denkodrom.de/
83.169.35.10301 Moved Permanently 291 B IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b4b2a9dd20b37d6cdfae60298b6d5354
b3ab412521cb4cbb70cf2e2d1fd67fb20f4cf2a7
06ad618207b2a3bae75152fa1b27984d089ac7fdd3a7215be9b3731ab35098b5
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Sep 2022 07:10:40 GMT
Server: Apache
Location: https://denkodrom.de/
Content-Length: 291
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 07:07:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nP4Xsk2OIDPle_xsgbhv3Z7YXx1o5UVhahmbhXULa-BLADs5PLrQWw==
Age: 196
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BN54HMqFvKXaVpoK-PlolBK-Sb-VuAKFn2yHnrSUwbG6IqQr_Gyh0Q==
age: 86009
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13806
Expires: Sun, 11 Sep 2022 11:00:47 GMT
Date: Sun, 11 Sep 2022 07:10:41 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5dd2bd9d094ac87392e6f6702439b668
9c468bdee313cfcee21238bb4dc31cb44bb60d3d
0240bf21e0cb32456971fc5f9a8dff217cec55e1993da67ee68f98be6025ec0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0240BF21E0CB32456971FC5F9A8DFF217CEC55E1993DA67EE68F98BE6025EC0D"
Last-Modified: Sun, 11 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Sun, 11 Sep 2022 13:10:17 GMT
Date: Sun, 11 Sep 2022 07:10:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 11 Sep 2022 06:56:07 GMT
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 07:05:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m2ZALGDduq_uTbImFGbCjt4wfpSU5eCjVbbBo5Oesfou5FMyGpgfsg==
Age: 874
denkodrom.de/
83.169.35.10200 OK 44 kB IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8491)
Hash c78f7b67568ed12d8d17a7e0fd169fe8
c9923b7819565b5d6ec5131676f1321bb52e68a6
ec4f308e75687a502420d7c5c51ccea45deb1fbe5b365857c900bc2b48ccfd75
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Link: <https://denkodrom.de/index.php?rest_route=/>; rel="https://api.w.org/", <https://denkodrom.de/index.php?rest_route=/wp/v2/pages/11>; rel="alternate"; type="application/json", <https://wp.me/P7Y4B1-b>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.4.16, PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5046
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:41 GMT
Last-Modified: Sun, 11 Sep 2022 05:46:35 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
denkodrom.de/wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/frontend.css?ver=1.0
83.169.35.10200 OK 407 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/frontend.css?ver=1.0
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
Hash 96715e73de53052e2da1cb15fe023429
4649ba927ac7afb5e2a70b86c18f7f5b2b484f10
888367a4ed32cf98042f1a24333d148d5903056b6e25862ceb19e68536f58ae8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/frontend.css?ver=1.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sun, 10 Apr 2022 16:37:42 GMT
ETag: "457-5dc4f7255e19c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 407
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/admin-font.css?ver=3.8.1
83.169.35.10200 OK 821 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/admin-font.css?ver=3.8.1
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (653)
Hash c356bd6b1182505cc845b5bd5c48c9aa
9a61f980cb2af5f9f09725431b7821345fc1ce14
e860f1aba9ba3e1c9a7ad4ec44d128ef21bf3cc3bf79039d3764d46213c51724
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/admin-font.css?ver=3.8.1 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sun, 10 Apr 2022 16:37:42 GMT
ETag: "c86-5dc4f7255e19c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 821
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-content/themes/twentysixteen/style.css?ver=20201208
83.169.35.10200 OK 14 kB URL HTTP/1.1 denkodrom.de/wp-content/themes/twentysixteen/style.css?ver=20201208
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (413)
Hash 3cd23c072cbb4b1fc87ad39d7d7ff79b
df201c4be696ffc13509482f77c94d940db44204
b3299bfac8851600960fe8ad8f2be54f3a58937727239cf3ffa189e522d0eca8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentysixteen/style.css?ver=20201208 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:25:58 GMT
ETag: "114a6-5e128a486433d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 13456
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-content/plugins/jetpack/modules/theme-tools/compat/twentysixteen.css?ver=11.0
83.169.35.10200 OK 3.1 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/modules/theme-tools/compat/twentysixteen.css?ver=11.0
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
Hash 2932679d98fe461e0df0f70f7d3e9c1d
5256a2fdb53d00db4e475bad71c2a50028035d02
1f93012b40a0ce4eb9088b0251cfc73b4b6330e70666d10233085b014bf5fe6f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/modules/theme-tools/compat/twentysixteen.css?ver=11.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "4236-5e128803ea3f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3119
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
83.169.35.10200 OK 12 kB URL HTTP/1.1 denkodrom.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Wed, 13 Jul 2022 00:17:06 GMT
ETag: "15b64-5e3a4b48f4b7c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 11681
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-logoNEU-1.jpg?w=836&h=162&ssl=1
192.0.77.2200 OK 5.2 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-logoNEU-1.jpg?w=836&h=162&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 836x161, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b94f1f9297e0a46c1c59cdd75d01b9a7
9bf70d8fce6691bc9cdf16a9e3ddb916a6452b60
40d989f38c7c4236047e4b76525ca49b62eb4b1fcdc8c5d7b16119903de95e28
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom-logoNEU-1.jpg?w=836&h=162&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 5184
last-modified: Thu, 01 Sep 2022 20:07:00 GMT
expires: Sun, 01 Sep 2024 08:07:00 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom-logoNEU-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c8d857e19fa39473"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
denkodrom.de/wp-content/themes/twentysixteen/css/blocks.css?ver=20220524
83.169.35.10200 OK 1.9 kB URL HTTP/1.1 denkodrom.de/wp-content/themes/twentysixteen/css/blocks.css?ver=20220524
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
Hash 1643c2c1872b8975dfe9b3216095638a
bf3f2e6d2702b8ddb3a8d662b05f08c9c4503941
d80c11bdc71b5a09d02e315fd1e9d0b506d14e7da982e206f7575ca5d952d1c1
GET /wp-content/themes/twentysixteen/css/blocks.css?ver=20220524 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:25:58 GMT
ETag: "214e-5e128a4862fb4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1892
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
83.169.35.10200 OK 1.2 kB URL HTTP/1.1 denkodrom.de/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (4186), with no line terminators
Hash 30d57d7aa11190e44974cce8621f22c7
59f516369877009cce06ca45b1c296944bb674a4
094ae87a3d4cee4a1ddc5cada149c2deacabd4cf2e377b97fe4ca641142258ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Fri, 22 Nov 2019 15:35:18 GMT
ETag: "105a-597f12940691f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1156
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
83.169.35.10200 OK 2.6 kB URL HTTP/1.1 denkodrom.de/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (11256), with no line terminators
Hash 583529ff412cb2b255fa606024d1133e
8db4b0a0be402cc5e38488528791b73b0c7369d0
6fdf0933a8faf229b277740f401600834c00d0b204f7ed38293cd4abcdb3ea20
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:27:35 GMT
ETag: "2bf8-5b9a638f9e388-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2592
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/cropped-cropped-stempeldenkodromSMALL-1-2.png?w=1200&ssl=1
192.0.77.2200 OK 267 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/cropped-cropped-stempeldenkodromSMALL-1-2.png?w=1200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 267 kB (267230 bytes)
Hash 2f78c6ece059f19b0b2b58f3b265d7f2
b9cc8c8c6925549c1a6a4451018b0bc1bb377b88
0bf6635adea54616336ef022d4f6a5247cf394ca4d749a5654dde43299ce0149
GET /denkodrom.de/wp-content/uploads/2016/10/cropped-cropped-stempeldenkodromSMALL-1-2.png?w=1200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 267230
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2016/10/cropped-cropped-stempeldenkodromSMALL-1-2.png>; rel="canonical"
x-content-type-options: nosniff
etag: "e6baf0d1573250c1"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-f%C3%BCr-tk-copy-1.jpg?w=715&h=164&ssl=1
192.0.77.2200 OK 15 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-f%C3%BCr-tk-copy-1.jpg?w=715&h=164&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 568x130, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 60f99621382b1c2e0daa9e064943a5d6
3963884cfddef562587f42c2d0c98b809ec4c837
39a35a4fc81207e3970bac83de8bc4b0ca1fd52da5a5b517c67e967c429b2161
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom-f%C3%BCr-tk-copy-1.jpg?w=715&h=164&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 14660
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom-f%C3%BCr-tk-copy-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "2d6de3f4fbcff606"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkotitel-neu-1.gif?w=836&h=208&ssl=1
192.0.77.2200 OK 508 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkotitel-neu-1.gif?w=836&h=208&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 508 kB (508316 bytes)
Hash a6d6abcd64bbf3e4a78d6fdc189dd8da
8d1254d01627f9c01bde37b4ec56666b08b02828
c13cf8d7a9894feb98a7f992dc0d7bce96268e8b6d31fce850b15fb6562bd290
GET /denkodrom.de/wp-content/uploads/2017/02/denkotitel-neu-1.gif?w=836&h=208&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 508316
last-modified: Fri, 09 Sep 2022 04:20:55 GMT
