRLF line terminators
Hash d07afc4c2c06c1cd5023e7323ae8f081
ea34d919a2bea0be54480f61c90c876ab135b166
a29a1826b3e3c88c3aeb2317bbf3e18b3fe72787f76c7f69ee9b46ac906a63de
GET /js/cubeportfolio/cubeportfolio.min.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 85537
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-14e21"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/default.css
136.243.20.96200 OK 115 kB URL HTTP/2 globaldugunsalonu.de/css/default.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type assembler source, ASCII text, with CRLF line terminators
Size 115 kB (115436 bytes)
Hash 5bf879b47cea36a123803085ee3dad06
8be83a3949f0ab63d6ef128bbd1b7391b06c0d18
b0d9701cc9ec12f29f1a5ed8c3570cda2b9e2db3db3e99e67c8e4871f51f13e6
GET /css/default.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 115436
last-modified: Wed, 27 Nov 2019 11:32:14 GMT
etag: "5dde5ebe-1c2ec"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/layouts.css
136.243.20.96200 OK 120 kB URL HTTP/2 globaldugunsalonu.de/css/layouts.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Size 120 kB (119517 bytes)
Hash 1851046babce23f284c7f27afc9473c9
f09dc0152e076efda08b6e30d303481b992d1bfb
740cd5dd38b6c904786773cfa13d947626a410c1af39b902474695a37575a48a
GET /css/layouts.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 119517
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-1d2dd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/smart-forms/smart-forms.css
136.243.20.96200 OK 70 kB URL HTTP/2 globaldugunsalonu.de/js/smart-forms/smart-forms.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 7b7a5ca9fec882ea60ebf9db7be92a95
525fd5da21af1a8f3f85c0b1c0864ef49238bb1c
17af6a7ba1e4f4bcef24c616b049c9688839025270a344267a272f6cfe0bb814
GET /js/smart-forms/smart-forms.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: text/css
content-length: 69879
last-modified: Thu, 01 Jun 2017 20:22:54 GMT
etag: "5930779e-110f7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/bootstrap/bootstrap.min.js
136.243.20.96200 OK 36 kB URL HTTP/2 globaldugunsalonu.de/js/bootstrap/bootstrap.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32025), with CRLF line terminators
Hash 1ae0e64754a542cbea996dec63c326fd
e2ddfe5a574c29f39b511aada1bd85e0ba60fa70
6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap/bootstrap.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: application/javascript
content-length: 35957
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-8c75"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/cubeportfolio/jquery.cubeportfolio.min.js
136.243.20.96200 OK 56 kB URL HTTP/2 globaldugunsalonu.de/js/cubeportfolio/jquery.cubeportfolio.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32009), with CRLF line terminators
Hash 495a1f7432c2ad83f2a974ce94c0af34
726cc50171d95900845a1cbb83a3ee32cbc6b2e6
a7e9173a6c34a1666270c955d98f28654937df350ac78de8844ede9e734aa230
Analyzer Verdict Alert fortinet Phishing
GET /js/cubeportfolio/jquery.cubeportfolio.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: application/javascript
content-length: 55640
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-d958"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/cubeportfolio/main2.js
136.243.20.96200 OK 1.9 kB URL HTTP/2 globaldugunsalonu.de/js/cubeportfolio/main2.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash e4c60b53a738e14ab8ae43eae58b6084
23b154b1ae8e3c5d7567a3dd55181289912c657e
0269c82aa36c2b6956f0fccb9d2f374313368fc588a83b463e0d1a9a1ecc3832
Analyzer Verdict Alert fortinet Phishing
GET /js/cubeportfolio/main2.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: application/javascript
content-length: 1933
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-78d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/jquery.easing.min.js
136.243.20.96200 OK 7.0 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/jquery.easing.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (3524), with CRLF line terminators
Hash 921bcb1f5a81945e66f5db4f3e714813
f1f69c73577a78b57ffdad42ea63cda8e318d7b5
e6c2814936ac13f206f1e09255f75d3faafbb29bddbe22e93fd6464f817ca49e
Analyzer Verdict Alert fortinet Phishing
GET /js/masterslider/jquery.easing.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: application/javascript
content-length: 7035
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-1b7b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/mainmenu/customeUI.js
136.243.20.96200 OK 2.2 kB URL HTTP/2 globaldugunsalonu.de/js/mainmenu/customeUI.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 6636030ec6d9104a8c56f51a7700cbe7
289116cf7dfeffcae8d9ae256aa6e514dabc8ae7
e7e3ca7a9f8eab3f55030ba7659d00d4ef44db41161bed6fbc9961c54dd24b6a
Analyzer Verdict Alert fortinet Phishing
GET /js/mainmenu/customeUI.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: application/javascript
content-length: 2224
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-8b0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/owl-carousel/owl.carousel.js
136.243.20.96200 OK 54 kB URL HTTP/2 globaldugunsalonu.de/js/owl-carousel/owl.carousel.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash b6d84ff48712a3cfb6eaf2d1fdfcaad4
e45d0c9898cacea360a19035c6956b3271f53621
c56a75dc2b5875e9e1fcbd06c6bb6f4fc11435128e08772155e52f97233264a6
Analyzer Verdict Alert fortinet Phishing
GET /js/owl-carousel/owl.carousel.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: application/javascript
content-length: 54413
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "5930779c-d48d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/scrolltotop/totop.js
136.243.20.96200 OK 230 B URL HTTP/2 globaldugunsalonu.de/js/scrolltotop/totop.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 477a943069f55f1ca1dc5dfe8d382019
d3b473a9954eed11bbe770e2f08f2af1434d1535
ae83f5984385e02c01f5bd8a08bf61b3bdd954692b8a1c6b8737aca63e6bd229
