globaldugunsalonu.de/
136.243.20.96301 Moved Permanently 162 B IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Sep 2022 00:57:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://globaldugunsalonu.de/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8890
Expires: Wed, 07 Sep 2022 03:26:05 GMT
Date: Wed, 07 Sep 2022 00:57:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 00:02:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fFxw0Vb_O1zDizdprtfgv8u03RNTvnXNNlG96-0L23QuC9rhcJc2bw==
Age: 3303
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d-F-4bmGjq0z0KxX6Dis_1bzU3Ed4Z8L38S7D3QhDgrtoVeEAI3vQg==
age: 85358
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe4a33a1b328ea32c40924517ea14c1
b490b5c6474fa57546157b2e0cf369e1fc6b56b4
3eb559ad738e12450f3fec65d485f2c785321e6203f0dc410ebcddd46c06b08f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3EB559AD738E12450F3FEC65D485F2C785321E6203F0DC410EBCDDD46C06B08F"
Last-Modified: Sun, 04 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Wed, 07 Sep 2022 06:56:59 GMT
Date: Wed, 07 Sep 2022 00:57:55 GMT
Connection: keep-alive
globaldugunsalonu.de/
136.243.20.96200 OK 6.0 kB IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (311), with CRLF line terminators
Hash a314ea335cc763edc06d13532e92f54b
e5106c4e438c0f04040cb772b85791b6c961bb6a
118ce1cc1fa70a3f28384812183e381103c0f4dac8f2505adeb462cf4b16e276
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/html; charset=UTF-8
content-length: 6041
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: global dugun salonu, PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/ui/1.11.4/jquery-ui.js
69.16.175.10200 OK 114 kB URL HTTP/2 code.jquery.com/ui/1.11.4/jquery-ui.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (547)
Size 114 kB (114093 bytes)
Hash 0e45b665669abd2d0dd45fed0e5f0199
d4167d336e4cd359a99daaf01006f59a5e8bc062
cec192e20cf22c995517ee84d3b5a4715f4ad3affb902436b3ee32456e309978
GET /ui/1.11.4/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 00:57:55 GMT
content-encoding: gzip
content-length: 114093
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd700-72e44"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1662512275.dop021.sk1.t,1662512275.cds202.sk1.hn,1662512275.cds247.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
globaldugunsalonu.de/js/mainmenu/menu.css
136.243.20.96200 OK 20 kB URL HTTP/2 globaldugunsalonu.de/js/mainmenu/menu.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 6ae5092016259cce58f77e4f329e19f3
b36330b168ef0e385946d5566534a41e8772aa0f
a66767ae766df56ce05c119683474e4a6c469fb81c7eb904418dc19d3396f4cf
GET /js/mainmenu/menu.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 20247
last-modified: Wed, 27 Nov 2019 11:36:36 GMT
etag: "5dde5fc4-4f17"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/responsive-leyouts.css
136.243.20.96200 OK 48 kB URL HTTP/2 globaldugunsalonu.de/css/responsive-leyouts.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash d4fb9a9e45b01d800d982964566dd5ad
e97151c7389233d3a7b492c171d9c7669860faea
c0fa6e601ba79cfbc706491df56d46abcf94d8382e8f24bdf880ee40189d6ea4
GET /css/responsive-leyouts.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 48294
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-bca6"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 07 Sep 2022 00:38:18 GMT
Cache-Control: max-age=3600
Expires: Wed, 07 Sep 2022 00:48:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kIaXKo2J6YbpFAe2aTVHzqiWIrX0qsx2xHWS4IpdwRuke4hpr59kug==
Age: 1177
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3690
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:55 GMT
Last-Modified: Tue, 06 Sep 2022 23:56:25 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
globaldugunsalonu.de/css/shortcodes.css
136.243.20.96200 OK 21 kB URL HTTP/2 globaldugunsalonu.de/css/shortcodes.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash e1e5db21564f906e82100fe1d2440eed
0841824f0a0c2bfc13e1e4da9a980aaa1e132b7b
0966fabb44e7cf6edf02371246f68f1ddcf87f0feb7ac1559e73e73c3b7e1dc3
GET /css/shortcodes.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 21131
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-528b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/font-awesome/css/font-awesome.min.css
136.243.20.96200 OK 24 kB URL HTTP/2 globaldugunsalonu.de/css/font-awesome/css/font-awesome.min.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (23577), with CRLF line terminators
Hash f667e6132f8470a39d2395b81ab4ef09
3e435d5167460aaf367836e1973e90a47039faea