expires: Sun, 08 Sep 2024 16:20:55 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkotitel-neu-1.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "282b863ff096e5d6"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom_2013_festival_flyer_hinten_copy-1.jpg?w=252&h=352&ssl=1
192.0.77.2200 OK 7.2 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom_2013_festival_flyer_hinten_copy-1.jpg?w=252&h=352&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 251x352, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6a01b29914b58dc0cb8d54f3f63bc113
e8750efc5c6f3f360139db9387ffd3264a442a1d
1ecc8fd137462a2414577487c586510f1a1d132d2acafc93e050377818258ac3
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom_2013_festival_flyer_hinten_copy-1.jpg?w=252&h=352&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 7226
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom_2013_festival_flyer_hinten_copy-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "011c4f2b845ffc19"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEBDenkodrom2016FirouziVornFLYER-1.jpg?w=397&h=345&ssl=1
192.0.77.2200 OK 3.3 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEBDenkodrom2016FirouziVornFLYER-1.jpg?w=397&h=345&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 397x344, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1737f23731a51f8c0613264260df4ea1
3e08b5ff9f2830debfa27e6b49b4f7a30570666a
d960b6188ca3f23a4b21a2413150945771030c8be60c32ae980dc6524ababedb
GET /denkodrom.de/wp-content/uploads/2017/02/WEBDenkodrom2016FirouziVornFLYER-1.jpg?w=397&h=345&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 3312
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/WEBDenkodrom2016FirouziVornFLYER-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1f4e9e4050bd973c"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom_im_bau-1.jpg?w=397&h=265&ssl=1
192.0.77.2200 OK 7.7 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom_im_bau-1.jpg?w=397&h=265&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 397x264, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 68d46780268d6476504ebd6c011910c6
db9edcb8a300f0aaa0378c471bce78d58246b8c6
3481ca3ef26501d885b5d64cf43acb40b04ffa7f66516e83a9c685d569d449d9
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom_im_bau-1.jpg?w=397&h=265&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 7676
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom_im_bau-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "49c93dc024134531"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-flyer-1.jpg?w=610&h=219&ssl=1
192.0.77.2200 OK 6.3 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-flyer-1.jpg?w=610&h=219&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 610x219, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7791697bd921761fc9c0f79207b53965
8e089e2f7e39d467934fe3ce1421530419ddf369
4942521f2fd71be155c2d6d1f3f5d35568799b7334ae39e8eb68e0d66b7315a2
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom-flyer-1.jpg?w=610&h=219&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 6290
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom-flyer-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "60520fadce4c074e"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen-1.jpg?w=276&h=391&ssl=1
192.0.77.2200 OK 14 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen-1.jpg?w=276&h=391&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 276x391, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5afab76f26c76e80d91fda11e0c1396c
ca4c3fb036377fd026ed100c13ac9123f4189a28
5fc03bce0a179aa9c45af1b6a63db34f919439e3de5787be4c7e46d9b9aa37d4
GET /denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen-1.jpg?w=276&h=391&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 14198
last-modified: Fri, 09 Sep 2022 04:20:54 GMT
expires: Sun, 08 Sep 2024 16:20:54 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9fa8f3f9ed339858"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/roxxychaosundderangsthaseFRONTFLYERNEU-724x1024-e1486836859124-1.jpg?w=558&h=395&ssl=1
192.0.77.2200 OK 6.8 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/roxxychaosundderangsthaseFRONTFLYERNEU-724x1024-e1486836859124-1.jpg?w=558&h=395&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 558x394, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5662bc44f5aafd6fed1ac6ef327e62ae
c15cd2283b30496bc2218c2d5fd2de6aa0735539
da510429ca033b7d95eb41f17eabbde6dbf752c377ddd4efc2f8563f3945e5aa
GET /denkodrom.de/wp-content/uploads/2017/02/roxxychaosundderangsthaseFRONTFLYERNEU-724x1024-e1486836859124-1.jpg?w=558&h=395&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 6840
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/roxxychaosundderangsthaseFRONTFLYERNEU-724x1024-e1486836859124-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e459fe4694550c57"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEB-DENKODROM-FLYER-091211-SCHICKEN-1.jpg?w=117&h=164&ssl=1
192.0.77.2200 OK 9.1 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEB-DENKODROM-FLYER-091211-SCHICKEN-1.jpg?w=117&h=164&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 117x164, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1fe24459b5c4abcc18c5037a9fb55838
a9343ec7ea35168552441989b345069e2178b302
df88a6ef3c2c4a50c6f86b07608b5bdb3f58c766a6d26f650e4e943033e70cd6
GET /denkodrom.de/wp-content/uploads/2017/02/WEB-DENKODROM-FLYER-091211-SCHICKEN-1.jpg?w=117&h=164&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 9080
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/WEB-DENKODROM-FLYER-091211-SCHICKEN-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "fcaa8b4c05dd15dc"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen2-1.jpg?w=276&h=391&ssl=1
192.0.77.2200 OK 12 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen2-1.jpg?w=276&h=391&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 276x391, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 70a6bcf99f7d9b97c9dfbc5ef46f7f08
af78f5d5f4c2fae413776a7c6e7bf8f9b59cabb2
e6f5f18a6b694f9e5749a15c07a05bee9288445005948f269fc4b8664184ca07
GET /denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen2-1.jpg?w=276&h=391&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 11476
last-modified: Thu, 01 Sep 2022 17:30:18 GMT
expires: Sun, 01 Sep 2024 05:30:18 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen2-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4cf882eb4b88eebc"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen3-1.jpg?w=276&h=391&ssl=1
192.0.77.2200 OK 8.7 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen3-1.jpg?w=276&h=391&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 276x391, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be1713dea138ea0f2403a598e5baae53
c7fd493e5d9d0860ccf6840b6df4460535861759
7f0fbc0a6cf5ad2fc4b102f5e50933d6df37d37c4f26b7533ae3232fe2dab364
GET /denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen3-1.jpg?w=276&h=391&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 8724
last-modified: Thu, 01 Sep 2022 17:30:18 GMT
expires: Sun, 01 Sep 2024 05:30:18 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen3-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "df946ebbc6cdb91d"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/FlyerSHEMAERAweb-1.jpg?w=711&h=257&ssl=1
192.0.77.2200 OK 13 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/FlyerSHEMAERAweb-1.jpg?w=711&h=257&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 711x256, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a367305a655901738cae151cbbead3a4
421b6660e219ba92286a3e826552515d3f0a516f
39d10532921cbcdce0402b7a23fe253949ca82d46716f6d3798440156df4c9bd
GET /denkodrom.de/wp-content/uploads/2017/02/FlyerSHEMAERAweb-1.jpg?w=711&h=257&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 12782
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/FlyerSHEMAERAweb-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9700f564315425d8"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen4-1.jpg?w=416&h=589&ssl=1
192.0.77.2200 OK 24 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen4-1.jpg?w=416&h=589&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 416x589, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 659edf65ba106a94daf983035d90caec
0aa57eb0be053e24bab89b35998119f504a32ad5
ff8685960326fde245a0bdc352b6bbf8f35775ee19dd839cf79473727d91f444
GET /denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen4-1.jpg?w=416&h=589&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 23560
last-modified: Fri, 09 Sep 2022 04:20:54 GMT
expires: Sun, 08 Sep 2024 16:20:54 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen4-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6104e924a457703f"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEB-FLYER-DENKODROM-091211-SCHICKEN-HINTEN-1.jpg?w=222&h=311&ssl=1
192.0.77.2200 OK 27 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEB-FLYER-DENKODROM-091211-SCHICKEN-HINTEN-1.jpg?w=222&h=311&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 222x311, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf25d8e21e1c22e52ce2132b41e4417a
32e4ea42a55d843a937159f685f2a41253b0cdfb
d22bfde038be8a6b6c7079efc3a2054a459ee5b5ab842507302b975a0f690960
GET /denkodrom.de/wp-content/uploads/2017/02/WEB-FLYER-DENKODROM-091211-SCHICKEN-HINTEN-1.jpg?w=222&h=311&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 26668
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/WEB-FLYER-DENKODROM-091211-SCHICKEN-HINTEN-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3bc415118d0d5dcd"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Ruhe-sanft-Bittergedanke-1.jpg?w=304&h=215&ssl=1
192.0.77.2200 OK 5.2 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Ruhe-sanft-Bittergedanke-1.jpg?w=304&h=215&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 304x214, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fd923ed8d957ea2102e1eee8de629ec7