Analyzer Verdict Alert fortinet Phishing
GET /js/scrolltotop/totop.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: application/javascript
content-length: 230
x-accel-version: 0.01
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "160-550ebcd181f00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/mainmenu/jquery.sticky.js
136.243.20.96200 OK 7.4 kB URL HTTP/2 globaldugunsalonu.de/js/mainmenu/jquery.sticky.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash df5375f96ba10f79b785b111f6281931
66d903c92952cbef54d3ba47ffd5590fac7be68d
43a24608e742c8adc12bc142cdbe6c8838100b1b507e954ab9965c8059896cf7
Analyzer Verdict Alert fortinet Phishing
GET /js/mainmenu/jquery.sticky.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: application/javascript
content-length: 7389
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-1cdd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/universal/jquery.js
136.243.20.96200 OK 84 kB URL HTTP/2 globaldugunsalonu.de/js/universal/jquery.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32180), with CRLF line terminators
Hash 86d5206af37b6bcea4d24b54336eee6b
17a740d68a1c330876c198b6a4d9319f379f3af2
aa73d1e53f493e06f442ff045a58e3e1c85068e43e9003367f90b3ea9aa4c464
Analyzer Verdict Alert fortinet Phishing
GET /js/universal/jquery.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: application/javascript
content-length: 84324
last-modified: Thu, 01 Jun 2017 20:22:56 GMT
etag: "593077a0-14964"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/flag-tr.png
136.243.20.96200 OK 1.3 kB URL HTTP/2 globaldugunsalonu.de/images/flag-tr.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 14 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash a93c4aed5b49b8df9c4055762374a3b3
1f93d39c2274024a3975454e472b8838ae30b316
c29eb1bc60c23ad4445292115d4404ab7394f92074b986631e8b3a669d130d63
GET /images/flag-tr.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: image/png
content-length: 1274
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-4fa"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/flag-de.png
136.243.20.96200 OK 234 B URL HTTP/2 globaldugunsalonu.de/images/flag-de.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 14 x 11, 8-bit colormap, non-interlaced\012- data
Hash 628bd5af0b8f7b5d7003cdbe1bebd0b5
b5bd1004116018153a0ae40d70feb00994e3e37b
bb2996dc15c669cd78048de2f00cb13bb0ddb9fe9abe4a0c5271ca5f3ce4a713
GET /images/flag-de.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: image/png
content-length: 234
x-accel-version: 0.01
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "ea-550ebcc9e0d00"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/200.png
136.243.20.96200 OK 5.8 kB URL HTTP/2 globaldugunsalonu.de/images/200.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 95 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash acc853f85d7577a0d1600daa2449e9b5
5aaa4fb2cded1561fa7a7ab424bf76b98c625de3
8a72462d40b47c63635935571ad75d69255f7b008dbfa60051829ac27112c949
GET /images/200.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: image/png
content-length: 5788
last-modified: Wed, 27 Nov 2019 11:07:54 GMT
etag: "5dde590a-169c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/blank.gif
136.243.20.96200 OK 43 B URL HTTP/2 globaldugunsalonu.de/js/masterslider/blank.gif
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /js/masterslider/blank.gif HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: image/gif
content-length: 43
x-accel-version: 0.01
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "2b-550ebccf99a80"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Dugun-Salonu.jpg
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/images/Dugun-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=@foto, design & projects mbu], progressive, precision 8, 263x175, components 3\012- data
Hash d2b9c0fdd6de5f209d73ec416641b9a8
3227c4c98fe1f07cc966bb10e341c03ffa6e40ee
b6f77172bcdf7d0758963838940d8e6c6228e048fc54c90ec98fda083f2d660b
GET /images/Dugun-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: image/jpeg
content-length: 11863
last-modified: Thu, 01 Jun 2017 20:22:46 GMT
etag: "59307796-2e57"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Nisan-Salonu.jpg
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/images/Nisan-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 263x175, components 3\012- data
Hash 1eba475ffd83afe232fae9b37ca110cf
d09f809dad48d8e10030f66fec9687a86c0cd043
023a8d52e3097840413ff8e81b634baee6d5b9a673ceff8a711703847ac2110e
GET /images/Nisan-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: image/jpeg
content-length: 12013
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-2eed"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Kina-Salonu.jpg
136.243.20.96200 OK 11 kB URL HTTP/2 globaldugunsalonu.de/images/Kina-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 263x176, components 3\012- data
Hash ec9c5f186ef81bc56c856fd3a527d709
84403684285b7f8d40060291d9c3b3ee1834b4b6
09b0e575a4e168b539682de1df59bf198071172cd5ca03403625a3580c62f182
GET /images/Kina-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: image/jpeg
content-length: 11363
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-2c63"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Sunnet-Salonu.jpg
136.243.20.96200 OK 9.6 kB URL HTTP/2 globaldugunsalonu.de/images/Sunnet-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 263x176, components 3\012- data
Hash 6f4baa96f78a50b17de5d5caf82f295d
b895ebd56849959cc5c2f52dba7f56b2d81ecdd5
5de79d9beb6653fffdf654fbfd408de962bb022beefa7abac1ee24cd4a0f07ca
GET /images/Sunnet-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: image/jpeg
content-length: 9637
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-25a5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/talip.jpg
