josefpeters.com/
50.62.198.97301 Moved Permanently 192 B IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 615f8ef44a50aa51f0198ff1d24b69c3
469ba6fe5459de3ee9f920a9dff8136f9b6c2d20
6810c60cced14b2ea31a3c79f3c34fe94de79229badc6e9f71926fd9344daa8c
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Age: 550
Content-Encoding: gzip
Content-Length: 192
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 09 Feb 2023 02:00:45 GMT
Location: https://josefpeters.com/
Vary: User-Agent, Accept-Encoding
X-Backend: local
X-Cache: cached
X-Cache-Hit: HIT
X-Cacheable: YES:Forced
X-Cacheproxy-Retries: 0/2
X-Content-Type-Options: nosniff
X-Php-Version: 7.4
X-Xss-Protection: 1; mode=block
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Thu, 09 Feb 2023 03:06:51 GMT
Date: Thu, 09 Feb 2023 02:09:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16348
Expires: Thu, 09 Feb 2023 06:42:24 GMT
Date: Thu, 09 Feb 2023 02:09:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17936
Expires: Thu, 09 Feb 2023 07:08:52 GMT
Date: Thu, 09 Feb 2023 02:09:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 01:36:46 GMT
content-type: application/json
age: 1990
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JzZSV7kqHIsdNpzYQ5pfz62NcJKW/UJAxWKdY9OlARv09rtphqeRXtcWIYWE96ARblY9HJ/YzLXD0brrLAY0ig==
x-amz-request-id: HX3JF7VT0T251CW2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 01:46:11 GMT
age: 1425
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 02:09:56 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 01:51:21 GMT
age: 1115
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 2c0498b18ce73c66003423115a2444da
ce18f294c793f286f8347847ed15d6f637d4ccb8
2bd74b1e3b36d1d63d3d3aff3665122d9e84a50e29081532c9521aa8502de894
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 09 Feb 2023 02:09:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 08 Feb 2023 21:12:09 GMT
Expires: Thu, 09 Feb 2023 21:12:09 GMT
ETag: "ce18f294c793f286f8347847ed15d6f637d4ccb8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2447
Expires: Thu, 09 Feb 2023 02:50:43 GMT
Date: Thu, 09 Feb 2023 02:09:56 GMT
Connection: keep-alive
josefpeters.com/
50.62.198.97200 OK 18 kB IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 45193575b7de79762d569c2852b99a4f
9d370360868280ed2876c0e92b3af4ea79a562b9
de27052f6df3abd07e29ec108364cbce885a4bd036a9cb70df4c262d3b0368b8
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:41 GMT
content-type: text/html; charset=UTF-8
content-length: 17687
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=300
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dh4wnaoXmJA+LDIEbUvDyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7wtTuw/F5UESpzKay6rUBCOAXww=
josefpeters.com/wp-content/themes/pixel/style.css
50.62.198.97200 OK 3.3 kB URL HTTP/2 josefpeters.com/wp-content/themes/pixel/style.css
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document, ASCII text, with CRLF line terminators
Hash ac587cfb93ec37471f4bf4f7a3833f06
a70364e940b6f2f6ba8e56d8df6c31a612e3bf42
b68da0a3dee3903f0d0b6c3b0e658ec5bd776ab3834b4355e269ccb2a4109a3d
GET /wp-content/themes/pixel/style.css HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:41 GMT
content-type: text/css
content-length: 3330
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "3776-52c7601efcd77-gzip"
last-modified: Tue, 23 Feb 2016 20:43:53 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/plugins/wp-miniaudioplayer/css/miniplayer.css?ver=1.9.7
50.62.198.97200 OK 2.6 kB URL HTTP/2 josefpeters.com/wp-content/plugins/wp-miniaudioplayer/css/miniplayer.css?ver=1.9.7
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
Hash 8f83a8474b1d307a2ed0f790db50cf65
86b54a5f2998ba6522b0a9093822662936ba814b
6ae8008102f351ed951a2dc747272e8e1096c71914f5fab5408d6d94dd601802
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-miniaudioplayer/css/miniplayer.css?ver=1.9.7 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:41 GMT
content-type: text/css
content-length: 2648
accept-ranges: bytes
age: 2214
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "3ad0-5ea8fd9bc9a9a-gzip"
last-modified: Sun, 09 Oct 2022 01:20:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
50.62.198.97200 OK 12 kB URL HTTP/2 josefpeters.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:41 GMT
content-type: text/css
content-length: 12518
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "172a9-5f3171aea4682-gzip"
last-modified: Wed, 25 Jan 2023 14:04:04 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-includes/css/classic-themes.min.css?ver=1
50.62.198.97200 OK 189 B URL HTTP/2 josefpeters.com/wp-includes/css/classic-themes.min.css?ver=1
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:41 GMT
content-type: text/css
content-length: 189
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "d9-5f3171aea1b8a;5927e59c26540
last-modified: Wed, 25 Jan 2023 14:04:04 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
50.62.198.97200 OK 31 kB URL HTTP/2 josefpeters.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:41 GMT
content-type: application/javascript
content-length: 30995
accept-ranges: bytes
age: 2214
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "15e54-5f3171af09ba1;5927e59ff6e40
last-modified: Wed, 25 Jan 2023 14:04:05 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
50.62.198.97200 OK 4.2 kB URL HTTP/2 josefpeters.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:41 GMT
content-type: application/javascript
content-length: 4169
accept-ranges: bytes
age: 2214
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "2bd8-5f3171af05d20-gzip"
last-modified: Wed, 25 Jan 2023 14:04:05 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 982f28198d0d40f63b4fd8189737d3a8
5632d6d7de83958caa31129c51b7f0c0b5814a84
d7e53078f4c0ca4acdae31f04014635e635430054958f2ce7ebd151d1afb65ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7E53078F4C0CA4ACDAE31F04014635E635430054958F2CE7EBD151D1AFB65EE"
Last-Modified: Tue, 07 Feb 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Thu, 09 Feb 2023 08:09:28 GMT
Date: Thu, 09 Feb 2023 02:09:57 GMT
Connection: keep-alive
josefpeters.com/wp-content/themes/pixel/js/sfhover.js?ver=6.1.1
50.62.198.97200 OK 279 B URL HTTP/2 josefpeters.com/wp-content/themes/pixel/js/sfhover.js?ver=6.1.1
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
Hash 9b10af85226b439e5bb47effb89381f3
fd41c640eeced05b756a493a6ad0d75c9ec7533f
791868131fd92d6e0291e68725f79b9f6c1bdd86907e2f8bfc38a90835748247
GET /wp-content/themes/pixel/js/sfhover.js?ver=6.1.1 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:41 GMT
content-type: application/javascript
content-length: 279
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "1ee-52c7601ff7436-gzip"
last-modified: Tue, 23 Feb 2016 20:43:54 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/plugins/wp-miniaudioplayer/js/jquery.mb.miniAudioPlayer.js?ver=1.9.7
50.62.198.97200 OK 31 kB URL HTTP/2 josefpeters.com/wp-content/plugins/wp-miniaudioplayer/js/jquery.mb.miniAudioPlayer.js?ver=1.9.7
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (19411)
Hash 03fae293a69b50cba94895e0bcbbf019
7c459f23c6139dfc833e26b3bf5270467ba8a884