c40367d19ba1ef5d2652c35d6285d43a239cb72d
1cb2c6339351efa461340facdb9b39049758150d7f09467cf0c8cf20eb61f407
GET /denkodrom.de/wp-content/uploads/2017/02/Ruhe-sanft-Bittergedanke-1.jpg?w=304&h=215&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 5158
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/Ruhe-sanft-Bittergedanke-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9cbbc8e06544acac"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen5-1.jpg?w=416&h=589&ssl=1
192.0.77.2200 OK 16 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen5-1.jpg?w=416&h=589&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 416x589, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d69a042c2608bf760584451238f117e4
1649017bd5d2867fc8c309e4fdb21dbb36f9a876
89ae9c0f6ee8cd25c3a7a6a1423d5c4f6254e52b9e2f825fb65328e44b4f6a3f
GET /denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen5-1.jpg?w=416&h=589&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 16238
last-modified: Thu, 01 Sep 2022 17:30:18 GMT
expires: Sun, 01 Sep 2024 05:30:18 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen5-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5d71c89fd70886d1"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-COLOUR-1.jpg?w=836&h=394&ssl=1
192.0.77.2200 OK 32 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-COLOUR-1.jpg?w=836&h=394&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 836x394, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5fcc5c39a52b767ae6f86499b3574794
5879154c817e1b344a82095ed0318d79b1124c9e
b9cdd090d09ae86cf25369721fb75cd216a0783206cba4fa08b3d5328f7ad4b6
GET /denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-COLOUR-1.jpg?w=836&h=394&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 32526
last-modified: Thu, 01 Sep 2022 17:30:18 GMT
expires: Sun, 01 Sep 2024 05:30:18 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-COLOUR-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7703628541be34c0"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
denkodrom.de/wp-content/plugins/podlove-web-player/js/cache.js?ver=5.5.1
83.169.35.10200 OK 787 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/podlove-web-player/js/cache.js?ver=5.5.1
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (1837), with no line terminators
Hash de26d99b84a45a22c32211a3a421e261
0e8abef53a2256c3876d9cf452492979130dd4aa
4eb4eb5c67c6647697ab570ddeafc33f6176451c170c2fd20ba486f874c65dfb
GET /wp-content/plugins/podlove-web-player/js/cache.js?ver=5.5.1 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 07 May 2022 14:56:02 GMT
ETag: "72d-5de6d2c750a2e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 787
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
83.169.35.10200 OK 4.2 kB URL HTTP/1.1 denkodrom.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:27:35 GMT
ETag: "2bd8-5b9a638f8baa7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4169
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/plugins/jetpack/css/jetpack.css?ver=11.0
83.169.35.10200 OK 16 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/css/jetpack.css?ver=11.0
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash b07332d0f1dd3507e39a09c83764f078
bfeeb2b2d8204d8a158d95b431ccafc27211320e
f57839acebd788d72bf4e9f8e76e845e97e10e8fa3451f40629bc04a825fa84b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "14ef8-5e12880433fae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 16431
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
83.169.35.10200 OK 16 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (18732)
Hash dd0f53262702f111ddf86f20d1f605d1
a073021fe1aed82f104e7da84fa70bf8815a7d2b
7292e6d1bfe7ed6ee6bb7e9d5cd0483dae1d629955f6efae5c431e928422d1a4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "6e6a-5e1288047faa6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 16441
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-content/plugins/podlove-web-player/web-player/embed.js?ver=5.5.1
83.169.35.10200 OK 43 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/podlove-web-player/web-player/embed.js?ver=5.5.1
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65473)
Hash 7c6bd52e10fdddfb5617c797c18b1817
335e27f209a14e45c36677a3eb1f699b5202742f
76ff6133a901f35e703fbd4b10194b06dcd77e167e651343c5c6dd4630456807
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/podlove-web-player/web-player/embed.js?ver=5.5.1 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 07 May 2022 14:56:02 GMT
ETag: "212ed-5de6d2c746a06-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 42952
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/FlyerFestival-XdrUck-e1486836829857-1.jpg?w=678&h=320&ssl=1
192.0.77.2200 OK 29 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/FlyerFestival-XdrUck-e1486836829857-1.jpg?w=678&h=320&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 678x319, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d845f8bed2342fc968c5305642dafd0
c8bd5a8f3bbb98b9147218854b068b971f4fce88
b1bb4748f169717cb6bbeb488d6ff8f1482475494ae1cfc5791bc94157df3009
GET /denkodrom.de/wp-content/uploads/2017/02/FlyerFestival-XdrUck-e1486836829857-1.jpg?w=678&h=320&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 28674
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/FlyerFestival-XdrUck-e1486836829857-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f106c5c90ae62166"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/denkodrom.de/wp-content/uploads/2022/05/taeterheader.png?resize=1024%2C606&ssl=1
192.0.77.2200 OK 307 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2022/05/taeterheader.png?resize=1024%2C606&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 307 kB (306652 bytes)
Hash 4c319783fd744c82ac702f4d77ed139a
44d3d85fd8c9620c1c8aee5f00ffae40bbedcf73
c248d18c0ace349e15d7f13fccefc83879b34dfcd5d7c07070cd7293b375a8f4
GET /denkodrom.de/wp-content/uploads/2022/05/taeterheader.png?resize=1024%2C606&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 306652
last-modified: Tue, 06 Sep 2022 07:17:54 GMT
expires: Thu, 05 Sep 2024 19:17:54 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2022/05/taeterheader.png>; rel="canonical"
x-content-type-options: nosniff
etag: "810c94bce0b0dd89"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/WEBdenkodrom-bataille-aufkleber-1.jpg?w=274&h=196&ssl=1
192.0.77.2200 OK 17 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/WEBdenkodrom-bataille-aufkleber-1.jpg?w=274&h=196&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 274x195, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 25dec122229f92b063137596c03fcbfe
95a431252e1a37244ee88585222c84e9a5b70cb0
5f018e610c8178db8e9fa8b25a2b08fc44468bbe36e060530c261868ecb5302b
GET /denkodrom.de/wp-content/uploads/2016/10/WEBdenkodrom-bataille-aufkleber-1.jpg?w=274&h=196&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 16966
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2016/10/WEBdenkodrom-bataille-aufkleber-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8f8a2ae9ea7d5130"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/stempeldenkodromCENTER-1.jpg?w=222&h=219&ssl=1
192.0.77.2200 OK 11 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/stempeldenkodromCENTER-1.jpg?w=222&h=219&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 222x219, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 26d14e01a3ab763a93b6626be1ac9cf4
a7b039fd4107b699d5b9e6f179bc5f15ec240aad
737554df40eb54ae878a6ccb31a561545125677da66dbda726125612a4e553bc
GET /denkodrom.de/wp-content/uploads/2016/10/stempeldenkodromCENTER-1.jpg?w=222&h=219&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 11406
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2016/10/stempeldenkodromCENTER-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "de66696583020973"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer11-1.jpg?w=211&h=296&ssl=1
192.0.77.2200 OK 8.4 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer11-1.jpg?w=211&h=296&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 211x296, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0a88b7b26ca13aabf656550f933eb58e
126c407f1aa32541d7b03e3311770258b3add297
83d45d0ce2a623fe4b985212cb7f5234425ab2232736dbea9034c68e2c2c4b6a
GET /denkodrom.de/wp-content/uploads/2017/02/flyer11-1.jpg?w=211&h=296&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 8374
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/flyer11-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3f73390bf69dadc3"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-ALLEIN-e1486836875441-1.jpg?w=325&h=165&ssl=1
192.0.77.2200 OK 4.9 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-ALLEIN-e1486836875441-1.jpg?w=325&h=165&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 325x165, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 49c64ffdc376a1d13d95470a7b810991
a0ca5aae9698c62ad708854eca9b17915970f8ca
e5a43e8a72af7ed5f4f69417b18617e82c257f5cd00456f8078b8d198360676b
GET /denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-ALLEIN-e1486836875441-1.jpg?w=325&h=165&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 4854
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-ALLEIN-e1486836875441-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "dfa97b1023657207"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodromtransgression-1.jpg?w=274&h=195&ssl=1
192.0.77.2200 OK 2.8 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodromtransgression-1.jpg?w=274&h=195&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 274x195, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 325090533cceadb4a38e1624fa8c541e
dfbca52689ad93435e5c6a515fc5376b69b31d75
2144b230a64713ac91f036acff1e2979420a7df4f4077c6dafee552685917a2d