136.243.20.96200 OK 34 kB URL HTTP/2 globaldugunsalonu.de/images/talip.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 700x175, components 3\012- data
Hash 77488536204ace7c327b8467e798097d
2cc2e1bebe0567bfddb6843712d3653add51f8cc
052ba4ed4ad10ad4ec5231f68f6870a176902dd61edbf2311ab578f8d1ff773d
GET /images/talip.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:55 GMT
content-type: image/jpeg
content-length: 34303
last-modified: Sun, 22 Sep 2019 09:50:44 GMT
etag: "5d8743f4-85ff"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5466
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:56 GMT
Last-Modified: Mon, 26 Sep 2022 23:28:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
globaldugunsalonu.de/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
136.243.20.96200 OK 57 kB URL HTTP/2 globaldugunsalonu.de/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Analyzer Verdict Alert fortinet Phishing
GET /css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://globaldugunsalonu.de/css/font-awesome/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: font/woff2
content-length: 56780
last-modified: Thu, 01 Jun 2017 20:22:34 GMT
etag: "5930778a-ddcc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Global_DUGUN_NISAN_KINA_SUNNET_SALONU.jpg
136.243.20.96200 OK 258 kB URL HTTP/2 globaldugunsalonu.de/images/Global_DUGUN_NISAN_KINA_SUNNET_SALONU.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x640, components 3\012- data
Size 258 kB (257883 bytes)
Hash a958699549e3c92431bcf4ab53786b6c
4b13a08de0199cfab78f32a918f2bd3737cf5ec7
eae93ba8f67e397c23e0c4bf19c75409d731453d2e93bcaa666ae99f1c5761a7
GET /images/Global_DUGUN_NISAN_KINA_SUNNET_SALONU.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/css/layouts.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: image/jpeg
content-length: 257883
last-modified: Thu, 01 Jun 2017 20:22:46 GMT
etag: "59307796-3ef5b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:57:58 GMT
expires: Tue, 26 Sep 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 21718
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 217678
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:48:31 GMT
expires: Sat, 23 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 346285
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 451548
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:21 GMT
expires: Thu, 21 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 451535
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 451548
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/style/loading-2.gif
136.243.20.96200 OK 2.7 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/style/loading-2.gif
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 32 x 32\012- data
Hash 214f3c5ef3de8b01b2fe67da6ccfc7e7
e3839756e2515361eb5bedaed9919d4ca53f7b8f
014e4b61c8d6dbafa792dbccb03d65d38675a32a8bde54f45a6e00b6805dd57a
GET /js/masterslider/style/loading-2.gif HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/js/masterslider/style/masterslider.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: image/gif
content-length: 2707
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-a93"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:35:48 GMT
expires: Thu, 21 Sep 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 451448
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 197911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.187.146.10101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.146.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bWT+VCwBhEbAPMLXZY9XXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hwqejudQP3m22YkY9bRVPKpJXA8=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
globaldugunsalonu.de/js/masterslider/style/light-skin-1.png
136.243.20.96200 OK 4.3 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/style/light-skin-1.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 152 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash a3a5c82f953a4a05e52f906dc41feec8
7c8acef254914991154acdfe9c389308d2653187
0ffe16667a16b259f9e27c8bb6726f7e6c63750d5276aa3a02009d823030cb37
GET /js/masterslider/style/light-skin-1.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/js/masterslider/style/masterslider.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: image/png
content-length: 4267
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-10ab"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/slide3.jpg
136.243.20.96200 OK 93 kB URL HTTP/2 globaldugunsalonu.de/images/slide3.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=Paint.NET v3.5.11], baseline, precision 8, 1913x871, components 3\012- data
Hash 67e60c1efc81a1fc53a9b027f8dd8ae3
eedb58857bc7b729b1e99e0a8d9dfbc1cdb65ba4
d23a0f861aaa18eff168e086260d5f4af3f1cbc8cae40a02b97bcdf6aa42269b
GET /images/slide3.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: image/jpeg
content-length: 93234
last-modified: Wed, 27 Feb 2019 12:18:38 GMT
etag: "5c76801e-16c32"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/style/grab.png
136.243.20.96200 OK 2.9 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/style/grab.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash e659367c40a35b37ae64231785e70f68
d6a7b62e802d2a64d5132181997fd0da025b2500
6fce3743627cd0d4f89b035ae2fc9ea6bd3a569cc5ad12eeb977743e19f43c2c
GET /js/masterslider/style/grab.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/js/masterslider/style/masterslider.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: image/png
content-length: 2893
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-b4d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:56 GMT
Last-Modified: Tue, 27 Sep 2022 00:21:44 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
globaldugunsalonu.de/favicon.ico
136.243.20.96200 OK 1.2 kB URL HTTP/2 globaldugunsalonu.de/favicon.ico
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash dc55ecf113542a196690a4bc6925bb09