41940580bfe0d66f27f2901ea479f44469f1bcf4b536a36c1023ea68ab3217fd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-miniaudioplayer/js/jquery.mb.miniAudioPlayer.js?ver=1.9.7 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:41 GMT
content-type: application/javascript
content-length: 31425
accept-ranges: bytes
age: 2214
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "1e832-5ea8fd9bbfa71-gzip"
last-modified: Sun, 09 Oct 2022 01:20:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/plugins/wp-miniaudioplayer/js/map_overwrite_default_me.js?ver=1.9.7
50.62.198.97200 OK 1.5 kB URL HTTP/2 josefpeters.com/wp-content/plugins/wp-miniaudioplayer/js/map_overwrite_default_me.js?ver=1.9.7
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
Hash 7f7719de822b69e10ef85210214fd5ca
72697f48ae6a969baab415d6ec9837275624cf76
bc151acf15a1bd9e82c72d41300967c038edd5308d934a3b246ab1101180025c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-miniaudioplayer/js/map_overwrite_default_me.js?ver=1.9.7 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:41 GMT
content-type: application/javascript
content-length: 1450
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "1ba1-5ea8fd9bbfa71-gzip"
last-modified: Sun, 09 Oct 2022 01:20:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.indiefilmscoring.com/josefpeters/wasp/wasp.js
190.2.139.23200 OK 6.4 kB URL HTTP/1.1 www.indiefilmscoring.com/josefpeters/wasp/wasp.js
IP 190.2.139.23:0
ASN #49981 WorldStream B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (13987)
Hash 68db0fcf9e783c24fe7c31d659067744
310fb0d9d81d7c05eccf893811ae8b60017d1299
acd5d67c15ae83d4b97f7f3984b63adcda918a1cbe478b72dffadadb53494c81
GET /josefpeters/wasp/wasp.js HTTP/1.1
Host: www.indiefilmscoring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 09 Feb 2023 02:09:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
X-Powered-By: PHP/7.2.34
Content-Encoding: gzip
josefpeters.com/wp-content/plugins/contus-hd-flv-player/swfobject.js
50.62.198.97200 OK 2.8 kB URL HTTP/2 josefpeters.com/wp-content/plugins/contus-hd-flv-player/swfobject.js
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
Hash 9e78ef5dc3cc31e62c836664b6f19192
9451943fb459c2e1ce5016b75b51dccd6373ca4f
563c37acf64a7d039719de7d767c987dd82565ccbc5f6022a4cb4db235c2b388
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contus-hd-flv-player/swfobject.js HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:41 GMT
content-type: application/javascript
content-length: 2789
accept-ranges: bytes
age: 2213
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "21d5-52c7607853601-gzip"
last-modified: Tue, 23 Feb 2016 20:45:27 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
50.62.198.97200 OK 2.6 kB URL HTTP/2 josefpeters.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11256), with no line terminators
Hash 583529ff412cb2b255fa606024d1133e
8db4b0a0be402cc5e38488528791b73b0c7369d0
6fdf0933a8faf229b277740f401600834c00d0b204f7ed38293cd4abcdb3ea20
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: text/css
content-length: 2592
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "2bf8-5f3171af114b9-gzip"
last-modified: Wed, 25 Jan 2023 14:04:05 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
50.62.198.97200 OK 540 B URL HTTP/2 josefpeters.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1191), with no line terminators
Hash 2029090ac267ecfc20a3c0b884202de9
0ad1d2ea2030ad3c98315a8342168cb0e2c2fca1
a5f0b6001e19c189db4a985f7be8577804f4620edfc4e0812483cf571618607d
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: application/javascript
content-length: 540
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "4a7-5f3171af114b9-gzip"
last-modified: Wed, 25 Jan 2023 14:04:05 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.17
50.62.198.97200 OK 2.3 kB URL HTTP/2 josefpeters.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.17
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6194)
Hash a1e641c778c136da1cec804b127f1f38
5770eba8af0f66363909b995046eaba36477e993
40ae7fef1ef3551142bc86d1e2dd536f22c88b782fa925e4e83caa689d3bd945
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.17 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: application/javascript
content-length: 2284
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "1940-5f3171af12459-gzip"
last-modified: Wed, 25 Jan 2023 14:04:05 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
50.62.198.97200 OK 475 B URL HTTP/2 josefpeters.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash c7aa8936938be0b65781455878aa2085
0066e0c5ed75b3ccd5bb01db5f373d995c217a29
a764eb4204428f671190ad2bc84bcbd86cd9a6bfd05a7ded46bceb651503c508
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: application/javascript
content-length: 475
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "38a-5f3171af12071-gzip"
last-modified: Wed, 25 Jan 2023 14:04:05 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/plugins/wpaudio-mp3-player/wpaudio.min.js?ver=4.0.2
50.62.198.97200 OK 2.1 kB URL HTTP/2 josefpeters.com/wp-content/plugins/wpaudio-mp3-player/wpaudio.min.js?ver=4.0.2
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (6024), with no line terminators
Hash 50fc55efaa6e4d9a42af3b5f1d7af92c
7abc6821b8fa71d2977265b1af51398db1bd2807
ae61aa8f442ff6fc200f3310b409f0e80b212d66091611c7646cb1940e50d50a
GET /wp-content/plugins/wpaudio-mp3-player/wpaudio.min.js?ver=4.0.2 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: application/javascript
content-length: 2069
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "1788-5ea8fd9fae056-gzip"
last-modified: Sun, 09 Oct 2022 01:20:41 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/uploads/2011/06/Joey-in-Brussels-200x300.jpg
50.62.198.97200 OK 20 kB URL HTTP/2 josefpeters.com/wp-content/uploads/2011/06/Joey-in-Brussels-200x300.jpg
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 200x300, components 3\012- data
Hash b26786f5e59bd06a34e670306d0ba66d
24f8b4de9777c5eaa06e5c0d8628a0adee7fdffb
a95dc0c36cc309b9787025f07fc6d1ae100624b2a766d491da15aef82248a01f
GET /wp-content/uploads/2011/06/Joey-in-Brussels-200x300.jpg HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: image/jpeg
content-length: 19901
accept-ranges: bytes
age: 550
content-security-policy: upgrade-insecure-requests
etag: "4dbd-52c760317f0c2"
last-modified: Tue, 23 Feb 2016 20:44:13 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/themes/pixel/images/wpfooter-trans.png
50.62.198.97200 OK 3.1 kB URL HTTP/2 josefpeters.com/wp-content/themes/pixel/images/wpfooter-trans.png
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 7d1c0d64731d4d566141f79342fdf5c1
2c513f5080494f9c5e598e7fbe571ff7928215c8
033e08a9a35cddeead2daef3c586326b6e5e09e56e2be301f41de090470e9824
GET /wp-content/themes/pixel/images/wpfooter-trans.png HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: image/png
content-length: 3127
accept-ranges: bytes
age: 550
content-security-policy: upgrade-insecure-requests
etag: "c37-52c7601dbf779"
last-modified: Tue, 23 Feb 2016 20:43:52 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/themes/pixel/images/rss-trans.png