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7
GET /css/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 23742
last-modified: Thu, 01 Jun 2017 20:22:34 GMT
etag: "5930778a-5cbe"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/bootstrap/bootstrap.min.css
136.243.20.96200 OK 116 kB URL HTTP/2 globaldugunsalonu.de/js/bootstrap/bootstrap.min.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65367), with CRLF line terminators
Size 116 kB (116120 bytes)
Hash c5dbd3731a680a1edd84b8cfa71ef238
f7eacf3a9b73512d3de368be41f7b580083f058e
4c65b5252f9af4b95b218def505b68bedc807d741397be7b5cee3f65683fd81f
GET /js/bootstrap/bootstrap.min.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 116120
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-1c598"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/style/masterslider.css
136.243.20.96200 OK 58 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/style/masterslider.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 6d8d5b9259eecfb3cad5359f876455fa
ba93ddb5f3645c27883c1f257533716294294b20
9314f06b3521dd07dfb56771bded554678880bb4e74f5c4fdb6bd1f3ba2d4156
GET /js/masterslider/style/masterslider.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 57702
last-modified: Wed, 27 Nov 2019 11:38:42 GMT
etag: "5dde6042-e166"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/Simple-Line-Icons-Webfont/simple-line-icons.css
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/css/Simple-Line-Icons-Webfont/simple-line-icons.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2600), with CRLF line terminators
Hash 925397028c82f9becaaf576dc7034acb
9d989ac7ef95dac8cbfb3b8ae837d92093809e8c
bb1b54f441f134201c3495fcb8a28ae197861429237dc3ea62ca25d87e7037d3
GET /css/Simple-Line-Icons-Webfont/simple-line-icons.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 11557
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-2d25"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/cubeportfolio/cubeportfolio.min.css
136.243.20.96200 OK 86 kB URL HTTP/2 globaldugunsalonu.de/js/cubeportfolio/cubeportfolio.min.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (756), with CRLF line terminators
Hash d07afc4c2c06c1cd5023e7323ae8f081
ea34d919a2bea0be54480f61c90c876ab135b166
a29a1826b3e3c88c3aeb2317bbf3e18b3fe72787f76c7f69ee9b46ac906a63de
GET /js/cubeportfolio/cubeportfolio.min.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 85537
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-14e21"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/owl-carousel/owl.carousel.css
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/js/owl-carousel/owl.carousel.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash d39643e9ac5bde4257e4fb947c81d690
ee89b09974f7da4426d3e0fb372934fdd1cd11ae
09396b8514566fe0ba5418240609d9926062281781b3928aa10f508c766f3ce7
GET /js/owl-carousel/owl.carousel.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 12024
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "5930779c-2ef8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/colors/lightblue.css
136.243.20.96200 OK 1.0 kB URL HTTP/2 globaldugunsalonu.de/css/colors/lightblue.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type assembler source, ASCII text, with CRLF line terminators
Hash 4e7b5e6b0938549c311f12fdc9400a4a
a8b1bf27dc00ebf71d0c69aaf6044c03b9db746b
3742c2f8ef88e0a0f6e8739a198af7ecd07430e3fa4cc820c54592035cc7eba5
GET /css/colors/lightblue.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 1026
last-modified: Wed, 27 Nov 2019 11:38:42 GMT
etag: "5dde6042-402"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/et-line-font/et-line-font.css
136.243.20.96200 OK 7.4 kB URL HTTP/2 globaldugunsalonu.de/css/et-line-font/et-line-font.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1512), with CRLF line terminators
Hash 6cd6db7ff6e40c7868819acc1290b782
32dd750f8243e419e645d7566ee9824132ea8dbd
88724d0da8e1aa54c7446dbfed47b54043dd7e298132bed2f9f120f811eba78c
GET /css/et-line-font/et-line-font.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 7395
last-modified: Thu, 01 Jun 2017 20:22:34 GMT
etag: "5930778a-1ce3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/default.css
136.243.20.96200 OK 115 kB URL HTTP/2 globaldugunsalonu.de/css/default.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type assembler source, ASCII text, with CRLF line terminators
Size 115 kB (115436 bytes)
Hash 5bf879b47cea36a123803085ee3dad06
8be83a3949f0ab63d6ef128bbd1b7391b06c0d18