fba6f74de96439f98275661592d4c7fb33be6530
1ac141ecb060bc919fc4e969818215614d478aa358039f610c79853c73ce73f4
GET /favicon.ico HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Wed, 27 Nov 2019 12:08:42 GMT
etag: "5dde674a-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
connect.facebook.net/de_DE/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/de_DE/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 81b33b7435d4ea3a09b85dda36f884b4
3be61a2ca88deba682021bd3b86023042871f1d0
7071b2d744636d16096cbc2f80fba40f6f374b9d08fa71ea7e2a42ba14fbab2b
GET /de_DE/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: dac321892e4a546d4f64a5cfe8bf0d2b
etag: "5a19ae237a856dc802ba4686fcee1eb1"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 27 Sep 2022 01:17:24 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: gbM7dDXU6joJuF3aNviEtA==
x-fb-debug: /4lWpSdR2ZlaBYh3La6yW8IPDa/nuw/50A40rJh+V/QVTnlqi8YthWBSVs6ehfsP+NGpy10DO1ioHHtLAfkWoQ==
content-length: 1685
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 00:59:56 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:56 GMT
Last-Modified: Tue, 27 Sep 2022 00:21:44 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/de_DE/sdk.js?hash=3e211942ce93c133b6e090dec969fd20
157.240.200.14200 OK 87 kB URL HTTP/2 connect.facebook.net/de_DE/sdk.js?hash=3e211942ce93c133b6e090dec969fd20
IP 157.240.200.14:0
File type ASCII text, with very long lines (13260)
Hash 415ff521c9755d0c3bf8f2acfb76a5f4
a85159da0220af77c1987b485d55d2a526ddcb04
07f0c409790ac4b819824a0ae0226805b1342ce9c194315e49e476aacaa4fd75
GET /de_DE/sdk.js?hash=3e211942ce93c133b6e090dec969fd20 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d424df6e65d2b7c8d33513ce0c00e1ff
etag: "be60a5327ccafd17607d96dc77f43afd"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Sep 2023 00:57:25 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: QV/1Icl1XQw7+PKs+3al9A==
x-fb-debug: kM7+uDjciWGaUUZYPCdpEjJBrB40vu5rAEvivTBrIywkSzR8Ezrr4KKeoi1B/dKbTW2Yq6mMXPcygHJkaZA+bQ==
content-length: 87401
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 00:59:56 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 505d5c734d4dea2092baae88b07195fa
e9ea0b4261c9a8b82766a32a003967516ffe5d01
5003add278dde7864cc4716d347e80ca8812d8d1fb3313fa26df1af814e7e0ab
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 27 Sep 2022 00:59:56 GMT
server: ESF
cache-control: private
content-length: 30630
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu_gwn-1wXS4PcrEEq17um1B10UutRWUw4sVKw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.3 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_gwn-1wXS4PcrEEq17um1B10UutRWUw4sVKw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 2b61ca2ae20ff40e80518a8c71513069
29c273d1eb97a35acb263a65715549b48f1f3bdf
5b2fee1f1005cabf52d07e6ffc13dfed78ee6500bb02d467037128580b8ad5fb
GET /ytc/AMLnZu_gwn-1wXS4PcrEEq17um1B10UutRWUw4sVKw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 28 Sep 2022 00:59:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 00:59:57 GMT
server: fife
content-length: 1322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/GlobalDugunSalonu_slid2.jpg
136.243.20.96200 OK 224 kB URL HTTP/2 globaldugunsalonu.de/images/GlobalDugunSalonu_slid2.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x640, components 3\012- data
Size 224 kB (223967 bytes)
Hash 379ff0f33dd249c8e7c62b4077242cf8
2f8470e82937757456c0378a61c4d45a765258f9
feab276e1f8ae02f7938fe12e2f907becbb7fb5ee507c653e61d2bfbb74e0811
GET /images/GlobalDugunSalonu_slid2.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:57 GMT
content-type: image/jpeg
content-length: 223967
last-modified: Thu, 01 Jun 2017 20:22:46 GMT
etag: "59307796-36adf"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6908b750175e1c2e2af86c77945ed11
ea6bc6f581500a0974977bbef6bd3432c181bc0f
1dde4f6f372d8e056a96129e101a31d04a0f97448c66df7175251060c6a8d0cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 074f5993006e2336b82901e11a2d9ea1
cd5e2f827d10f4c547b7c21f745761b149d11dbd
fe6a8a9dc3f1fe203b36ba30179a6e4d423d8f74cc287c1eb973182b88e71a6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 074f5993006e2336b82901e11a2d9ea1
cd5e2f827d10f4c547b7c21f745761b149d11dbd
fe6a8a9dc3f1fe203b36ba30179a6e4d423d8f74cc287c1eb973182b88e71a6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1403750&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=audio%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1664239986&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJSt0jn7C0eER2K_TUSFWoJiX3qoattyviHjYMYc3aJ-AiEAwj5qF2TWJjwyCNZ8BeDT3J24KnUkPmlMfn5MzHyaedw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgB3_g_su6XQmBIiC6FSd9eaAwnGNlKA3HaeD7557ZY8ACICTswOze5LLbzWoz2AQwgTcFsXOshx4ximQDmVo_OMds&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&range=0-66352&rn=2&rbuf=0
91.90.45.173200 OK 1.0 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1403750&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=audio%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1664239986&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJSt0jn7C0eER2K_TUSFWoJiX3qoattyviHjYMYc3aJ-AiEAwj5qF2TWJjwyCNZ8BeDT3J24KnUkPmlMfn5MzHyaedw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgB3_g_su6XQmBIiC6FSd9eaAwnGNlKA3HaeD7557ZY8ACICTswOze5LLbzWoz2AQwgTcFsXOshx4ximQDmVo_OMds&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&range=0-66352&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1030), with no line terminators
Hash 7b46deb5dedee9fd40e9ed7f278858d0
686cb1c2cf4453319634536fe36588615cf8b100
705a9fd7958ec3d7a2ae5c4dee5352065060b8f2f0d89d29c1934295f36a3959