GET /denkodrom.de/wp-content/uploads/2017/02/denkodromtransgression-1.jpg?w=274&h=195&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 2816
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodromtransgression-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "cb9e3934487bd702"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Tag-Im-Park-Logo-mit-Schrift-1.jpg?w=154&h=320&ssl=1
192.0.77.2200 OK 5.7 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Tag-Im-Park-Logo-mit-Schrift-1.jpg?w=154&h=320&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 154x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd842d54732da09a5e782763c69a0b10
f305478ff22d6a068c27b9d87e74578190e27284
3b67dff9876d290d92d4c1d4cfcee7afe1dba0c1f2d88d9c95939f9fa57c598c
GET /denkodrom.de/wp-content/uploads/2017/02/Tag-Im-Park-Logo-mit-Schrift-1.jpg?w=154&h=320&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 5664
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/Tag-Im-Park-Logo-mit-Schrift-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "640e548bd3fab56a"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Tagimpark_16_Flyer_RZ_vorne-2-1.jpg?w=121&h=257&ssl=1
192.0.77.2200 OK 7.1 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Tagimpark_16_Flyer_RZ_vorne-2-1.jpg?w=121&h=257&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 121x257, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ebc8e7502855179d437bcefe531cfbc6
0e2776bc78fef01df7b43e210503e1cfd2e186e3
46a04bf84f719cc7ea023f5e8df4c38220e3eec18c689639f8e113430de165f5
GET /denkodrom.de/wp-content/uploads/2017/02/Tagimpark_16_Flyer_RZ_vorne-2-1.jpg?w=121&h=257&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 7122
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/Tagimpark_16_Flyer_RZ_vorne-2-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "15a7c00c2b949450"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-b%C3%BChnenbild-1.jpg?w=325&h=183&ssl=1
192.0.77.2200 OK 69 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-b%C3%BChnenbild-1.jpg?w=325&h=183&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cf08a45d348b8b7e8a679c7eb21a4cf3
f8dce7f7fc3efc94543ad9b322a6fee82688a9fe
299a539ae66531b3cf73157a23f5a07d5ac8df8f450e57b90673586330c8dccb
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom-b%C3%BChnenbild-1.jpg?w=325&h=183&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 68558
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom-b%C3%BChnenbild-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "feb0dd236826a25b"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
denkodrom.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
83.169.35.10200 OK 5.0 kB URL HTTP/1.1 denkodrom.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:13:34 GMT
ETag: "48b9-5e1287831097d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5009
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/plugins/scroll-to-anchor/js/scroll-to-anchor.min.js?ver=6.0.2
83.169.35.10200 OK 425 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/scroll-to-anchor/js/scroll-to-anchor.min.js?ver=6.0.2
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (758), with no line terminators
Hash 1f4f6fb19bb5fe725ff003c00776d9f3
f18859fb57e00675a86bd82ab4a40568eefd64cd
28ab9fb7681b46c212aee56eab3166a5d50152a59c3dcea50895a1a686069e9f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/scroll-to-anchor/js/scroll-to-anchor.min.js?ver=6.0.2 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Fri, 16 Nov 2018 17:25:07 GMT
ETag: "2f6-57acb72da95c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 425
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/themes/twentysixteen/js/functions.js?ver=20181217
83.169.35.10200 OK 2.1 kB URL HTTP/1.1 denkodrom.de/wp-content/themes/twentysixteen/js/functions.js?ver=20181217
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
Hash d03942453ec530effaadcfffcd4bada9
49e6b8c586d6919d60fd0d94849cc9060b7efcd6
48a2e867393371e38135d2087c0c7f6e1a3170661e66cb042b24b989faf6a428
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentysixteen/js/functions.js?ver=20181217 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:25:58 GMT
ETag: "1ca1-5e128a4864b0d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2084
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkotest2016flyerVorn-1.jpg?w=621&h=296&ssl=1
192.0.77.2200 OK 17 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkotest2016flyerVorn-1.jpg?w=621&h=296&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 621x295, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 133544e11ea03905102f505711414a48
8558edfd06430b31cb967f9aeaad4e88c5080b72
35f5c36f5f7e928807ca27c6ba9489fc389268cc0d966c928a59d48c99494d53
GET /denkodrom.de/wp-content/uploads/2017/02/denkotest2016flyerVorn-1.jpg?w=621&h=296&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 16954
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkotest2016flyerVorn-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "db0b1378ccd94d43"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-bunt-logo-fun-1.jpg?w=304&h=155&ssl=1
192.0.77.2200 OK 12 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-bunt-logo-fun-1.jpg?w=304&h=155&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 304x154, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b38ca2443b06efb450d360d9b92b4dc1
3afd57210bceb3475e6f98feec3e6310421eea8f
a776d07dccfb9641866595af73c9ce3f066800e726a11ab20ffa5fbb1f2001c1
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom-bunt-logo-fun-1.jpg?w=304&h=155&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 11492
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom-bunt-logo-fun-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "151ccce08e4ca293"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-452012-denkovorn-1.jpg?w=528&h=374&ssl=1
192.0.77.2200 OK 15 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-452012-denkovorn-1.jpg?w=528&h=374&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 528x373, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed28b24e3b8a22d62d328a5b86c6149c
592397065e81b071d106289d23f5f1770e323ddc
751d6d21f91df104b6f4cb2f2dfb7138a1cf0421f33cc44873ab537504f9f4f9
GET /denkodrom.de/wp-content/uploads/2017/02/flyer-452012-denkovorn-1.jpg?w=528&h=374&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 15012
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/flyer-452012-denkovorn-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "897b072ea75632f0"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
denkodrom.de/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
83.169.35.10200 OK 369 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (685), with no line terminators
Hash accd80b294f42169b1e447e68bacfffe
40847092d82d78897a8219b270b22838fcc0bb95
35e8294d38f054cd6fbcdef72076443685888546d93b41a596e981a5e9a61552
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "2ad-5e128804a0231-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 369
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
83.169.35.10200 OK 588 B URL HTTP/1.1 denkodrom.de/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
Hash 6209669d9298e364d532dac780c3b015
a00a7286154427c580f0b5fd65ffab6148662104
7f119c8a8a132ff8c30088b18d4a4479c2d4fc1c65c275f49348db4de92fc58f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:25:58 GMT
ETag: "423-5e128a4864b0d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 588
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyerSENDvorn-denkodrom-2016vornSEND-1.jpg?w=610&h=311&ssl=1
192.0.77.2200 OK 32 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyerSENDvorn-denkodrom-2016vornSEND-1.jpg?w=610&h=311&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 610x310, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af5df8ef8bfc5cbf0ab0492986a434c7
3e9d04089d22b8d484c7a4e50f8004e9fbe2351e
8ecf7073f60f23839abe83f20baff2c83f8a356955d68b6c97f74eb93d1200c9
GET /denkodrom.de/wp-content/uploads/2017/02/flyerSENDvorn-denkodrom-2016vornSEND-1.jpg?w=610&h=311&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 31938
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/flyerSENDvorn-denkodrom-2016vornSEND-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "29f492148082455c"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/DENKODROM-FESTIVAL-15122012-FLYER-1.jpg?w=251&h=352&ssl=1
192.0.77.2200 OK 20 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/DENKODROM-FESTIVAL-15122012-FLYER-1.jpg?w=251&h=352&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 251x352, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df60c2aa786fb1f9b3a6c2c01ef08195
1a081cfdddacf62928067be08a5ac2638b0b3891
aea5920b1b1bc47762164f9903cfa60c91ca29061b44e993497782eeb44cd793
GET /denkodrom.de/wp-content/uploads/2017/02/DENKODROM-FESTIVAL-15122012-FLYER-1.jpg?w=251&h=352&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 19902
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/DENKODROM-FESTIVAL-15122012-FLYER-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "98ab7e53c6350f74"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/roxxyangsthase-flyer-bochumessen-1.jpg?w=435&h=614&ssl=1
192.0.77.2200 OK 27 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/roxxyangsthase-flyer-bochumessen-1.jpg?w=435&h=614&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 434x614, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aba14e8ad16cc60194778e047e5fead5
6524343fc09dd6c34953951ac4a86db0627de06c
7d20fed613853e7e31ce56aadea40cca1e8963d3ec9b71d4eea7d79cc5fd7ab8
GET /denkodrom.de/wp-content/uploads/2017/02/roxxyangsthase-flyer-bochumessen-1.jpg?w=435&h=614&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 26682
last-modified: Sun, 11 Sep 2022 07:10:41 GMT