b0d9701cc9ec12f29f1a5ed8c3570cda2b9e2db3db3e99e67c8e4871f51f13e6
GET /css/default.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 115436
last-modified: Wed, 27 Nov 2019 11:32:14 GMT
etag: "5dde5ebe-1c2ec"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/layouts.css
136.243.20.96200 OK 120 kB URL HTTP/2 globaldugunsalonu.de/css/layouts.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Size 120 kB (119517 bytes)
Hash 1851046babce23f284c7f27afc9473c9
f09dc0152e076efda08b6e30d303481b992d1bfb
740cd5dd38b6c904786773cfa13d947626a410c1af39b902474695a37575a48a
GET /css/layouts.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 119517
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-1d2dd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/bootstrap/bootstrap.min.js
136.243.20.96200 OK 36 kB URL HTTP/2 globaldugunsalonu.de/js/bootstrap/bootstrap.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32025), with CRLF line terminators
Hash 1ae0e64754a542cbea996dec63c326fd
e2ddfe5a574c29f39b511aada1bd85e0ba60fa70
6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap/bootstrap.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 35957
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-8c75"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/smart-forms/smart-forms.css
136.243.20.96200 OK 70 kB URL HTTP/2 globaldugunsalonu.de/js/smart-forms/smart-forms.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 7b7a5ca9fec882ea60ebf9db7be92a95
525fd5da21af1a8f3f85c0b1c0864ef49238bb1c
17af6a7ba1e4f4bcef24c616b049c9688839025270a344267a272f6cfe0bb814
GET /js/smart-forms/smart-forms.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: text/css
content-length: 69879
last-modified: Thu, 01 Jun 2017 20:22:54 GMT
etag: "5930779e-110f7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/cubeportfolio/jquery.cubeportfolio.min.js
136.243.20.96200 OK 56 kB URL HTTP/2 globaldugunsalonu.de/js/cubeportfolio/jquery.cubeportfolio.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32009), with CRLF line terminators
Hash 495a1f7432c2ad83f2a974ce94c0af34
726cc50171d95900845a1cbb83a3ee32cbc6b2e6
a7e9173a6c34a1666270c955d98f28654937df350ac78de8844ede9e734aa230
Analyzer Verdict Alert fortinet Phishing
GET /js/cubeportfolio/jquery.cubeportfolio.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 55640
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-d958"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/cubeportfolio/main2.js
136.243.20.96200 OK 1.9 kB URL HTTP/2 globaldugunsalonu.de/js/cubeportfolio/main2.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash e4c60b53a738e14ab8ae43eae58b6084
23b154b1ae8e3c5d7567a3dd55181289912c657e
0269c82aa36c2b6956f0fccb9d2f374313368fc588a83b463e0d1a9a1ecc3832
Analyzer Verdict Alert fortinet Phishing
GET /js/cubeportfolio/main2.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 1933
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-78d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/jquery.easing.min.js
136.243.20.96200 OK 7.0 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/jquery.easing.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (3524), with CRLF line terminators
Hash 921bcb1f5a81945e66f5db4f3e714813
f1f69c73577a78b57ffdad42ea63cda8e318d7b5
e6c2814936ac13f206f1e09255f75d3faafbb29bddbe22e93fd6464f817ca49e
Analyzer Verdict Alert fortinet Phishing
GET /js/masterslider/jquery.easing.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 7035
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-1b7b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/mainmenu/customeUI.js
136.243.20.96200 OK 2.2 kB URL HTTP/2 globaldugunsalonu.de/js/mainmenu/customeUI.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 6636030ec6d9104a8c56f51a7700cbe7
289116cf7dfeffcae8d9ae256aa6e514dabc8ae7
e7e3ca7a9f8eab3f55030ba7659d00d4ef44db41161bed6fbc9961c54dd24b6a
Analyzer Verdict Alert fortinet Phishing
GET /js/mainmenu/customeUI.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 2224
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-8b0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/owl-carousel/owl.carousel.js
136.243.20.96200 OK 54 kB URL HTTP/2 globaldugunsalonu.de/js/owl-carousel/owl.carousel.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash b6d84ff48712a3cfb6eaf2d1fdfcaad4
e45d0c9898cacea360a19035c6956b3271f53621
c56a75dc2b5875e9e1fcbd06c6bb6f4fc11435128e08772155e52f97233264a6
Analyzer Verdict Alert fortinet Phishing
GET /js/owl-carousel/owl.carousel.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 54413