GET /videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1403750&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=audio%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1664239986&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJSt0jn7C0eER2K_TUSFWoJiX3qoattyviHjYMYc3aJ-AiEAwj5qF2TWJjwyCNZ8BeDT3J24KnUkPmlMfn5MzHyaedw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgB3_g_su6XQmBIiC6FSd9eaAwnGNlKA3HaeD7557ZY8ACICTswOze5LLbzWoz2AQwgTcFsXOshx4ximQDmVo_OMds&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&range=0-66352&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 27 Sep 2022 00:59:57 GMT
Expires: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1030
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1403750&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=video%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&mt=1664239986&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPgtzenWBQVZjd8MKR0I8K85z9F_7GrLLSeUU_pr2pgTAiAOKzE9YwgEnothWf7e8_S6i0KBPAjbx8RxVUofsb9q_A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgB3_g_su6XQmBIiC6FSd9eaAwnGNlKA3HaeD7557ZY8ACICTswOze5LLbzWoz2AQwgTcFsXOshx4ximQDmVo_OMds&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&sq=0&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1403750&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=video%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&mt=1664239986&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPgtzenWBQVZjd8MKR0I8K85z9F_7GrLLSeUU_pr2pgTAiAOKzE9YwgEnothWf7e8_S6i0KBPAjbx8RxVUofsb9q_A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgB3_g_su6XQmBIiC6FSd9eaAwnGNlKA3HaeD7557ZY8ACICTswOze5LLbzWoz2AQwgTcFsXOshx4ximQDmVo_OMds&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&sq=0&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1071), with no line terminators
Hash 3536a74b4d0b23cc68b109a9fd9c78f0
c69152242bbdf171e0f9b5170e645945a9dcecd1
c0f9d9ce15109eb3e12184dc09f0722223f4ace4396b38cc482a1813b03eecca
GET /videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1403750&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=video%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&mt=1664239986&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPgtzenWBQVZjd8MKR0I8K85z9F_7GrLLSeUU_pr2pgTAiAOKzE9YwgEnothWf7e8_S6i0KBPAjbx8RxVUofsb9q_A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgB3_g_su6XQmBIiC6FSd9eaAwnGNlKA3HaeD7557ZY8ACICTswOze5LLbzWoz2AQwgTcFsXOshx4ximQDmVo_OMds&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 27 Sep 2022 00:59:57 GMT
Expires: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1071
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 074f5993006e2336b82901e11a2d9ea1
cd5e2f827d10f4c547b7c21f745761b149d11dbd
fe6a8a9dc3f1fe203b36ba30179a6e4d423d8f74cc287c1eb973182b88e71a6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 37ebac33be9f5da629e1f3c59db1d4b0
3f15759bd85f56dbb06e4135a0a546a18a6c320d
bed56ffe4ad1ad7654d9b41385f260fa04558926d8e1187afa30aebe561088d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 37ebac33be9f5da629e1f3c59db1d4b0
3f15759bd85f56dbb06e4135a0a546a18a6c320d
bed56ffe4ad1ad7654d9b41385f260fa04558926d8e1187afa30aebe561088d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5goeen7d.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=video%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPgtzenWBQVZjd8MKR0I8K85z9F_7GrLLSeUU_pr2pgTAiAOKzE9YwgEnothWf7e8_S6i0KBPAjbx8RxVUofsb9q_A%3D%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1664240225&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgEMd3zK37F6HP7GJFvI30BRW4XSWzDd3zK7AD93lBuusCIEHTrFzlMUY718PRgCr4FepFM7ozcN1RH_UyNNX5YQmf&sq=0&rn=3&rbuf=0
173.194.150.184200 OK 1.1 kB URL HTTP/1.1 rr2---sn-5goeen7d.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=video%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPgtzenWBQVZjd8MKR0I8K85z9F_7GrLLSeUU_pr2pgTAiAOKzE9YwgEnothWf7e8_S6i0KBPAjbx8RxVUofsb9q_A%3D%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1664240225&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgEMd3zK37F6HP7GJFvI30BRW4XSWzDd3zK7AD93lBuusCIEHTrFzlMUY718PRgCr4FepFM7ozcN1RH_UyNNX5YQmf&sq=0&rn=3&rbuf=0
IP 173.194.150.184:0
File type ASCII text, with very long lines (1090), with no line terminators
Hash 742886e96d286efad509a7e741f260ea
6b7e57408c22ea85e9614bd28bb0ac0e85123630
b8b4fc84f47337eb4778570d7825a85a977bd7e77cadfce9965f5e1027d26b9f
GET /videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=video%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPgtzenWBQVZjd8MKR0I8K85z9F_7GrLLSeUU_pr2pgTAiAOKzE9YwgEnothWf7e8_S6i0KBPAjbx8RxVUofsb9q_A%3D%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1664240225&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgEMd3zK37F6HP7GJFvI30BRW4XSWzDd3zK7AD93lBuusCIEHTrFzlMUY718PRgCr4FepFM7ozcN1RH_UyNNX5YQmf&sq=0&rn=3&rbuf=0 HTTP/1.1
Host: rr2---sn-5goeen7d.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 27 Sep 2022 00:59:57 GMT
Expires: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1090
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-5goeen7d.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=251&source=youtube&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=audio%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJSt0jn7C0eER2K_TUSFWoJiX3qoattyviHjYMYc3aJ-AiEAwj5qF2TWJjwyCNZ8BeDT3J24KnUkPmlMfn5MzHyaedw%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1664240225&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPUn46P7lYjVOI8VA-m4li3I5L2pBVPUFzXzZYc7C9W0AiEAr3t4UjV5uZnQhrA-eTi_smfMKxRJkhj8_aZD7s-IWcw%3D&range=0-66352&rn=4&rbuf=0
173.194.150.184200 OK 1.0 kB URL HTTP/1.1 rr2---sn-5goeen7d.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=251&source=youtube&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=audio%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJSt0jn7C0eER2K_TUSFWoJiX3qoattyviHjYMYc3aJ-AiEAwj5qF2TWJjwyCNZ8BeDT3J24KnUkPmlMfn5MzHyaedw%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1664240225&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPUn46P7lYjVOI8VA-m4li3I5L2pBVPUFzXzZYc7C9W0AiEAr3t4UjV5uZnQhrA-eTi_smfMKxRJkhj8_aZD7s-IWcw%3D&range=0-66352&rn=4&rbuf=0