50.62.198.97200 OK 1.5 kB URL HTTP/2 josefpeters.com/wp-content/themes/pixel/images/rss-trans.png
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 65 x 24, 8-bit/color RGB, non-interlaced\012- data
Hash 9285a6b831c434f144ee07eb1b770cb1
b96f382bbcd7694c375d9cddbfecdcc912a390e8
ab292d1fac2f6eb27b55828cbf8c1b5cbbcff6f565e730e76fe8e35c0cf7d41e
GET /wp-content/themes/pixel/images/rss-trans.png HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: image/png
content-length: 1514
accept-ranges: bytes
age: 550
content-security-policy: upgrade-insecure-requests
etag: "5ea-52c7601e711e1"
last-modified: Tue, 23 Feb 2016 20:43:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
50.62.198.97200 OK 1.2 kB URL HTTP/2 josefpeters.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (4186), with no line terminators
Hash 30d57d7aa11190e44974cce8621f22c7
59f516369877009cce06ca45b1c296944bb674a4
094ae87a3d4cee4a1ddc5cada149c2deacabd4cf2e377b97fe4ca641142258ee
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: text/css
content-length: 1156
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "105a-5f3171af12071-gzip"
last-modified: Wed, 25 Jan 2023 14:04:05 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
50.62.198.97200 OK 39 kB URL HTTP/2 josefpeters.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65266)
Hash 4211d239a2259687579ca8e0c8d738d2
84f17323b43d141c0fb0e4fd64b3a85fc1c1f171
b0167e5a224f4c239420d92b3710617eace267eec448f0a712eba6c3d5664e7e
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: application/javascript
content-length: 38789
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "26935-5f3171af12c29-gzip"
last-modified: Wed, 25 Jan 2023 14:04:05 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
50.62.198.97200 OK 5.0 kB URL HTTP/2 josefpeters.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: application/javascript
content-length: 5009
accept-ranges: bytes
age: 550
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
etag: "48b9-5f3171af166c1-gzip"
last-modified: Wed, 25 Jan 2023 14:04:05 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4db8c5eea8252c02db969bca4905f46d
576390ca9ba16de46c301ed86c841da42a8bea71
f7bc002bcee242228e201a3c4d0edf2a3825629dc221b812b549723397429002
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6438
Cache-Control: max-age=144520
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:09:57 GMT
Etag: "63e3ce57-117"
Expires: Fri, 10 Feb 2023 18:18:37 GMT
Last-Modified: Wed, 08 Feb 2023 16:31:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
josefpeters.com/wp-content/uploads/2012/01/vsx.png
50.62.198.97200 OK 376 kB URL HTTP/2 josefpeters.com/wp-content/uploads/2012/01/vsx.png
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 600 x 322, 8-bit/color RGBA, non-interlaced\012- data
Size 376 kB (375452 bytes)
Hash 8f86e949bb1e9a63285936cae7ee90b2
6b2afd10cbe83bccefa045451eee15da74e4b4fe
9637fd9bbd85e3df4b30711ef121e16c6618af57f734c86876cfd7bc3cba49f5
GET /wp-content/uploads/2012/01/vsx.png HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: image/png
content-length: 375452
accept-ranges: bytes
age: 550
content-security-policy: upgrade-insecure-requests
etag: "5ba9c-52c7603f7cf16"
last-modified: Tue, 23 Feb 2016 20:44:27 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/themes/pixel/images/bgbody.jpg
50.62.198.97200 OK 62 kB URL HTTP/2 josefpeters.com/wp-content/themes/pixel/images/bgbody.jpg
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1400x800, components 3\012- data
Hash 35ebbfca24dc4f851d38f200ccff076e
513a8d73eef0005119eceb07012c071a8a342d3e
f8d4ec854bafb586e3312942e83c5cb7787e682591cafb06bd806c73215fa7c4
GET /wp-content/themes/pixel/images/bgbody.jpg HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/wp-content/themes/pixel/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: image/jpeg
content-length: 61774
accept-ranges: bytes
age: 550
content-security-policy: upgrade-insecure-requests
etag: "f14e-52c7601da9527"
last-modified: Tue, 23 Feb 2016 20:43:52 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/themes/pixel/images/more.gif
50.62.198.97200 OK 307 B URL HTTP/2 josefpeters.com/wp-content/themes/pixel/images/more.gif
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type GIF image data, version 89a, 14 x 14\012- data
Hash 4e72d5dd0b904e2d94d92b117f8fd4e0
69e844aea383ec5a5704d1c6dd8185fab14dbe9b
5f0691a7e25aa43a6ccfa0a5944c93ccdfb43560c025f72a396c970904a7de87
GET /wp-content/themes/pixel/images/more.gif HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/wp-content/themes/pixel/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: image/gif
content-length: 307
accept-ranges: bytes
age: 550
content-security-policy: upgrade-insecure-requests
etag: "133-52c7601deabb7"
last-modified: Tue, 23 Feb 2016 20:43:52 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/themes/pixel/images/bg-trans.png
50.62.198.97200 OK 109 B URL HTTP/2 josefpeters.com/wp-content/themes/pixel/images/bg-trans.png
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash dba12b1021c0b896a4e72930b950790e
a7891c0e464edd7fded88a5db37ffaea2421e956
29dcec04b0b69ee6ab672883c644fa46d7c6d3ff16a22169456e6459b2cd1aea
GET /wp-content/themes/pixel/images/bg-trans.png HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/wp-content/themes/pixel/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: image/png
content-length: 109
accept-ranges: bytes
age: 550
content-security-policy: upgrade-insecure-requests
etag: "6d-52c7601e5b533"
last-modified: Tue, 23 Feb 2016 20:43:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/themes/pixel/images/bggrad.jpg
50.62.198.97200 OK 415 B URL HTTP/2 josefpeters.com/wp-content/themes/pixel/images/bggrad.jpg
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x400, components 3\012- data
Hash cd52e7326bc155ba748df2456381506e
122a9e0a8cd8960cf9cc0b6bed108db052653572
cdc29316beb7f74e4e53645f3f6bb972c318dfc2eaf3d34ae562181d2d561192
GET /wp-content/themes/pixel/images/bggrad.jpg HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/wp-content/themes/pixel/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: image/jpeg
content-length: 415
accept-ranges: bytes
age: 550
content-security-policy: upgrade-insecure-requests
etag: "19f-52c7601e4590b"
last-modified: Tue, 23 Feb 2016 20:43:53 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/2zcFaJGmg0w?list=SP2F2FCF0E84C97696
142.250.74.174200 OK 30 kB URL HTTP/2 www.youtube.com/embed/2zcFaJGmg0w?list=SP2F2FCF0E84C97696
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58632)
Hash e91bfbbc611aa735eeff8503ed104591
6cd4351ee1b60565a29f2fa25c00f41b2604223c
2ad30a697ba5cc45dfa8dfcc48accedde8dce58d0bd98fa5eb5d70e13cadc0f6
GET /embed/2zcFaJGmg0w?list=SP2F2FCF0E84C97696 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=bp_x5gazpRo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOakV3TkRVek5EUTBNQT09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=sOE85nKMic4; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+521; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
josefpeters.com/wp-content/plugins/wpaudio-mp3-player/wpaudio-play.png
50.62.198.97200 OK 258 B URL HTTP/2 josefpeters.com/wp-content/plugins/wpaudio-mp3-player/wpaudio-play.png