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "5930779c-d48d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/owl-carousel/custom.js
136.243.20.96200 OK 5.3 kB URL HTTP/2 globaldugunsalonu.de/js/owl-carousel/custom.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash f97aeafd6e6683b5920aa5a839bbef9f
320a390ddfee190bcfbea61a055d6454919cc06e
f4147bd05994fa64bf40f647f9ba48f35ece1f3d5b18be75e7ead15c442db40f
Analyzer Verdict Alert fortinet Phishing
GET /js/owl-carousel/custom.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 5341
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "5930779c-14dd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/scrolltotop/totop.js
136.243.20.96200 OK 230 B URL HTTP/2 globaldugunsalonu.de/js/scrolltotop/totop.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 477a943069f55f1ca1dc5dfe8d382019
d3b473a9954eed11bbe770e2f08f2af1434d1535
ae83f5984385e02c01f5bd8a08bf61b3bdd954692b8a1c6b8737aca63e6bd229
Analyzer Verdict Alert fortinet Phishing
GET /js/scrolltotop/totop.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 230
x-accel-version: 0.01
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "160-550ebcd181f00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/mainmenu/jquery.sticky.js
136.243.20.96200 OK 7.4 kB URL HTTP/2 globaldugunsalonu.de/js/mainmenu/jquery.sticky.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash df5375f96ba10f79b785b111f6281931
66d903c92952cbef54d3ba47ffd5590fac7be68d
43a24608e742c8adc12bc142cdbe6c8838100b1b507e954ab9965c8059896cf7
Analyzer Verdict Alert fortinet Phishing
GET /js/mainmenu/jquery.sticky.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 7389
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-1cdd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/smart-forms/jquery.form.min.js
136.243.20.96200 OK 15 kB URL HTTP/2 globaldugunsalonu.de/js/smart-forms/jquery.form.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (14900), with CRLF line terminators
Hash c96241e183012fd2646c4d6917155168
98a92639a7de79a392c60b56e090e504071bc1f8
27e9042e0cd29ac1e29332d3a88a1aa1bc84fb912ac5b14ced66d8f5e6890938
Analyzer Verdict Alert fortinet Phishing
GET /js/smart-forms/jquery.form.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 15258
last-modified: Thu, 01 Jun 2017 20:22:54 GMT
etag: "5930779e-3b9a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/smart-forms/jquery.validate.min.js
136.243.20.96200 OK 22 kB URL HTTP/2 globaldugunsalonu.de/js/smart-forms/jquery.validate.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (21445), with CRLF line terminators
Hash a3601786b7ee8fa301939c8fd4f9cba6
969fd5d7bef5559b6ffd8ea477d4e7ba732f55af
af39c945f12c4e06595178be35788c26086ef65ff070326126ad00cba7e5b1b0
Analyzer Verdict Alert fortinet Phishing
GET /js/smart-forms/jquery.validate.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 21587
last-modified: Thu, 01 Jun 2017 20:22:54 GMT
etag: "5930779e-5453"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/smart-forms/additional-methods.min.js
136.243.20.96200 OK 16 kB URL HTTP/2 globaldugunsalonu.de/js/smart-forms/additional-methods.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (16269), with CRLF line terminators
Hash daeaf2389ee5b79d04e35c8321c604c8
600388221f35c8bea790952881d90320f71d0286
e0bc6d8a48c3f364d5edf6eb3da74eb070dcb087fe6051400331d644abdcd9c3
Analyzer Verdict Alert fortinet Phishing
GET /js/smart-forms/additional-methods.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:56 GMT
content-type: application/javascript
content-length: 16418
last-modified: Thu, 01 Jun 2017 20:22:54 GMT
etag: "5930779e-4022"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/smart-forms/smart-form.js
136.243.20.96200 OK 3.6 kB URL HTTP/2 globaldugunsalonu.de/js/smart-forms/smart-form.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
Hash 01db552dbb48920a22c99b93347072ce
dd2d025cb0be90c4ef4e4d76c862f0f8adfbd35b
0bd69177a36fe7c9274926867ccb81ae506d209fbcf2444562116aad518b6adb
Analyzer Verdict Alert fortinet Phishing
GET /js/smart-forms/smart-form.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:56 GMT
content-type: application/javascript
content-length: 3647
last-modified: Sun, 03 Jun 2018 00:03:48 GMT
etag: "5b133064-e3f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/scripts/functions.js
136.243.20.96200 OK 1.4 kB URL HTTP/2 globaldugunsalonu.de/js/scripts/functions.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 185625c21ad398aac0bd3a612f8d4db8
cd28a37edf501c11d5d76e9f0d8fff8c2ea8f1e4