expires: Tue, 10 Sep 2024 19:10:41 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/roxxyangsthase-flyer-bochumessen-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7f1a9c19f25ed7db"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
denkodrom.de/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=11.0
83.169.35.10200 OK 7.4 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=11.0
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (24247), with no line terminators
Hash cfeb5cda9604ac407a38e2e38c550686
3a590af7eb2c38f99cf4046f4e1d19f1f2d685a0
9f45f4938861e2eb25fb613b2f5b080a2bc91d29758b3e7c34fe78a3277d0ea9
GET /wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=11.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "5eb7-5e128804a7762-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7408
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?ver=11.0
83.169.35.10200 OK 1.1 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?ver=11.0
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (3156), with no line terminators
Hash 83b62b43597cbf6234809db22be8a07d
d9213019e87b6ea47ab3e21ab7517333e5c6a569
c0ec22e47b171f212b70022432369149ab57d0a1640edb9c68db7395d7691af1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?ver=11.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "c54-5e128804a8702-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1115
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522
83.169.35.10200 OK 669 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (1604), with no line terminators
Hash 96910fa5e877382dca1d53961c945dfc
6d8a48dc7873d601d1836904a73c63a2187627d8
5f4fc85b7b1e489bffa35e361248937db954246932e0188efa9f0bee621b9b89
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "644-5e128804a96a2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 669
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/plugins/jetpack/modules/theme-tools/responsive-videos/responsive-videos.min.js?ver=1.3
83.169.35.10200 OK 406 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/modules/theme-tools/responsive-videos/responsive-videos.min.js?ver=1.3
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (777), with no line terminators
Hash 39593a85fb622426c540b5d71bc4543f
7b2536b7210e340b7e7166b28c73f8de70ee1cf5
078b3ac68fb4fe678b0372e8a6844913d22d9bda991d6feb64e9b9bc3c81ba1b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/modules/theme-tools/responsive-videos/responsive-videos.min.js?ver=1.3 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "309-5e128803e7517-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 406
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
i1.wp.com/denkodrom.de/wp-content/uploads/2019/05/60208005_1011136579082985_1746620700858253312_n.jpg?w=480
192.0.77.2200 OK 33 kB URL HTTP/2 i1.wp.com/denkodrom.de/wp-content/uploads/2019/05/60208005_1011136579082985_1746620700858253312_n.jpg?w=480
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 480x262, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed7e622df019333d5b1b02e14436b34e
51397230768ec1a010cdfe87c09160ce2a28aa89
98a7254f6f45fadf9b2f6729f12fe86855407de1e1538b67a5d7e8f689e3d56e
GET /denkodrom.de/wp-content/uploads/2019/05/60208005_1011136579082985_1746620700858253312_n.jpg?w=480 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: image/webp
content-length: 32982
last-modified: Wed, 31 Aug 2022 01:17:34 GMT
expires: Fri, 30 Aug 2024 13:17:34 GMT
cache-control: public, max-age=63115200
link: <http://denkodrom.de/wp-content/uploads/2019/05/60208005_1011136579082985_1746620700858253312_n.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "d781682eda0ac0ee"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
denkodrom.de/wp-content/uploads/2016/10/denkobackjpg2-1.jpg
83.169.35.10200 OK 17 kB URL HTTP/1.1 denkodrom.de/wp-content/uploads/2016/10/denkobackjpg2-1.jpg
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x671, components 3\012- data
Hash 08d2b87e4125702bb5fcd9335ba2b982
43e7a7cfc75bad3ee10be249df53aff2bace5a29
8faa01bf08a525321a53124d8d3ab96de802e7e2f98dea7f8212bc099a2695b5
GET /wp-content/uploads/2016/10/denkobackjpg2-1.jpg HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:42 GMT
Server: Apache
Last-Modified: Thu, 11 Jan 2018 16:37:36 GMT
ETag: "41bc-56282c3ee5400"
Accept-Ranges: bytes
Content-Length: 16828
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.148.228.200101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.228.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d1o/nKq/voSaFb+kiJjP2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LvuXBYkIjMecNptnK58Xu44S1HQ=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4a8b934802b39ce62326f039ac83cd96
dbfe44bfbec869b99291881ce7c2539d34d7ca9c
c1d5a7058b585d2207c7162b7d0ed62443426b9b2e1262391ad3118884bda651
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 672
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:42 GMT
Last-Modified: Sun, 11 Sep 2022 06:59:30 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20028, version 1.0\012- data
Hash 2bfde17b9a1384ce64af78db1b87a82f
8effd23e482511e249c3f8e91cdc503729b93598
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://denkodrom.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:16:50 GMT
expires: Wed, 06 Sep 2023 17:16:50 GMT
cache-control: public, max-age=31536000
age: 395632
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://denkodrom.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 16:40:18 GMT
expires: Fri, 08 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 225024
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Hash 101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://denkodrom.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:14:55 GMT
expires: Wed, 06 Sep 2023 17:14:55 GMT
cache-control: public, max-age=31536000
age: 395747
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inconsolata/v31/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/inconsolata/v31/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16244, version 1.0\012- data
Hash 8e34cbcc4dfe30cc0f1afc341388aad8
feb205d0a09ad06d4fb1c62d2b61fb91c8015cef
4f9f98d74dc5dea24db279aedd49367424c72cba9fb67341cbef8bcd2f0ad002
GET /s/inconsolata/v31/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://denkodrom.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 22:51:44 GMT
expires: Sun, 10 Sep 2023 22:51:44 GMT
cache-control: public, max-age=31536000
age: 29938
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.0&blog=117751703&post=11&tz=0&srv=denkodrom.de&host=denkodrom.de&ref=&fcp=0&rand=0.9787642525587887
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.0&blog=117751703&post=11&tz=0&srv=denkodrom.de&host=denkodrom.de&ref=&fcp=0&rand=0.9787642525587887
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.0&blog=117751703&post=11&tz=0&srv=denkodrom.de&host=denkodrom.de&ref=&fcp=0&rand=0.9787642525587887 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:42 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 19780, version 1.0\012- data
Hash 03717344e4dbb2de44988b281bb7430b
0cd3f7724bd0a5bf2460e1a85e35ccfbd5e85c05
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
GET /s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://denkodrom.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:37:09 GMT
expires: Wed, 06 Sep 2023 17:37:09 GMT
cache-control: public, max-age=31536000
age: 394413
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 19900, version 1.0\012- data
Hash bac4e4fc860f0a92beb62a776048f7c0
26eb7089b1050997d371be35946a12ae0cc7218f
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
GET /s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://denkodrom.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:58:31 GMT
expires: Wed, 06 Sep 2023 17:58:31 GMT
cache-control: public, max-age=31536000
age: 393131
last-modified: Tue, 26 Apr 2022 15:46:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2022/01/iofestivalsharepic.png?w=600&ssl=1
192.0.77.2200 OK 128 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2022/01/iofestivalsharepic.png?w=600&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 128 kB (128518 bytes)
Hash a166375aa2322bde7122a41d357579c4
32fdf43294aa05d56a3181195b8e1a73bb6e5150
d5a3bb3094b17ba2ea95c8a5f3eb9b656c19d94fd9fce44a172957aeef68af9d
GET /denkodrom.de/wp-content/uploads/2022/01/iofestivalsharepic.png?w=600&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:42 GMT
content-type: image/webp
content-length: 128518
last-modified: Fri, 09 Sep 2022 04:20:54 GMT
expires: Sun, 08 Sep 2024 16:20:54 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2022/01/iofestivalsharepic.png>; rel="canonical"
x-content-type-options: nosniff
etag: "781e8ea9fed84b4e"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg?fit=192%2C192&ssl=1
192.0.77.2200 OK 8.3 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg?fit=192%2C192&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 78558a4cad6a7e70d8d33a973011f0d7
5846d954715e381b367fbdd492425ecc37b00f67
770dffb9ef9042973011c73e1384c6e8b480fe55fa9d851f9285bfea548464ea
GET /denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:42 GMT
content-type: image/webp
content-length: 8328
last-modified: Sun, 11 Sep 2022 07:10:42 GMT
expires: Tue, 10 Sep 2024 19:10:42 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "84cb5c42bfde589e"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg?fit=32%2C32&ssl=1
192.0.77.2200 OK 548 B URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg?fit=32%2C32&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 203b1c998a993b8933ebff28a0f20006
345b755b2b13f812520aa0fa4299b47d031d73c3
fe6272f811111aedc53f01ec009b6c3d58e12ee788aae9341543fe5464a257c9
GET /denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:42 GMT
content-type: image/webp
content-length: 548
last-modified: Sun, 11 Sep 2022 07:10:42 GMT