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 30 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 8a43128503e42ecd327232e477cf4846
12b1e50f5fbe8e4cf603d27ca41bb941592baa19
abe8ccc4f20b62cb65f8b3e61c6fed171a7c16390c29497d141d4fc79faa1d62
GET /wp-content/plugins/wpaudio-mp3-player/wpaudio-play.png HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: image/png
content-length: 258
accept-ranges: bytes
age: 550
content-security-policy: upgrade-insecure-requests
etag: "102-5ea8fd9fadc6e"
last-modified: Sun, 09 Oct 2022 01:20:41 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/rFEkNOi2YbU?feature=oembed&start=9
142.250.74.174200 OK 44 kB URL HTTP/2 www.youtube.com/embed/rFEkNOi2YbU?feature=oembed&start=9
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 60acd2ec39bc4c67f4d0fb6cec6fcf0e
d55ab3aab798d534257e23cd90dd9457ab3c47c4
3baf6d64188540e97340fa25d09ab3a1876257499d55c450d70149f0b5487831
GET /embed/rFEkNOi2YbU?feature=oembed&start=9 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=hwjsS50t0e8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOVGs1T1RneE56UXdNZz09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=5rYQgMf7Vl8; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+369; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 534115
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
player.vimeo.com/video/103471410
162.159.138.60200 OK 16 kB URL HTTP/1.1 player.vimeo.com/video/103471410
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30713)
Hash a1f9201c6066fb68c77aa2184e813a1a
0d9ee9658c01cffb50bf838da1c9734483f9736b
9d9b199a5ce6971898c4fc42588be3c7ce8806a1283331ef808f5c8a11d7ab96
GET /video/103471410 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 02:09:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Host: player-backend-85d8fc547f-gjngf
X-Player-Backend: g
X-Xss-Protection: 1; mode=block
Via: 1.1 google, 1.1 varnish
Age: 0
X-Served-By: cache-cph2320054-CPH
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675908598.765692,VS0,VE297
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=GeHFuHO95GHwTO0gX.38ILRATCpsK3vPdzmSUdZLWgo-1675908598-0-Ab7rP/RFeOCNEBy0NxxwNrtc72ZM7EOIsmvqgBSmBlAjoJJu7d1sJBskMsn3ivleKKJrLwsIx/88SWRPUEnC3Ok=; path=/; expires=Thu, 09-Feb-23 02:39:58 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 796910dffcabb523-OSL
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:09:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/S23PfVzYXmI
142.250.74.174200 OK 26 kB URL HTTP/2 www.youtube.com/embed/S23PfVzYXmI
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (54672)
Hash 8b9f35c483260476e3351eb4579ca400
0fd04259524b6c62adf294e7dd640bffd1ebdc34
7794680878735d0754979615cfa696ad1a2688d6abc4089fe7645599774c6c9a
GET /embed/S23PfVzYXmI HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'nonce-r-x18_8AtJZ4gLdT4LxzJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=TsH4sL9zHPk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOalk0TURFNE1qYzNOdz09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=_ypYtR5K5SE; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+901; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6788
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 02:09:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6788
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 02:09:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6788
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 02:09:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6788
Expires: Thu, 09 Feb 2023 04:03:06 GMT
Date: Thu, 09 Feb 2023 02:09:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce710ab5746832fe637fada3e6d63abf
d545c85d4a8cf92dc8b88db0a056623d1ef7a943
40bae4a2fb9dd60e9339d15ad0838f3ca83b5b6275c35cd22878b6783fcd6247
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: c3dabd4b-797b-4bbe-8824-5f502ff477b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2aG-IoAMFfnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf5-68de905b2ed5bfe46a87e688;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AX-TsURes3Bn0RrAnH7TnsouJdkcOpbq7f7KAzPMWq4RMBH8FWMz7g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 17:45:22 GMT
age: 30276
etag: "d545c85d4a8cf92dc8b88db0a056623d1ef7a943"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:24:16 GMT
age: 63942
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b11f9f70f5e8af4de6d9fc5b9f50ccbe
753cb08c3f8c7c0750d113253790a08db01986bc
d4b77ba995ea274fd169fc9bc66919b23e72a8edb88d6184bf3d7f3ab398c645
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11036
x-amzn-requestid: 4bd4976c-9500-4d6d-a447-dd2873987d13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswexHCYIAMFzag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-61d430202cbbf52823f38c49;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3U29-_iFXSAoG74d9-pJmmWfVbO6f2Y91lLvi7nXxgNYWKNvbFTRyQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:48:54 GMT
age: 62464
etag: "753cb08c3f8c7c0750d113253790a08db01986bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 764b732e88dd1e9c1824529b24b3dffc
2ba954a51c2972b267ae0536e343e608aa9aa7f4
a1efdf03b14bb05cf8e407b92476592c35fa2d27c5e66705322abdb4c6412a06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8150
x-amzn-requestid: 3834493a-4162-4cc9-b67c-541cc9be895b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8IH0TIAMFWqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb380-3746ff7b0a6894366efa848e;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HNuUU4SaVvuPbW0clgJa6UZ-0zefgWJWfIJEsz_yCfKiCrx2wsu6vA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 09:58:24 GMT
age: 58294
etag: "2ba954a51c2972b267ae0536e343e608aa9aa7f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b42802dc628e38e9631a01b6320040a
c83355f0828815ecbff47d8195d2deed8077e368
d0f093b1769b568a5d68ada359eadfd1ab3360488a20e1deeb99b0a51b649441
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11256
x-amzn-requestid: fc079b98-a94a-4945-8e51-9b5941fda799
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8SEOMIAMFomA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb381-72b83330325d280821ecf4c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tlIxKyJ3tqYVM667Uz4n2OHk2eiLer2Nc7bnFKqJUZcYDoPqjRlagQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 19:24:56 GMT
age: 24302
etag: "c83355f0828815ecbff47d8195d2deed8077e368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb7c8b758fe17f6c06ce2bebb5008495
032d747cf20951f6ca6fd51489fefd7c09c4948d
835d89e028ec4c85a845f2835cb5eddb9653937f6736e2713b671419474608ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12811
x-amzn-requestid: be33f9ef-31cb-4572-9f22-0a433423e195
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChzZFiWIAMFgmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4167b-70ed2a756b8da4372ccc1f83;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:39:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HB03bmBiXVTrYbU01OssMQ_EbKhhFPhoUa-qcze2ZgD9Hr48Q8mEbQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:15:23 GMT
age: 14075
etag: "032d747cf20951f6ca6fd51489fefd7c09c4948d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 02:05:50 GMT