IP 173.194.150.184:0
File type ASCII text, with very long lines (1043), with no line terminators
Hash 33273c81a1d04104ad57df7a744ece61
6dd41eb8861679f4fbe03c4299db98436e06a083
5a405dcc72aa3861eebb54583d8beb6bc8e63e2b01b4cc11bdb6827e5cc6e861
GET /videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=251&source=youtube&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=audio%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJSt0jn7C0eER2K_TUSFWoJiX3qoattyviHjYMYc3aJ-AiEAwj5qF2TWJjwyCNZ8BeDT3J24KnUkPmlMfn5MzHyaedw%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5goeen7d&ms=rdu&mt=1664240225&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPUn46P7lYjVOI8VA-m4li3I5L2pBVPUFzXzZYc7C9W0AiEAr3t4UjV5uZnQhrA-eTi_smfMKxRJkhj8_aZD7s-IWcw%3D&range=0-66352&rn=4&rbuf=0 HTTP/1.1
Host: rr2---sn-5goeen7d.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 27 Sep 2022 00:59:57 GMT
Expires: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1043
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 37ebac33be9f5da629e1f3c59db1d4b0
3f15759bd85f56dbb06e4135a0a546a18a6c320d
bed56ffe4ad1ad7654d9b41385f260fa04558926d8e1187afa30aebe561088d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d5efe73351159009522167b1d6c48d9
560c6649f35d008448d0f6b33a9b2d728942c09e
ca4f232596c6a032d5309b54757b0a6dfbd47a95d31b28a2308ae4559f0886c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
globaldugunsalonu.de/images/GlobalDugunSalonu_slid1.jpg
136.243.20.96200 OK 206 kB URL HTTP/2 globaldugunsalonu.de/images/GlobalDugunSalonu_slid1.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x640, components 3\012- data
Size 206 kB (205529 bytes)
Hash 7b4d6b457b307cb74945d5721267e276
a4d8dc0473d1fddb2045fc5290da29c5c2171e0e
9e57fb34c0cfd3fd8bb5f334af5e9a386a3166a79ef57d79a4cefbf575c1558b
GET /images/GlobalDugunSalonu_slid1.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:57 GMT
content-type: image/jpeg
content-length: 205529
last-modified: Thu, 01 Jun 2017 20:22:46 GMT
etag: "59307796-322d9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/81IGerHCy3Y/maxresdefault.webp
142.250.74.150200 OK 50 kB URL HTTP/2 i.ytimg.com/vi_webp/81IGerHCy3Y/maxresdefault.webp
IP 142.250.74.150:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0829d74baf74386dd15c5fda6d8f2828
b3b1e6aab17a7e12aa025728019e72a910795bbe
63df9b90841c136282afad5dd79b4f1f216108825b5dcc32a8e43098fe7ea4c2
GET /vi_webp/81IGerHCy3Y/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49686
date: Tue, 27 Sep 2022 00:59:57 GMT
expires: Tue, 27 Sep 2022 02:59:57 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/bYH8ziu5vE6.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/bYH8ziu5vE6.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4093)
Hash b18c98bf10210112f3786f96119140b5
62a42017a24d3bf13313400c6bf95b8da6c330fd
d4fd3380e2bfec1adfb559d585f568f48f066a9c6df1d89e608f1794a7f7bf85
GET /rsrc.php/v3/yu/l/0,cross/bYH8ziu5vE6.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 26 Sep 2023 17:54:33 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
content-md5: sYyYvxAhARLzeG+WEZFAtQ==
x-fb-debug: mTHUlhfqbi7EyaEaJoSx0d6GW8WzXm3UYK1OdRLOhpGRFh0iuVabFmI2j68Wd6WjA+y0KxLpgUNqiNZDCYY9CA==
priority: u=3,i
content-length: 5625
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 00:59:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 22 Sep 2023 10:02:22 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: /aIpSYD3Nd/RJ+EpfFQz5WzQpymq6bvGSQLelf6xZhbXpEjwd1+8SdUQpFPI3tB2bj9ReeqSI7sy/TgxWGq45w==
priority: u=3,i
content-length: 827
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 00:59:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/cxHz95P-Blt.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/cxHz95P-Blt.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (18569)
Hash 64e679c03d42412a8a16d9dd5d312513
f73a48a0816c11b4e94a708c5757c640cee2270e
ed8552fab9845a545a7667a3af4b48e5de7e48618c1c5c36cca03fc0a96dcb46
GET /rsrc.php/v3/yv/r/cxHz95P-Blt.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 22 Sep 2023 12:20:36 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ZOZ5wD1CQSqKFtndXTElEw==
x-fb-debug: GxR3GsopuLgBUx7PF6FME4dIiCqemFTOeUTRe5Kh6XqCisuSSI5pFyDbwqm7NuPkhw5FHK/zhe39Myul+Cih3w==
content-length: 91359
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 00:59:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (2052)
Hash 883efc20b86990fd486fab545ffc08f4
da322dda14a98744e03655dcf0da9482b4b1e1d0
e207751970ef4bf6e0a64da5e9480ab3b1ee86408a7904796e2f6e225f8ee612
GET /rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 23 Sep 2023 17:22:29 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: iD78ILhpkP1Ib6tUX/wI9A==
x-fb-debug: ihhk9ZwFPHQ3LQhQkm+7ZNIj70Wei0nFGT78hC3PsSqxIiTVo6Yz+Gaqpw9OyQkOHfApgr6XkEkCuUZ5ZwzRwQ==
content-length: 1689
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 00:59:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d5efe73351159009522167b1d6c48d9
560c6649f35d008448d0f6b33a9b2d728942c09e
ca4f232596c6a032d5309b54757b0a6dfbd47a95d31b28a2308ae4559f0886c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb29e6c6d8f258%26domain%3Dglobaldugunsalonu.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fglobaldugunsalonu.de%252Ff1b84683b27e66%26relation%3Dparent.parent&container_width=263&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGlobal-Dugun-Salonu-Bischofsheim-220366597975552&locale=de_DE&sdk=joey&show_facepile=true&small_header=false&width=300
157.240.200.35200 OK 30 kB URL HTTP/2 www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb29e6c6d8f258%26domain%3Dglobaldugunsalonu.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fglobaldugunsalonu.de%252Ff1b84683b27e66%26relation%3Dparent.parent&container_width=263&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGlobal-Dugun-Salonu-Bischofsheim-220366597975552&locale=de_DE&sdk=joey&show_facepile=true&small_header=false&width=300