expires: Tue, 10 Sep 2024 19:10:42 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b8898fb406d6232a"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 12:31:58 GMT
expires: Sun, 10 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 67124
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4a8b934802b39ce62326f039ac83cd96
dbfe44bfbec869b99291881ce7c2539d34d7ca9c
c1d5a7058b585d2207c7162b7d0ed62443426b9b2e1262391ad3118884bda651
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 672
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:42 GMT
Last-Modified: Sun, 11 Sep 2022 06:59:30 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fcandidecamp.zeeba%2Fposts%2F2043036402619432&width=500
157.240.200.35200 OK 18 kB URL HTTP/2 www.facebook.com/plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fcandidecamp.zeeba%2Fposts%2F2043036402619432&width=500
IP 157.240.200.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (23337)
Hash 284e0d7aed79ecdd31f93ed1b5cd46d9
dc679c9c2971eee00670ce12315ef7d05f11e668
82f79cf4e2c261feac4977455317244331da8363d18f7478e612e279f243bfbb
GET /plugins/post.php?href=https%3A%2F%2Fwww.facebook.com%2Fcandidecamp.zeeba%2Fposts%2F2043036402619432&width=500 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: QiWeNAwuGlVckt32dl798kSfC0D3SI63sVAyvb7IhVPx8PsmSo2ObGT5BIE3KnYTlfYzbG9LehnJwXvRWGDHVw==
date: Sun, 11 Sep 2022 07:10:42 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8972
Expires: Sun, 11 Sep 2022 09:40:15 GMT
Date: Sun, 11 Sep 2022 07:10:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8972
Expires: Sun, 11 Sep 2022 09:40:15 GMT
Date: Sun, 11 Sep 2022 07:10:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8972
Expires: Sun, 11 Sep 2022 09:40:15 GMT
Date: Sun, 11 Sep 2022 07:10:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8972
Expires: Sun, 11 Sep 2022 09:40:15 GMT
Date: Sun, 11 Sep 2022 07:10:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c65d6ae04a64d9d01439fb4fca3f017
5ce0bc5b075b97639453d67d4f3cea61289b7698
eb48687a5974542d11882f854a86ff083528957b0fbc61c797167d8f04e0ffa9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16983
x-amzn-requestid: adf7a560-2f6c-41ba-97b2-860515511e5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YH-CxFp-oAMF9yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631976de-5f4efe0a705012957cf8bbd4;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 05:00:14 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: uoEqiA2HIn5Nbw3RBIqKrCguG-0mLFNBtkB-r3RMitCoJE3fX6wq4w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 05:27:48 GMT
age: 6175
etag: "5ce0bc5b075b97639453d67d4f3cea61289b7698"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ec2646c56c4c522f0744768ad20342b
ad1d9eee90556a359547dc7cbb6758aee2c804cd
0bf9eaa4420bf6290535fd23895c6c723c7de6b849995ba83774532862cfe8b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7635
x-amzn-requestid: dbd07cc7-d0f6-4500-83c6-b19fa9fa2e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt5xDEfUIAMFYXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f09a0-3771b23118f3711e5caca699;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ILut4hEDJbs6jNr3wpPST1HgAYMabIT7cdZebRFETn8lL_QfS92KBA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:34 GMT
age: 34209
etag: "ad1d9eee90556a359547dc7cbb6758aee2c804cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575cbeea-0492-4077-860e-f45cbde03214.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575cbeea-0492-4077-860e-f45cbde03214.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74325b22b17ccc8fc436ee168025db8a
5d9988e20cc17fe6d1e039245e6d3093d828a5f3
8c96153bcbb763de99f8880b5bade68d90f88cff57b8d5218bf209f5d582574e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575cbeea-0492-4077-860e-f45cbde03214.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6481
x-amzn-requestid: ea2eede0-9777-4af2-b5c3-71f4183e8ffc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqeGcyoAMFajw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f30f-72e823577e73983d407fc0ef;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OMxua15pFb1lTLQQeF0JavYDqnZdSgJb2ZJGg7fN2lWcvf0dA5lE2w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 09:38:12 GMT
age: 77551
etag: "5d9988e20cc17fe6d1e039245e6d3093d828a5f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mNvNO0HJjZ1zwPKcjfqiVOnCL0CYXc8BPDSFbV6MXVW71IVt-2K3mQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:54 GMT
age: 33829
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1ZoYLM2Mj7teQm-1Dz80IZxKGqzuzAoEiT85R3RldbJwO6iJR-JJA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:44:01 GMT
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
age: 34002
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: a2fadcbe-350b-4a06-9f9c-ee2da40bb285
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEESeHA_oAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317e742-4740aa3f4ebd479e7a4886ed;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 00:35:14 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jbF2ZaJUhIoJV-o4f6iviFyUnoDW4R0KHTfC5NySmITnsLbD5iJrPQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:11 GMT
age: 34232
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dbe3a0cdacad2b3866fd4934190bd431
969e13ad553587f1577d23125c6119e773a16c59
91dd0e187bc2576c0830567d1ceeadd3a106afe08622ccd6498fe0bdd32f4d4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 06:59:23 GMT
expires: Sun, 11 Sep 2022 07:14:23 GMT
cache-control: public, max-age=900
age: 680
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.2302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 11 Sep 2022 07:10:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dbe3a0cdacad2b3866fd4934190bd431
969e13ad553587f1577d23125c6119e773a16c59
91dd0e187bc2576c0830567d1ceeadd3a106afe08622ccd6498fe0bdd32f4d4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 265 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (993)
Hash e0e78328c7d39527b50d23be97ec21cd
cb983ba70e6d934d7f973fce0741dd6f395f4356
f556751ac7feea7f563ae2b7f13227fedc78aebc85e572ca7d8522cc891110b1
GET /rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 08 Sep 2023 21:04:58 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 4OeDKMfTlSe1DSO+l+whzQ==
x-fb-debug: Jn9G0xU18+O2l87Gfrtx/A5avzLLpb11i/s4GgufrGUsjIede6rq68I3pgco39MXVCHER32/O5/Lv/wbN5TsNw==
priority: u=3,i
content-length: 265
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 03:50:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: 3xBNCoMf+eFbAvWga1+8F4SLoPUO7gfhel9dxgngIYpPBo6nyah2JDyv+8g34EOoCPya28FBBC+mh8Nw6KmPXg==
priority: u=3,i
content-length: 338
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 03:49:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: 1H+cs2lMev1HBpUeTCn8T+bIDVJP2spw0fwEFk5T7AOI7KfQoYsEmOnrz3Rcq60MjlVAxmuaZVBSKR5GO2225w==
priority: u=3,i
content-length: 1657
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yY/l/en_US/aNjKFj6YixL.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 8.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yY/l/en_US/aNjKFj6YixL.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (2905)
Hash a7e668c44c1c44a7eb82bf24800ff5e9
6f2393e5cf5ef26d6a6d661b7856ffcd273a63a6
ad110540fa27e40a9cf3de4aa42ca9632f03a622b73fe41b19f633fe81d6eaea
GET /rsrc.php/v3iLl54/yY/l/en_US/aNjKFj6YixL.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 04:01:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: p+ZoxEwcRKfrgr8kgA/16Q==
x-fb-debug: OXe2utu+T2tst3AhpXTyKaLDMHMngJlMYkXFjBOu0Eu8t+yvQTVlWrsPa4W6ugyVtyAm258OFEt+G6g/fYh6oQ==
content-length: 8358
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y9/r/JGf8H9KH1mW.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 9.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y9/r/JGf8H9KH1mW.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (9886)
Hash 12ee8cecac4344f91112c41bde25523c
ac8ea8f8b40bbaf2cf932ffdf67abb8b14d7ce0d
0558ee7b9742c0bdede937d19d585eec41b4011b9989f47264464eecb46caaa2
GET /rsrc.php/v3/y9/r/JGf8H9KH1mW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 01:53:35 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Eu6M7KxDRPkREsQb3iVSPA==
x-fb-debug: Uud5RQHIoH/jTX1wkNqHZ46qi33GNpF7ZzmSertGn5P346ii4/+ZoZEBb9Jl65qt3yVZ0IUWLWb0yuNW6rj3dg==
content-length: 9040
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/BG1HP4rcPmD.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/BG1HP4rcPmD.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (10494)
Hash 3924a361df348e01934a71e5b42175b2
9e3b9f4d782f356fc29e3def73b60b3a4b3aa6e8
7f11a6ccf2cf98d9b2dcf6585f79a1c6e6822892c5ebaa533549ed37d60a73ca
GET /rsrc.php/v3/y6/r/BG1HP4rcPmD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 30 Aug 2023 19:20:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: OSSjYd80jgGTSnHltCF1sg==
x-fb-debug: 0SQhZbG3mqApumZxSh2bkksdjo0i0zlIFkEuF1inDLBMft2Ap/sTFESePM0iM84cUrUtmtLebVsIZof9QRB0Ow==
priority: u=3,i
content-length: 5229
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/9QJEUDJuAYR.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/9QJEUDJuAYR.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (7299)
Hash 1626e8e828598e06ccd0c47e55b42304
af5c62af35bf22b593fdbe758a2feea6bc1b057f
3798dbb7df2694a222f65f4cadc92e6d133fc8f5fc2b00f326df521cd0c24b25
GET /rsrc.php/v3/yx/r/9QJEUDJuAYR.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 09 Sep 2023 23:12:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Fibo6ChZjgbM0MR+VbQjBA==
x-fb-debug: IH4POXnBZO2Iy5BWvyMaZujRMEZTTbo+BeC03lQcM6SlqoycndMKwUKoUO09Ld0uvA0LivtOkcrhvvqEdCzpMQ==
content-length: 15844
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEBX4/y8/l/en_US/goajNvdCFcB.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.9 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEBX4/y8/l/en_US/goajNvdCFcB.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5962)
Hash 62d0180467ed3941b1b9f5716585ea9c