expires: Thu, 09 Feb 2023 02:20:50 GMT
cache-control: public, max-age=900
age: 251
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 09 Feb 2023 02:10:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/sXLJdcoNpDM?feature=oembed
142.250.74.174200 OK 28 kB URL HTTP/2 www.youtube.com/embed/sXLJdcoNpDM?feature=oembed
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 559567dbd4cee76f3033e0e101009002
319e9cd4e197464623720175d624ecd4b9bd53d0
b4e66033df148143617a2e6a01d5aaacea5058c26666c8afcee2970491aac18b
GET /embed/sXLJdcoNpDM?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=1yRUM6CBXmY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOekE1T1RjNU5UTTBNdz09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=_92TDSEdAT4; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+914; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/uBBwW5qKklI?feature=oembed
142.250.74.174200 OK 28 kB URL HTTP/2 www.youtube.com/embed/uBBwW5qKklI?feature=oembed
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 8678015221757d4281975e94bf8bb049
7510c2f617f4e6ce2f671e738f0e27dcbb6a04d3
53d841d41ff527d3694ce08d292d7c203e8a4f98d5eb34e0f4a88e80ab53b16e
GET /embed/uBBwW5qKklI?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=vwn_rtTER7c; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOVGt3TlRVMU56RTNNQT09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Eey2mA4mNTE; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+386; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.sndcdn.com/widget-5-3e51a09aff91.js
18.173.5.65200 OK 2.5 kB URL HTTP/2 widget.sndcdn.com/widget-5-3e51a09aff91.js
IP 18.173.5.65:0
File type ASCII text, with very long lines (6629)
Hash 2d6dd47e83baa6ccd896d07dd3f73bf7
ddad08d54872d37b7ace85f26edd3cc223fd47f8
94874ad00b39fcb0ddf52a4d8040c7c7d8b171c43a6a0336f02148a2e2d0d899
GET /widget-5-3e51a09aff91.js HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 01 Dec 2022 07:01:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 24 Nov 2022 13:01:40 GMT
etag: W/"6f0b75282e490f59b201cd00846450a5"
cache-control: public, max-age=31536000, immutable
x-amz-version-id: I_xaXGDnM2oUfDxYpWikIgMoYbZcc1QW
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c45c96601bcfd826db9b745760473666.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: aNdumKz5oO47wcaDULdldXh8ULfZgXc18i2x4SwqGaxrJC0Hz5oTuQ==
age: 6030489
X-Firefox-Spdy: h2
www.youtube.com/embed/rrZG-NZvsus?feature=oembed
142.250.74.174200 OK 28 kB URL HTTP/2 www.youtube.com/embed/rrZG-NZvsus?feature=oembed
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58638)
Hash a20982d3a5263698564613f30c0cd656
dc35b03fb36749fe821247df86afd89ab62392c1
c29fdc5139e87e505ed866057fa7054e27c2add9cbd8878c34470d343c740434
GET /embed/rrZG-NZvsus?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=4SSmKOwZxAw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=bxcsu4mDw-U; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOVGd4TlRRM01qZzRPUT09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+805; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/SlwSO9sT0gs?feature=oembed
142.250.74.174200 OK 28 kB URL HTTP/2 www.youtube.com/embed/SlwSO9sT0gs?feature=oembed
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash afb6145ffbdcb48a5de1dec7225e2932
7bba87a689a6cbc9fd331bc9982cc7119f34655e
998669324c876f7aaefa2043bf05bf4b753b782608a937dc994046e693819c3c
GET /embed/SlwSO9sT0gs?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=LyJkrGJ89o4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=t8Sw-ASYvpQ; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOamsxTkRrd09UTTRNZz09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+984; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/X85kyvDyy8Y?feature=oembed
142.250.74.174200 OK 63 kB URL HTTP/2 www.youtube.com/embed/X85kyvDyy8Y?feature=oembed
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (54704)
Hash cbd66d477a45ac231adab2cd6643c0eb
444c0df49f294f640114b2f04bbe5d4c4595817b
046bf553e4c42a9004ce297f6409eae8743b2d7122d0435a43430d94f5fa9d2e
GET /embed/X85kyvDyy8Y?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=NCk5UVtcl8I; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=OxxcfSVz3rA; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOekV5TXpFNU16SXlNZz09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+136; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=97586
142.250.74.46200 OK 237 B URL HTTP/2 redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=97586
IP 142.250.74.46:0
File type ASCII text, with no line terminators
Hash 15c3a70a76b6cec61031f6637601b11b
c21bbfa56e33d846e32dc4b78d8d9b19bbe524b0
791f9c96b50b71a176f313ff2e31964f3102d504e86a8501afb0ae516a87bbe0
GET /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=97586 HTTP/1.1
Host: redirector.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 02:10:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
content-type: text/plain; charset=UTF-8
content-encoding: gzip
server: ClientMapServer
content-length: 237
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/XHpVjJ_b7Wg?feature=oembed
142.250.74.174200 OK 28 kB URL HTTP/2 www.youtube.com/embed/XHpVjJ_b7Wg?feature=oembed
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58646)
Hash cbafd95155e0f7c1df68c5c196152d11
6568735b27b84998aba9f8b60178c0fc83b94531
80414ceda43d9c9c77106a2d52e641670b957de6019d9604e26cbdad5fba5415
GET /embed/XHpVjJ_b7Wg?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=cLi-Hcc0O2w; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOakF4TnpFNU1UQTFNQT09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=CJsFNxVw2pQ; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+185; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ecebfb143632c01bff45e64e6dea00f2
18f69e83a59db8e1399f72a7d80fba6d7b51385c
3cd5ce918e9876bef1c8eeee631b9c9dd12dd2310519cc4c04076e31cdfa8542
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 09 Feb 2023 02:10:01 GMT
server: ESF
cache-control: private
content-length: 30922
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash da7ec6cdfb8eb8618e25bd1233622b0e
fa69c0711b2ad58b96ffbcaa8c1c8e617415712d
39ea51794254bafd67a8070483a664e61f63d5a7b15b8b083a109564641c11ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash cb6d0d89e12e03c210a2a10aa2ad3d70
fa2db22c3411b71fcc67e5f1a5c430c5f95b1de1
84a85efe10ed03f11885927f82f9dc97b6583e1f142f92b354cf1c3cdea63b03
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 09 Feb 2023 02:10:01 GMT
server: ESF
cache-control: private
content-length: 30733
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/rFEkNOi2YbU/sddefault.jpg
142.250.74.150200 OK 32 kB URL HTTP/2 i.ytimg.com/vi/rFEkNOi2YbU/sddefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash fc94644f6875e45885f3ca4d922a85c0
a8cb49f3d6206ec9c78e6dfb0e255454e3ebe47a
a387eed78536f638576c9d8eac51cf72798bd3264464958bac9bf28dbc383a14
GET /vi/rFEkNOi2YbU/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 31597
date: Thu, 09 Feb 2023 02:10:01 GMT
expires: Thu, 09 Feb 2023 04:10:01 GMT
cache-control: public, max-age=7200
etag: "1498077308"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash da7ec6cdfb8eb8618e25bd1233622b0e