IP 157.240.200.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19615)
Hash 1d8315ee36b44b1caf262cd65b6bcfa8
139e4df0d30e86e767541190cf677e6e3fd54f9e
ef60347417f26155b4ab6bdcce2e29bdf855991856d2e4755d8e56fdcf49b791
GET /v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb29e6c6d8f258%26domain%3Dglobaldugunsalonu.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fglobaldugunsalonu.de%252Ff1b84683b27e66%26relation%3Dparent.parent&container_width=263&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGlobal-Dugun-Salonu-Bischofsheim-220366597975552&locale=de_DE&sdk=joey&show_facepile=true&small_header=false&width=300 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: DfT0YUwRTr5qPoav6uNmN9vgSokKhd6OecJ+Y3Lz+x6be2xx/9kimtLf0ntS8ZPHIKjPPEU2apVqZMrUuSW94w==
date: Tue, 27 Sep 2022 00:59:57 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 27 Sep 2022 00:59:57 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yN/l/de_DE/DFz2q585Cjs.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iAxA4/yN/l/de_DE/DFz2q585Cjs.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (42149)
Hash f99c3034cac21931ce7797196007c6b8
7624b5d3146d89c5587270bbd229bf0fcce1b50f
25f2fbb4080074cf5b4f3f3547602437afb8bca2788416a0c28214beebfdb9e2
GET /rsrc.php/v3iAxA4/yN/l/de_DE/DFz2q585Cjs.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 22 Sep 2023 00:10:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: +ZwwNMrCGTHOd5cZYAfGuA==
x-fb-debug: UmZetPEePqtfOmydjWBfEHEa6VJygm1H0/RWNS/FB0oGNwzHlTwUSaba4fK+HT/Xc27oHJATnDRcCZtva+5dbg==
priority: u=3,i
content-length: 23471
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 00:59:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 476d44c2915ddb7d5e09ea5c6f76b8d8
4534e79d634338fa462a96ae55a1fc40093ff4d7
19fad883aabb28b0d3330d21de715030a8e99c04bbf5def4d61b65096d0c563c
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1058
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 27 Sep 2022 00:59:57 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4950
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:59:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4950
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:59:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4950
Expires: Tue, 27 Sep 2022 02:22:27 GMT
Date: Tue, 27 Sep 2022 00:59:57 GMT
Connection: keep-alive
rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=251&source=youtube&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=audio%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJSt0jn7C0eER2K_TUSFWoJiX3qoattyviHjYMYc3aJ-AiEAwj5qF2TWJjwyCNZ8BeDT3J24KnUkPmlMfn5MzHyaedw%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7l,sn-5gols7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1664240204&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgXPISIJUc_ECGfYgITKXw1VYR3WgDUbU8pZ1b35sWPQsCIQDiVClM850cROCCP32ckj3QK-ADYJ5HWSVebNL8ZqjH_w%3D%3D&range=0-66352&rn=6&rbuf=0
172.217.132.138200 OK 66 kB URL HTTP/1.1 rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=251&source=youtube&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=audio%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJSt0jn7C0eER2K_TUSFWoJiX3qoattyviHjYMYc3aJ-AiEAwj5qF2TWJjwyCNZ8BeDT3J24KnUkPmlMfn5MzHyaedw%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7l,sn-5gols7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1664240204&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgXPISIJUc_ECGfYgITKXw1VYR3WgDUbU8pZ1b35sWPQsCIQDiVClM850cROCCP32ckj3QK-ADYJ5HWSVebNL8ZqjH_w%3D%3D&range=0-66352&rn=6&rbuf=0
IP 172.217.132.138:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash dfa219188e0fa46b73b7e3e950f391d6
636fd0700b7df3c6da23e28fa7d5a98260292063
297a398ea187d67b768347aaf89bed7c5ca05340133a9733d12ae6d62828b382
GET /videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=251&source=youtube&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=audio%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJSt0jn7C0eER2K_TUSFWoJiX3qoattyviHjYMYc3aJ-AiEAwj5qF2TWJjwyCNZ8BeDT3J24KnUkPmlMfn5MzHyaedw%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7l,sn-5gols7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1664240204&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgXPISIJUc_ECGfYgITKXw1VYR3WgDUbU8pZ1b35sWPQsCIQDiVClM850cROCCP32ckj3QK-ADYJ5HWSVebNL8ZqjH_w%3D%3D&range=0-66352&rn=6&rbuf=0 HTTP/1.1
Host: rr5---sn-5hne6nzk.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Jul 2019 08:41:03 GMT
Content-Type: audio/webm
Date: Tue, 27 Sep 2022 00:59:57 GMT
Expires: Tue, 27 Sep 2022 00:59:57 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 66353
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6c9691e104001fe54d3c6273b7b8596
481ec2135ca0a96484c36cced30776c871aedf8f
f9e5e087d8b6e9b357c9f93b00c5919d89d90ac9b48d2dcd1ac72bf775a5cf49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fda34e4-86f9-4fb4-94af-575d6201fccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5383
x-amzn-requestid: d7b677b7-25f9-4197-a664-ec68b0dfedfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y8ydSEuLoAMF6PA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e9788-7b57acc9288de40d252766a5;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 05:37:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iTzA2XJ0QFByhrYBer4ULW96ZdCeXhceaxWEAvznURvaZadKQniVRg==
via: 1.1 0da9bec11a1bde5ca7f71b28194afd5a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 23:29:31 GMT
age: 5426
etag: "481ec2135ca0a96484c36cced30776c871aedf8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 12050
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62ece01d7e0036711832df5a25175b3b
c80d9ce02eeaa7b0166a696e811d2cffde4997d0
8a1968c18b44495571ff382a9cacfb7f98d3e1275d650e84cb310d635eae7e70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6829