2602852acf5e0a2b42989ff1c893eb6014ee1284
f5a2cde187894e613d85916279e753de5f2308e33bc82d6b6ce017072ab92ec7
GET /rsrc.php/v3iEBX4/y8/l/en_US/goajNvdCFcB.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 08 Sep 2023 22:53:28 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: YtAYBGftOUGxufVxZYXqnA==
x-fb-debug: UcmVYOo5YmfBz3VNlKxs+SKXCP2Oj/tuYKzwWQTx/pNe2CCrDpm8FlFunTaAYjn3XOQA5HnGqy0GYmdfWqcK+Q==
content-length: 7930
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yV/r/vHZyEidsmJa.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yV/r/vHZyEidsmJa.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (4651)
Hash a5a41590da4dfacf01a0c8445ab7e8b1
b15fcae1815ede96b5e46c7313931055d256187c
1daa60c671f0f35b2a41daa185b60d608403caed1fe6da1d7facabc3d69b9ae0
GET /rsrc.php/v3/yV/r/vHZyEidsmJa.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 02:12:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: paQVkNpN+s8BoMhEWrfosQ==
x-fb-debug: 4Gj56frKo034AmWYKQ9rjk8gQLx2zir+F6saMGkoAxDSjF/wGYs/9r8E06esdOs7+OczSWvaIG9xW5yYI6MUfg==
content-length: 5394
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (41977)
Hash 3ce46348c6edab150e0c6f8ce7cd0a0d
6aea70ed9afc6f514f89c0bca5a99f04c331bc24
8ac7aadd7e52746a466b2721699b1430ab4360c52d4c73dab9f51a849b73857d
GET /rsrc.php/v3iEpO4/yp/l/en_US/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 09 Sep 2023 21:34:36 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PORjSMbtqxUODG+M580KDQ==
x-fb-debug: ID9skeGPphDMTn0QLHQVvnyG8Cp1k60q0870yM0q9WUOK7FL0TwY3F7bmyO+kENE51yQ3AtnuloCdtiAooKsSg==
content-length: 23301
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 01:55:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: 4v83V0HSnkw5ptiiNRO1kGFwMbU+orK+3EYZasdIG2Oyi0baA4rmu8929LFQzKZoVjlzSTW+qKZKnu7PLRpH/Q==
content-length: 827
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y1/r/w61zjcXmJvX.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y1/r/w61zjcXmJvX.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4488)
Hash 2a7532dc8735ffdb23c5247eabaa44b9
6b769f0ecbb411863fa4bd26a843939d8a08920d
7fccf452605ef5d9c81a318e93a57b14003405eea6a0ead970592eb949e1c9ed
GET /rsrc.php/v3/y1/r/w61zjcXmJvX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 15:40:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KnUy3Ic1/9sjxSR+q6pEuQ==
x-fb-debug: cNQlDOwhBPuZXl1pK1hfBm1aMoboqt8Rtlb9DrYqARIVRqYn0xK2bWQYuY/zDPEAOEY5nC3OX68SoTKijNA6PQ==
content-length: 5802
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4061)
Hash d1ba68f146b01f4aef60d79aadb926ea
c6b4703c25d07fd2363e5d67d11e4846d9979b26
abbff04acf96f39a3121ed97505b5a23cbeee9057dd7040c58c4e423c899805d
GET /rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 04:00:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0bpo8UawH0rvYNearbkm6g==
x-fb-debug: PQC11mqfaulS9oaoWW1PMqDs8x6KUoj4s1o2yf+0cJezmt0rcwyUBvDCgCoz5SxCwBp3d8ONU4BN20HUSsFMXg==
priority: u=3,i
content-length: 7236
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/KwKaHiQLJ40.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 4.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/KwKaHiQLJ40.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type assembler source, ASCII text, with very long lines (2642)
Hash f780bb8697cb00018d7f3d67d56f380e
ba6ad121cd80bfcb08cadec2c3c73a8c0d1d4497
4a5391a24c8c369203a3f5640f4d7cf606886f7e9f160b53069b8ddc31bda6a5
GET /rsrc.php/v3/y4/l/0,cross/KwKaHiQLJ40.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 11 Sep 2023 01:49:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 94C7hpfLAAGNfz1n1W84Dg==
x-fb-debug: GGOIAW0i+MtQNZ4bcWpA56FeJE5AbcrSvK/7X5kQu/wcXUxpFdMvP8TLBdK0lVOG5PaolxoVBZ2/jvwKAvnOXA==
content-length: 4763
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/8DVnDfcXpxz.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/8DVnDfcXpxz.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4093)
Hash 7485484bba04990db64126d7164303db
35e5dd00fac4bdf1ef7dbbba58c3e0241d2ea607
65d4157d3f862d126fb5b9a32ae2fb7b9052c2b97076004282fbbd5176c502aa
GET /rsrc.php/v3/yk/l/0,cross/8DVnDfcXpxz.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 11 Sep 2023 03:50:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dIVIS7oEmQ22QSbXFkMD2w==
x-fb-debug: xMZBmdOhc+BLC1PULvUD1tkxlETOW4JnF2AxG8U3389KYcVIcG9ItDCHfFbrkb5aTeyIUxPGY70BVDg/DGzb2w==
content-length: 5452
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yN/r/mXu1RunczE9.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yN/r/mXu1RunczE9.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5261)
Hash 6059f2908fc78af36d89f372311116ef
431905421a858f26f5624203b0ecae7b6d8c6c42
33ba2a807c3a7a85d489d24e1a843c4361a791492fdbe68e471d2064155467f0
GET /rsrc.php/v3/yN/r/mXu1RunczE9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 02 Sep 2023 16:40:07 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: YFnykI/HivNtifNyMREW7w==
x-fb-debug: JgpdMKfVVVh7XXJ4fSmZOjMlHtRDbDaNGgkPLsl1te/smP6V4FuZRZbpIRt3DXJh0sZ+moTj3auLbzEOlflyHQ==
content-length: 12179
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/N_MW1kRCyhn.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 17 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/N_MW1kRCyhn.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (15785)
Hash e423951a1073c1d0d84d7a02f3427cf0
2572cdf0b594ff3c8300b5ecf8604900d8ffa47c
1ade21acc50b2a79acb466210116676ed7197c87a192375f1968a60f929ca271
GET /rsrc.php/v3/yR/r/N_MW1kRCyhn.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 03:36:06 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5COVGhBzwdDYTXoC80J88A==
x-fb-debug: UffFG2e6YpCKlWRT5lWaFbBLDUXkfLTSmhjOcvyCtzDpp0EdpqNRiaMIhXgaNscYDV/9OpGVHSB0j+eMhwa9fg==
priority: u=1,i
content-length: 16587
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 11 Sep 2022 07:10:43 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da7b1c24eee0db0c23872933557b7521
b8bc1215b4073784c048587e51a40152bd88c8ed
6ba38b5c68971135ed3f1fbe7afa658ce883240142a4244ce7d84fa251a64c3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35963)
Hash 0a10e1669fa5f54a96c02562d935783f
fb9c033841ed0848caeede748301a5c91de6c800
25215608c929fe6c434b08bdb327df9b9ca11355840c6408602b8612073f99f5
GET /js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14185
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 05:03:42 GMT
expires: Thu, 07 Sep 2023 05:03:42 GMT
cache-control: public, max-age=31536000
age: 353221
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c5b9d1ae47f12c019ae645fd9d97f8dd
624e78fbbaaf513ca7aa20f084669c6085de1d32
507e060b6e3c0d7f2294a2bc792a3d6dbd3bac9be0ea56eebaf4abb29376ee0b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:43 GMT
server: ESF
cache-control: private
content-length: 30725
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2cd6ebfd1e23be524568bab24934694a
a30075689c933fbae2fe9afb5d2c3ae571a2ff8a
5390ff960df2676c47b8d00ba33b53756c0879f8bc4ac2a0328ea102411ee8d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 4f4cbc1d3e412a1c1981a878a4864340
936cb353315e71b21c58aea2b74c48860e3f3b04
e0be10f9fa0ca863b5db5f4c898eb0a031e2e4caccbbea9af2b5a1ab9368506b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:43 GMT
server: ESF
cache-control: private
content-length: 30803
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/Ox7ik5Xb-pc/sddefault.jpg
142.250.74.150200 OK 32 kB URL HTTP/2 i.ytimg.com/vi/Ox7ik5Xb-pc/sddefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 6da614736254d3ec4e38c16fbbbe8a0f
74266495ff2d3585108fd747fcbb001aed572569
88541fcfee921eb72b78479ec585a22bb9fa227aa606d503f8478641e88072e7
GET /vi/Ox7ik5Xb-pc/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 31988
date: Sun, 11 Sep 2022 07:10:43 GMT
expires: Sun, 11 Sep 2022 09:10:43 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2cd6ebfd1e23be524568bab24934694a
a30075689c933fbae2fe9afb5d2c3ae571a2ff8a
5390ff960df2676c47b8d00ba33b53756c0879f8bc4ac2a0328ea102411ee8d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu_aw9MXQc5C_1EpRKZ7UcxJzXgsy-M2MWh-_K3S=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.5 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_aw9MXQc5C_1EpRKZ7UcxJzXgsy-M2MWh-_K3S=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash fcb155793cabb63420fd14317463f613
00df053827c2923d23ae0329d1d7c96be4134469
49837245eaee16c633f8c71903f30c2469d8ea0bce53159f330a5d2a65316b95
GET /ytc/AMLnZu_aw9MXQc5C_1EpRKZ7UcxJzXgsy-M2MWh-_K3S=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v43"
expires: Mon, 12 Sep 2022 07:10:43 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 11 Sep 2022 07:10:43 GMT
server: fife
content-length: 2456
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
157.240.200.14200 OK 522 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
IP 157.240.200.14:0
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash b4fb567dfdf0df35a097f6e9ecfefd34
f9aa0cbb0dcb1442c15f39e84279c8568ac86beb
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
GET /rsrc.php/v3/ys/r/T1oMBrgJQCd.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: tPtWff3w3zWgl/bp7P79NA==
expires: Sun, 10 Sep 2023 02:11:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: Zm2IcV5FNLfiFl3YKe3m0VoYockZlQXEmzX0Lf70EeaZzQ6EgS1tMf/B0k3k5N2lsdn/mIcYEH02oHwH60ikWA==
content-length: 522
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
157.240.200.14200 OK 2.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
IP 157.240.200.14:0
File type PNG image data, 25 x 203, 8-bit colormap, non-interlaced\012- data
Hash 0937c5875d6c88a3d404feb575ed0562
557a61d6bda988878f1e28070aac3d901389e63f
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
GET /rsrc.php/v3/yx/r/L0hsXTmQDMQ.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: CTfFh11siKPUBP61de0FYg==
expires: Sun, 10 Sep 2023 01:58:33 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 5vlGS1fBZyiImPxAKLV6uxWII8PWrqsOE1bJo8KU1XFMPwuP9Tv6fpdBO73K5Ou90uURWll23cIgT7xbfZ7XIw==