fa69c0711b2ad58b96ffbcaa8c1c8e617415712d
39ea51794254bafd67a8070483a664e61f63d5a7b15b8b083a109564641c11ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/bDAsl5Y2ErM/sddefault.jpg
142.250.74.150200 OK 26 kB URL HTTP/2 i.ytimg.com/vi/bDAsl5Y2ErM/sddefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 8e92eebd06209b5616c50f5a277c3350
c9a07a353e3c31e1927225606ab4f40d17ef7ff5
45a07843674dffbd238e06b7cc06ca83e0cececeab330d786fafd5e964b91fde
GET /vi/bDAsl5Y2ErM/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 25919
date: Thu, 09 Feb 2023 02:10:01 GMT
expires: Thu, 09 Feb 2023 04:10:01 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36180)
Hash 6caf3ddf47bad942732577bf1cd634ed
5930e4cdb4173c5ffa3f9e2eaf7ecc147623dd0c
cc13b4b51d92ba1992ec59da7b670f2a66cf5ffd4907061f911349e925a218b7
GET /js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:52:36 GMT
expires: Wed, 07 Feb 2024 08:52:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
content-type: text/javascript
age: 148645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AL5GRJVBVdSIg4skMDeIk0_saR5CQ1ZBdNs3R1efssckkQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.9 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJVBVdSIg4skMDeIk0_saR5CQ1ZBdNs3R1efssckkQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash ae04270989a6e4289d59c1ca5cc27f71
501e76f2c8297d7657dd12d7bd549a140359f3c8
90e0aeb39e565741b49b8380c6ec09a8b768f3d80ea1c817c9fbe725e793b877
GET /ytc/AL5GRJVBVdSIg4skMDeIk0_saR5CQ1ZBdNs3R1efssckkQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2883
x-xss-protection: 0
date: Thu, 09 Feb 2023 01:51:46 GMT
expires: Tue, 24 Jan 2023 07:46:52 GMT
cache-control: public, max-age=86400, no-transform
age: 1095
etag: "v385"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AL5GRJXcW_oMLgn4bS19ft7PHQxBTZHJ8hIIq0sr0A=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 978 B URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJXcW_oMLgn4bS19ft7PHQxBTZHJ8hIIq0sr0A=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash a0704ec7a9752498671b7b4bdafb88fd
d4a9a24753689c0510e38b8d542a74893bb30fa0
d5263d2e31b94ef6cef343ae36a06c524693c34e2d91bd191003ba211ae89053
GET /ytc/AL5GRJXcW_oMLgn4bS19ft7PHQxBTZHJ8hIIq0sr0A=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 10 Feb 2023 02:10:02 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 02:10:02 GMT
server: fife
content-length: 978
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.sndcdn.com/assets/images/logo-200x120-3190df52.png
18.173.5.65200 OK 3.7 kB URL HTTP/2 widget.sndcdn.com/assets/images/logo-200x120-3190df52.png
IP 18.173.5.65:0
File type PNG image data, 200 x 120, 8-bit gray+alpha, non-interlaced\012- data
Hash a1591e5274b36cfbae3e167dffe49970
ad535777f813aae6727b416f821d727c854646e6
a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50
GET /assets/images/logo-200x120-3190df52.png HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3745
date: Thu, 29 Dec 2022 19:11:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 28 Dec 2022 12:21:52 GMT
etag: "a1591e5274b36cfbae3e167dffe49970"
cache-control: public, max-age=31536000, immutable
x-amz-version-id: 8q3aMDh10.RQOIjw8Pz37..sysFbwcFW
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c45c96601bcfd826db9b745760473666.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: VvIhctvgJJej3mx8LKe6yC8s8cZaoRHAwrSQiGGOSmfqhgvOOmMiKw==
age: 3567505
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 567c73657ac9e214c141a0b402c3f945
83e296568e49db82808451d3b1aea882e312b3c9
929f06f7678584b9e6e95d13b289a56fdce004344cb34427e38071b51bb163f5
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 09 Feb 2023 02:10:02 GMT
server: ESF
cache-control: private
content-length: 30670
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.20.1/css/player.css
151.101.86.109200 OK 20 kB URL HTTP/2 f.vimeocdn.com/p/4.20.1/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash 783fbab4ee9a528880e574276ae761ac
39704522a9864c2cd79b93ce5df88bc26f0f2044
f6f7ec351cd2977f4841aef23c4d746d56f9798366b29e09b3b307ae1253f391
GET /p/4.20.1/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 09 Feb 2023 02:10:02 GMT
age: 40588
x-served-by: cache-iad-kjyo7100088-IAD, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 11262
x-timer: S1675908602.313929,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20261
X-Firefox-Spdy: h2
josefpeters.com/wp-content/uploads/2021/10/Shung-Chi-768x431.png
50.62.198.97200 OK 617 kB URL HTTP/2 josefpeters.com/wp-content/uploads/2021/10/Shung-Chi-768x431.png
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 768 x 431, 8-bit/color RGBA, non-interlaced\012- data
Size 617 kB (616820 bytes)
Hash d095bb0a72b061e737170016e68f3a80
8a21b0ba9e085aa76b56407e2651bd19af1e278d
6acde8706b7317c7bda3d79c602337e7135ee127c9c1bebc4ad3bccad6717d40
GET /wp-content/uploads/2021/10/Shung-Chi-768x431.png HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: image/png
content-length: 616820
accept-ranges: bytes
age: 550
content-security-policy: upgrade-insecure-requests
etag: "96974-5ce202262e1b1"
last-modified: Tue, 12 Oct 2021 04:18:14 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/wp-content/uploads/2021/10/Screen-Shot-2021-09-25-at-1.48.28-PM.png
50.62.198.97200 OK 637 kB URL HTTP/2 josefpeters.com/wp-content/uploads/2021/10/Screen-Shot-2021-09-25-at-1.48.28-PM.png
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 814 x 377, 8-bit/color RGBA, non-interlaced\012- data
Size 637 kB (636665 bytes)
Hash de2da5738c4490320dd767ecb7466196
a662a6fb94ca5352934716a40c21120c1b81bf27
08a6950030132b723c09642ebd697de2e362883e65d1eca399284fbf1bb37285
GET /wp-content/uploads/2021/10/Screen-Shot-2021-09-25-at-1.48.28-PM.png HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: image/png
content-length: 636665
accept-ranges: bytes
age: 550
content-security-policy: upgrade-insecure-requests
etag: "9b6f9-5ce20239b204e"
last-modified: Tue, 12 Oct 2021 04:18:35 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
josefpeters.com/favicon.ico
50.62.198.97200 OK 822 B URL HTTP/2 josefpeters.com/favicon.ico
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type PC bitmap, Windows 3.x format, 16 x 16 x 24, image size 768, resolution 7874 x 7874 px/m, cbSize 822, bits offset 54\012- data
Hash e1e8bdc3ce87340ab6ebe467519cf245
6cd6fa4c9ccb80024d57721a3914ef18206fda4c
c3aece6f00821bd986da195aa15e2b0891b2c81a862cccf2a3069204b9a92186
GET /favicon.ico HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 09 Feb 2023 02:10:43 GMT
content-type: image/x-icon
content-length: 822
accept-ranges: bytes
age: 0
content-security-policy: upgrade-insecure-requests
etag: "336-52c76018c6dcd"
last-modified: Tue, 23 Feb 2016 20:43:47 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
widget.sndcdn.com/widget-8-3d93ee42728a.js
18.173.5.65200 OK 1.6 kB URL HTTP/2 widget.sndcdn.com/widget-8-3d93ee42728a.js
IP 18.173.5.65:0
Hash 2cb9fb7e25cd5ffe097eadca1af78760
485e4820d1c5888d9c1fbb9067a3dbc12167ad89
a5e157ab6df07c0fce4aec569fa16ae3cbea834d14090ae24d3f0aac9db537d4
GET /widget-8-3d93ee42728a.js HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 07 Feb 2023 13:38:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 07 Feb 2023 13:33:56 GMT