x-amzn-requestid: cc3229a7-7c7e-472b-b7a4-1216594c4068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yshb2FwhoAMF2EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632815e5-0964e463192712fb08a29ee7;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:10:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 38UTZEh7vpUlYc9mGIdNrIy4fgLQf4iErqzZLY5mM5fdMQwvJvoBvQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:12:45 GMT
age: 10032
etag: "c80d9ce02eeaa7b0166a696e811d2cffde4997d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 11014
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ef8d9284ebd57a7cf76ceb762291356
2b53c4f836970501a682dae07235215c487d35cc
3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eE2AvjvM7j07Go69VVEmTF8Q-KA5bZwOBdn_SgR5fcZj8lL760_q2Q==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 17:57:22 GMT
age: 25355
etag: "2b53c4f836970501a682dae07235215c487d35cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 12060
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
157.240.200.14200 OK 573 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
IP 157.240.200.14:0
File type PNG image data, 13 x 39, 8-bit colormap, non-interlaced\012- data
Hash d3b686ff6004b431d5019e4b51a8cc0d
34ec288bdcad2eada81c75960439bf60b95eb285
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
GET /rsrc.php/v3/yw/r/UXtr_j2Fwe-.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/bYH8ziu5vE6.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
expires: Fri, 15 Sep 2023 03:43:46 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: CkvR41I8KFbubWm7frR9ZifXk0vTk04LP2kme/JZ++cXsJZQr/GF1OZ9y3xnJAGqlt622GGrqEnXt9oP6EhCcQ==
content-length: 573
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 00:59:57 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y3/r/cPcKznvPj72.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y3/r/cPcKznvPj72.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4129)
Hash d9b4301abe1b60a35b4d2ceff6a63f38
cbd680fb7b1618610b5c82a54ecf9bc328ed4cef
8613497153ce25fae5e92250807b1526f10adb670fb7ea13c2dad89cbe375f18
GET /rsrc.php/v3/y3/r/cPcKznvPj72.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 26 Sep 2023 13:38:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 2bQwGr4bYKNbTSzv9qY/OA==
x-fb-debug: 6ytlU/6f/N2TIarEodUYJfMTuLnYkzrw4othocc0NzSjcRIWoo1EHgVk9zZOrsmXRWn5FYg89ZMffvuWZ0T0Ig==
content-length: 7308
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 00:59:57 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=video%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPgtzenWBQVZjd8MKR0I8K85z9F_7GrLLSeUU_pr2pgTAiAOKzE9YwgEnothWf7e8_S6i0KBPAjbx8RxVUofsb9q_A%3D%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7l,sn-5gols7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1664240204&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPrEvvlKUZb6lyoGbkoxVtshmw5glgBDtCmdhYCpoH8gAiAKLq8URXK8UmhvwY5mLo-3zYKS61pzfDJ4dGrj6_c8tw%3D%3D&sq=0&rn=8&rbuf=0
172.217.132.138200 OK 278 B URL HTTP/1.1 rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=video%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPgtzenWBQVZjd8MKR0I8K85z9F_7GrLLSeUU_pr2pgTAiAOKzE9YwgEnothWf7e8_S6i0KBPAjbx8RxVUofsb9q_A%3D%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7l,sn-5gols7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1664240204&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPrEvvlKUZb6lyoGbkoxVtshmw5glgBDtCmdhYCpoH8gAiAKLq8URXK8UmhvwY5mLo-3zYKS61pzfDJ4dGrj6_c8tw%3D%3D&sq=0&rn=8&rbuf=0
IP 172.217.132.138:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash e3b3f24130926fc46577f8134cd2a849
0ab69732fe2b094870a277e46374f78fe10b30af
860a0226244685245c0bd508a0ab097faead047dfe9f6ba1866a36639aeb4b89
GET /videoplayback?expire=1664261996&ei=DEsyY7zfM5fa7QTWtLjYAQ&ip=91.90.42.154&id=o-AN1CsW3i_E2zb2zoRdTs-1yPYZnw9Ctw_zbZJ5sa0K03&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp5zxuW6QF6XXgseTamPn8gZcPXU&vprv=1&mime=video%2Fwebm&ns=InwtS3WqvcpReOqcnWvs458I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=3oqG--sn3iA6jg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPgtzenWBQVZjd8MKR0I8K85z9F_7GrLLSeUU_pr2pgTAiAOKzE9YwgEnothWf7e8_S6i0KBPAjbx8RxVUofsb9q_A%3D%3D&alr=yes&cpn=LaXrt-qtj-BiQ6pO&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7l,sn-5gols7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1664240204&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPrEvvlKUZb6lyoGbkoxVtshmw5glgBDtCmdhYCpoH8gAiAKLq8URXK8UmhvwY5mLo-3zYKS61pzfDJ4dGrj6_c8tw%3D%3D&sq=0&rn=8&rbuf=0 HTTP/1.1
Host: rr5---sn-5hne6nzk.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 16 Sep 2022 05:54:28 GMT
Content-Type: video/webm
Date: Tue, 27 Sep 2022 00:59:58 GMT
Expires: Tue, 27 Sep 2022 00:59:58 GMT
Cache-Control: private, max-age=21298
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
142.250.74.142200 OK 0 B URL HTTP/2 www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
IP 142.250.74.142:0
GET /embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0 HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 00:59:55 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+447; expires=Thu, 26-Sep-2024 00:59:55 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
IP 142.250.74.10:0
GET /css?family=Roboto:100,200,300,400,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 00:59:55 GMT
date: Tue, 27 Sep 2022 00:59:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/masterslider.min.js
136.243.20.96200 OK 0 B URL HTTP/2 globaldugunsalonu.de/js/masterslider/masterslider.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /js/masterslider/masterslider.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 00:59:56 GMT
content-type: application/javascript
content-length: 155627
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-25feb"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2