content-length: 2023
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/9dn8UIjMf-X.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 46 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yZ/r/9dn8UIjMf-X.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (65436)
Hash 88a20edee8ec379d2e766632be0a8450
400338386f5a6f8a5a993681a54e3dd1ad920290
11658d06e9260accd08027a3edc68e06c129671aaaccda7f9b196b21f98a01b0
GET /rsrc.php/v3/yZ/r/9dn8UIjMf-X.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 08 Sep 2023 21:02:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: iKIO3ujsN50udmYyvgqEUA==
x-fb-debug: DfU8WXs4fvO3mOvhi9T55obSupxYbX4W2mbgttwSKE7yGFr19JUm4Sy8NeIixPdRIeDPYuoKemMAs73f40T2wA==
content-length: 46006
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 980f855b82a3d73edc65b71b8f3d113f
9c88299603f12df81ddf8546c75f85246f84aafc
e4af92a1d8ec2c19d16f888343b0f4ba99e9a06c9d57d54a17abb3ca9b50c49e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 07:10:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash cb4db80223f5c6f12e47a44fbf511211
c97746e05cf94928cfc599eb288923845d121f73
4fe06f2a03bb33d672d586de055a12f23d94d0e151cdf08180bc650b810cafa0
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:43 GMT
server: ESF
cache-control: private
content-length: 30722
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e36fdaa68d8690e72f9609bd079b28d4
a88a97f8dc0b38adb46ca69f49820d46730169bb
7a99acca52ef3149ecaaf3cbada4a089c282a36b18f23fae448e8514930c2e2d
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:43 GMT
server: ESF
cache-control: private
content-length: 30928
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash eab551409a08b092849ad9c6c842f646
e7ede43cfdb25ed887db5359a4efca53aa79adf5
3ffcc8a702c34d33ec3eb0a7c821d99750e75f4b8f22e7cc8f8794bfe128aa4b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:44 GMT
server: ESF
cache-control: private
content-length: 30847
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 81bd278e7913daa15c2198baab83c283
fa9118f704eedda22ff20cc08a7c1d3d60916af4
77d742b81f019bf34a9e986cabe784359aa0ba40025f2990b5105f77ac808bd1
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:44 GMT
server: ESF
cache-control: private
content-length: 30807
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 11 Sep 2022 07:10:45 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9c3a6b260ea4ae5eafdd3a9ee10163f5
00485b9ed4ab2a816d6968cb81968bae7f2608d4
1e4e00babed8b182b8bee1e93ee7dbced199816b9437cf36b0f08737a82e4446
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1287
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:45 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3b662f215d392f9dc117df9af826dd48
c949a8c70497812478254644a53ecd201ed3630b
336c8147b57248916d0222ccbd41747de71dbf40a06173660967f175310128fb
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1275
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:45 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 49c3cbb14038b8217a09a4f2bf14f7bc
7ebea4d5f3be03293f0e5e419c8136f573b78b6b
6ed7f66e5381e41e2babb66a7b6ce3612c065256b9e66335fb494e15689cba70
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1191
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:45 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4930e6abf6a954e38dfdd41f0dc5c8f5
8d2f894052bea4b592cda134675bc3e56ec53541
3edcc38393966ed1249dae29ab9db309488a8015e9d8a152cddc697ff20e70bc
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 971
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:45 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 10b8ec99f26dae2c325a281c1e6e471f
aa622d491a297d2c438fdfd058d86e385c765f66
926fe5ffe7f3b1adf0fe18475427436695931800a2f79d48a06f12c71d512489
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1120
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:45 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1a9452e660a942c6860e19e69e7be873
cff86ef770f8b7130708d49d8de036ad8beb5e82
65bf63d6d522ce33eb649ded25bb2ad69a633eae498ad12f1466e1a8042caf06
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1098
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 11 Sep 2022 07:10:45 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12666d69f9af3ceb23fdfc2100bd3226
c4d17e3ea44ef6dee9819c1586424e5f056f149c
054236a4d1f88a486f48b8f3a8ac01d21ec2179d5b1f3fc9791d0982d07a88a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5752
x-amzn-requestid: 622ffff0-1bd5-4eb4-a9ff-eb54c5ae44a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqiFiToAMF0tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f310-49efdcc572b4fad3543f857d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VKsU4S6tKOso216JLUWn7b1bKDyfruIVukt98JooNCjwaXDT9bkPYQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:44:02 GMT
age: 34007
etag: "c4d17e3ea44ef6dee9819c1586424e5f056f149c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
denkodrom.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
83.169.35.10200 OK 0 B URL HTTP/1.1 denkodrom.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 83.169.35.10:0
ASN #20773 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 07:10:41 GMT
Server: Apache
Last-Modified: Mon, 06 Sep 2021 21:18:22 GMT
ETag: "15db1-5cb5a30604c8f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 30908
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.youtube.com/embed/DEROcJF1-NM?rel=0&controls=0
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/DEROcJF1-NM?rel=0&controls=0
IP 142.250.74.14:0
GET /embed/DEROcJF1-NM?rel=0&controls=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 07:10:42 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=nYlHPVcWztk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=lVrLVvfx9rw; Domain=.youtube.com; Expires=Fri, 10-Mar-2023 07:10:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+238; expires=Tue, 10-Sep-2024 07:10:42 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/Ox7ik5Xb-pc?rel=0&controls=0&showinfo=0
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/Ox7ik5Xb-pc?rel=0&controls=0&showinfo=0
IP 142.250.74.14:0
GET /embed/Ox7ik5Xb-pc?rel=0&controls=0&showinfo=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 07:10:42 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=oS7Dv142F1c; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=dXbzsk9FOwM; Domain=.youtube.com; Expires=Fri, 10-Mar-2023 07:10:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+597; expires=Tue, 10-Sep-2024 07:10:42 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/Y88lOwaPq4F.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 0 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/Y88lOwaPq4F.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
GET /rsrc.php/v3/yH/r/Y88lOwaPq4F.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 02:02:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5xKwBgojtsXt47Z+C7hjng==
x-fb-debug: 1f2J/uMKWx2YmqybsCa/CL45v5zyPlsnAMxy4KkD6ARMH/7OAE+lv13N9cDstKF7xQ4fijfUE+m2/JeV7exQtg==
priority: u=3,i
content-length: 90711
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:10:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/sIYDkHEBquA?rel=0&controls=0
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/sIYDkHEBquA?rel=0&controls=0
IP 142.250.74.14:0
GET /embed/sIYDkHEBquA?rel=0&controls=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 07:10:42 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=GWrGM0un1bA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=N8UIYjUqJ5s; Domain=.youtube.com; Expires=Fri, 10-Mar-2023 07:10:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+866; expires=Tue, 10-Sep-2024 07:10:42 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/nt7QAL3KNkQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/nt7QAL3KNkQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
IP 142.250.74.14:0
GET /embed/nt7QAL3KNkQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 07:10:42 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=G_u_o5rZhFU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=0uRcVmXqLDg; Domain=.youtube.com; Expires=Fri, 10-Mar-2023 07:10:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+409; expires=Tue, 10-Sep-2024 07:10:42 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/iUZTEdo21L8
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/iUZTEdo21L8
IP 142.250.74.14:0
GET /embed/iUZTEdo21L8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 07:10:42 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=V-HFMUKe_vY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=gMVPuqy0Mdo; Domain=.youtube.com; Expires=Fri, 10-Mar-2023 07:10:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+744; expires=Tue, 10-Sep-2024 07:10:42 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.wp.com/e-202236.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202236.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 07:10:41 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 28 Aug 2023 02:01:00 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
IP 142.250.74.10:0
GET /css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 07:10:41 GMT
date: Sun, 11 Sep 2022 07:10:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/CaR-3UWI4vw?rel=0&controls=0
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/CaR-3UWI4vw?rel=0&controls=0
IP 142.250.74.14:0
GET /embed/CaR-3UWI4vw?rel=0&controls=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 07:10:42 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=clIDevKR5OI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=lG3sAPt35wU; Domain=.youtube.com; Expires=Fri, 10-Mar-2023 07:10:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+670; expires=Tue, 10-Sep-2024 07:10:42 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2