etag: W/"010196fec378488b096780ab80ee0a38"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000, immutable
x-amz-version-id: aVyEXDxcD4hB1nAsh2rKgXv.FqXKXSY9
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c45c96601bcfd826db9b745760473666.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: CGVN0mNfl2IJ0aJHuIBB9ZlMMqnjXlo-QeWg0eQ7AoGJCTet3giNqw==
age: 131476
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.20.1/js/player.module.js
151.101.86.109200 OK 119 kB URL HTTP/2 f.vimeocdn.com/p/4.20.1/js/player.module.js
IP 151.101.86.109:0
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 119 kB (118596 bytes)
Hash 25674fb1705301904ab53fea9f76710d
f16c53a60286d2952fa7ecc2ab0345f9950d3a53
573b0a8b02990d05d7b5fc4d897b56c4c67e8958af94c1883b153f8c2a223316
GET /p/4.20.1/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 09 Feb 2023 02:10:02 GMT
age: 40588
x-served-by: cache-iad-kcgs7200067-IAD, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 9754
x-timer: S1675908603.679630,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 118596
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.20.1/js/vendor.module.js
151.101.86.109200 OK 92 kB URL HTTP/2 f.vimeocdn.com/p/4.20.1/js/vendor.module.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (65457)
Hash 90d3992736d915399b9344f16788de91
4d16cee64791ee9ac087de9d35d9e856ea7b9c90
c9da168eb4a8a5401e64a3551b3e3e27f269f63b52a47bd95f6c998dc58567b6
GET /p/4.20.1/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 09 Feb 2023 02:10:03 GMT
age: 40589
x-served-by: cache-iad-kjyo7100089-IAD, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 10564
x-timer: S1675908603.076382,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 92504
X-Firefox-Spdy: h2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 985 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash 0541e0ff8702adadfd34ee8c298afbdf
c10da432fdb8736622c8c1fb7708b2599cae882c
967903be4f14e85fe685577417cf83d53b5363e5f02baa3b2242c19a7030b652
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 09 Feb 2023 02:10:03 GMT
age: 1971169
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 4460, 150352
x-timer: S1675908604.569640,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 985
X-Firefox-Spdy: h2
i.vimeocdn.com/video/485724214-6603c5fad728e005dacba2a7dd438ba77c68c2872e045b5b7d38ac25a9589642-d?mw=500&mh=281
151.101.86.109200 OK 22 kB URL HTTP/2 i.vimeocdn.com/video/485724214-6603c5fad728e005dacba2a7dd438ba77c68c2872e045b5b7d38ac25a9589642-d?mw=500&mh=281
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash 22d6478b2b926eaaad9a2327dec39767
25fed36858797850baade3041a757ed7e73e160d
517613cc348f8ec76fdf4bb381240ae55d6a5400f832f679be9687bba270a0ed
GET /video/485724214-6603c5fad728e005dacba2a7dd438ba77c68c2872e045b5b7d38ac25a9589642-d?mw=500&mh=281 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 22d6478b2b926eaaad9a2327dec39767
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-east1-v5gt
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Thu, 09 Feb 2023 02:10:03 GMT
age: 478883
x-served-by: cache-dfw-kdfw8210120-DFW, cache-bma1625-BMA
x-cache: miss, HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675908604.601971,VS0,VE251
vary: Accept
content-length: 21467
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.66.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: emAkzc02wDoi/4j+kNkFMQFgRL5PN5RT68FVYAmgTzQXT7TFZy0VlLzQFV0kvFgsR9Av3cedyZ4=
x-amz-request-id: 33WCNDX1WCTE0BBA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 09 Feb 2023 02:10:03 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 216
x-timer: S1675908604.938640,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
api-widget.soundcloud.com/assignments/403757-592992-428114-806841?layers=widget_listening&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1675776814
54.230.110.55200 OK 139 B URL HTTP/1.1 api-widget.soundcloud.com/assignments/403757-592992-428114-806841?layers=widget_listening&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1675776814
IP 54.230.110.55:0
File type JSON data\012- , ASCII text, with very long lines (615), with no line terminators
Hash 99978a053ca4424e6c1029457fae7c7e
9507fdb81f1c214ae3d55c5062b62e3b0a3f54c4
d4ae8f0649e51a3829d9f635d6efd4593775bf30ac27526adb057efebc42ec03
GET /assignments/403757-592992-428114-806841?layers=widget_listening&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1675776814 HTTP/1.1
Host: api-widget.soundcloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Date: Thu, 09 Feb 2023 02:10:03 GMT
x-px-score: 0
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=0jV3lIO9dJW6-x_uZaW6k1CJMgjbSYegrVf1MJ7cLePCHPSyxUwQZYYdcxf6QoMBhNIBceHiPEbcQ-rvI9lK23aQLdn4Nt8OiUzUhBnk36HbBgznT~LpHDJZm2B2TxZm; Max-Age=31536000; Domain=.soundcloud.com; Path=/; Secure; SameSite=Lax
x-robots-tag: noindex
Cache-Control: private, max-age=0
referrer-policy: no-referrer
x-frame-options: DENY
access-control-max-age: 1728000
x-content-type-options: nosniff
access-control-allow-origin: https://w.soundcloud.com
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-expose-headers: Date
access-control-allow-credentials: true
Content-Encoding: gzip
strict-transport-security: max-age=63072000
Server: am/2
Vary: Origin
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YMph3zW-b23YDbauG1eC5-gb9h9nk6mtjtM8EOL6k6rTNfaadKhtWw==
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP 142.250.74.163:0
Hash 2906530b2fe89c3c8c6b392eb33f2b32
21d91838605851a492c0b598aef02e6c5bb5b365
f0f1f3fdbff27a88abf0255c6fc17bbce7820ba5e298680fbb0e953c71e1694a
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
josefpeters.com/wp-content/uploads/2015/02/SwimTuneIn-Computer.m4v?_=2
50.62.198.97206 Partial Content 110 B URL HTTP/2 josefpeters.com/wp-content/uploads/2015/02/SwimTuneIn-Computer.m4v?_=2
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
File type gzip compressed data, max compression\012- data
Hash a0dae1ebc48568c38941abc052fc2e43
1afa6712b69639ed43fe81073ad3b5c1ea416791
756b732bf26895ffb68fc00ecbcfd9582d2b8de430c40592e44d2b38dd496c9c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2015/02/SwimTuneIn-Computer.m4v?_=2 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: video/x-m4v
content-length: 4995728
accept-ranges: bytes
age: 550
content-range: bytes 0-4995727/4995728
content-security-policy: upgrade-insecure-requests
etag: "4c3a90-52e19e6bfb65e"
last-modified: Tue, 15 Mar 2016 17:41:03 GMT
strict-transport-security: max-age=300
vary: User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=ec55afc8a8a6c2a938c84f8a184e35085991b3371675908597
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=ec55afc8a8a6c2a938c84f8a184e35085991b3371675908597
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=ec55afc8a8a6c2a938c84f8a184e35085991b3371675908597 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1252
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Thu, 09 Feb 2023 02:10:04 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP 142.250.74.163:0
Hash 2906530b2fe89c3c8c6b392eb33f2b32
21d91838605851a492c0b598aef02e6c5bb5b365
f0f1f3fdbff27a88abf0255c6fc17bbce7820ba5e298680fbb0e953c71e1694a
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28ae39b238f62d6c0aee7bb16ff863d5
3c2247e40747c3ca72dd7877facee9a9fecf0f59
c530ba92455ea45e14410f497d2df04cc1321e2937cc7e81aa75f4fc14206a7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3014
x-amzn-requestid: bec40915-584b-48fc-94c2-293e96567474
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKGrGoAMFelg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-2250ff00772341353151dd34;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lmJxNCnPKUD5O4HCWIjqeVaanXL50KZ60Xu1iOC6bisRBDJNkVXvww==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:42:38 GMT
etag: "3c2247e40747c3ca72dd7877facee9a9fecf0f59"
content-type: image/jpeg
age: 16047
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6d2882874c540bdd4eaf9dd79ca3eb4
89edbe4e8d708c0588ad6bf0825f52b53fae05e6
6ca668b7e754592f44143418013e193fdba8469c01981427a0d2e707970039c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2875
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 02:10:05 GMT
Last-Modified: Thu, 09 Feb 2023 01:22:10 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
widget.sndcdn.com/widget-0-86f01e491df9.js
18.173.5.65200 OK 0 B URL HTTP/2 widget.sndcdn.com/widget-0-86f01e491df9.js
IP 18.173.5.65:0
GET /widget-0-86f01e491df9.js HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 07 Feb 2023 13:38:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 07 Feb 2023 13:33:55 GMT
etag: W/"f07ae06cabac985991a62af1cd50e18f"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000, immutable
x-amz-version-id: 1OVXPLpD6N5AUtRe4gkymMQ93chYHxfK
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c45c96601bcfd826db9b745760473666.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: Q99cHC_muZgmxSkau8L_bO_A_kRfeAsd8gePQkLLaIMKdDXAihzYxQ==
age: 131479
X-Firefox-Spdy: h2
w.soundcloud.com/player/?url=http%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F81215821
54.230.111.55200 OK 0 B URL HTTP/2 w.soundcloud.com/player/?url=http%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F81215821
IP 54.230.111.55:0
GET /player/?url=http%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F81215821 HTTP/1.1
Host: w.soundcloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
via: sssr, 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
cache-control: public, max-age=300
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=63072000
server: am/2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MrN1DpyaT3tKU_PgyJKplGlvQCSyERKJt7QvJlcj7gOGpUTsx0CY6w==
X-Firefox-Spdy: h2
widget.sndcdn.com/widget-9-5f32beae7c9c.js
18.173.5.65200 OK 0 B URL HTTP/2 widget.sndcdn.com/widget-9-5f32beae7c9c.js
IP 18.173.5.65:0
GET /widget-9-5f32beae7c9c.js HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 07 Feb 2023 13:38:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 07 Feb 2023 13:33:56 GMT
etag: W/"339ede8c44c91e90b2786dc3132bc9f8"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000, immutable
x-amz-version-id: ZVPTuuxSPMpzzl2eWdjZlP9kXaeEgPTR
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c45c96601bcfd826db9b745760473666.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: KsPYDU5768vzSF7pv2qZlMfUCiJyC2tvXbARlH0YgncETlY_knXAfA==
age: 131476
X-Firefox-Spdy: h2
www.youtube.com/embed/sd7enVeEGP8?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=1&theme=dark
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/sd7enVeEGP8?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=1&theme=dark
IP 142.250.74.174:0
GET /embed/sd7enVeEGP8?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=1&theme=dark HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://josefpeters.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=scIsOzfFxUQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOamt4TlRZeU5qazJNZz09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=tPJCrdf_qtM; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+763; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/bDAsl5Y2ErM?rel=0
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/bDAsl5Y2ErM?rel=0
IP 142.250.74.174:0
GET /embed/bDAsl5Y2ErM?rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=TujTOaVdAt8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=xH5DVt6Boew; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOekk0TnpFd056YzVPQT09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+192; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.sndcdn.com/widget-1-7dd4f06cce6d.js
18.173.5.65200 OK 0 B URL HTTP/2 widget.sndcdn.com/widget-1-7dd4f06cce6d.js
IP 18.173.5.65:0
GET /widget-1-7dd4f06cce6d.js HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 06 Dec 2022 08:08:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 02 Dec 2022 13:11:35 GMT
etag: W/"cbc8cd45c617155bd027e3ded04ea941"
cache-control: public, max-age=31536000, immutable
x-amz-version-id: L11r5hMQjPMGUbIv1V._yi6GgUr73bMf
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c45c96601bcfd826db9b745760473666.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: jZZa4rMHC5NvL3kkkvzj2Zpz-kbHo54R9GD0CwPuV8emZlV93uZ1UQ==
age: 5594501
X-Firefox-Spdy: h2
www.youtube.com/embed/6TxEM74wEa8?list=PLAD3A1AD1D428C9B1&hl=en_US
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/6TxEM74wEa8?list=PLAD3A1AD1D428C9B1&hl=en_US
IP 142.250.74.174:0
GET /embed/6TxEM74wEa8?list=PLAD3A1AD1D428C9B1&hl=en_US HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=wKdYsJtFOCY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOakV4TVRNMU5UTTVNdz09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=iWCAAn-IDZM; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+253; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/NiQXztoen2I
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/NiQXztoen2I
IP 142.250.74.174:0
GET /embed/NiQXztoen2I HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 02:09:57 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=k9UXZgTDq_8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprM01qWXhOVGMxTkRVd01Ea3hPUT09EPWrkZ8GGPWrkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=7Tu4mtwyXAA; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 02:09:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+013; expires=Sat, 08-Feb-2025 02:09:57 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
josefpeters.com/wp-content/uploads/2016/08/Petes-Dragon.mp4?_=1
50.62.198.97206 Partial Content 0 B URL HTTP/2 josefpeters.com/wp-content/uploads/2016/08/Petes-Dragon.mp4?_=1
IP 50.62.198.97:0
ASN #398101 GO-DADDY-COM-LLC
GET /wp-content/uploads/2016/08/Petes-Dragon.mp4?_=1 HTTP/1.1
Host: josefpeters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://josefpeters.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: openresty
date: Thu, 09 Feb 2023 02:10:42 GMT
content-type: video/mp4
content-length: 2210565
accept-ranges: bytes
age: 550
content-range: bytes 0-2210564/2210565
content-security-policy: upgrade-insecure-requests
etag: "21bb05-53b27c1093e8c"
last-modified: Sun, 28 Aug 2016 20:40:11 GMT
strict-transport-security: max-age=300
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2