8c7cde44bee5610f37960477fb36a62a708e1bc548cb5c7f240daa9a62c2a592
Analyzer Verdict Alert fortinet Phishing
GET /js/scripts/functions.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:56 GMT
content-type: application/javascript
content-length: 1399
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "5930779c-577"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/flag-tr.png
136.243.20.96200 OK 1.3 kB URL HTTP/2 globaldugunsalonu.de/images/flag-tr.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 14 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash a93c4aed5b49b8df9c4055762374a3b3
1f93d39c2274024a3975454e472b8838ae30b316
c29eb1bc60c23ad4445292115d4404ab7394f92074b986631e8b3a669d130d63
GET /images/flag-tr.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: image/png
content-length: 1274
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-4fa"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/200.png
136.243.20.96200 OK 5.8 kB URL HTTP/2 globaldugunsalonu.de/images/200.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 95 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash acc853f85d7577a0d1600daa2449e9b5
5aaa4fb2cded1561fa7a7ab424bf76b98c625de3
8a72462d40b47c63635935571ad75d69255f7b008dbfa60051829ac27112c949
GET /images/200.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: image/png
content-length: 5788
last-modified: Wed, 27 Nov 2019 11:07:54 GMT
etag: "5dde590a-169c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Dugun-Salonu.jpg
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/images/Dugun-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=@foto, design & projects mbu], progressive, precision 8, 263x175, components 3\012- data
Hash d2b9c0fdd6de5f209d73ec416641b9a8
3227c4c98fe1f07cc966bb10e341c03ffa6e40ee
b6f77172bcdf7d0758963838940d8e6c6228e048fc54c90ec98fda083f2d660b
GET /images/Dugun-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: image/jpeg
content-length: 11863
last-modified: Thu, 01 Jun 2017 20:22:46 GMT
etag: "59307796-2e57"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/blank.gif
136.243.20.96200 OK 43 B URL HTTP/2 globaldugunsalonu.de/js/masterslider/blank.gif
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /js/masterslider/blank.gif HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: image/gif
content-length: 43
x-accel-version: 0.01
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "2b-550ebccf99a80"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Nisan-Salonu.jpg
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/images/Nisan-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 263x175, components 3\012- data
Hash 1eba475ffd83afe232fae9b37ca110cf
d09f809dad48d8e10030f66fec9687a86c0cd043
023a8d52e3097840413ff8e81b634baee6d5b9a673ceff8a711703847ac2110e
GET /images/Nisan-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: image/jpeg
content-length: 12013
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-2eed"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Kina-Salonu.jpg
136.243.20.96200 OK 11 kB URL HTTP/2 globaldugunsalonu.de/images/Kina-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 263x176, components 3\012- data
Hash ec9c5f186ef81bc56c856fd3a527d709
84403684285b7f8d40060291d9c3b3ee1834b4b6
09b0e575a4e168b539682de1df59bf198071172cd5ca03403625a3580c62f182
GET /images/Kina-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: image/jpeg
content-length: 11363
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-2c63"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Sunnet-Salonu.jpg
136.243.20.96200 OK 9.6 kB URL HTTP/2 globaldugunsalonu.de/images/Sunnet-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 263x176, components 3\012- data
Hash 6f4baa96f78a50b17de5d5caf82f295d
b895ebd56849959cc5c2f52dba7f56b2d81ecdd5
5de79d9beb6653fffdf654fbfd408de962bb022beefa7abac1ee24cd4a0f07ca
GET /images/Sunnet-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: image/jpeg
content-length: 9637
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-25a5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/talip.jpg
136.243.20.96200 OK 34 kB URL HTTP/2 globaldugunsalonu.de/images/talip.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 700x175, components 3\012- data
Hash 77488536204ace7c327b8467e798097d
2cc2e1bebe0567bfddb6843712d3653add51f8cc
052ba4ed4ad10ad4ec5231f68f6870a176902dd61edbf2311ab578f8d1ff773d
GET /images/talip.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: image/jpeg
content-length: 34303
last-modified: Sun, 22 Sep 2019 09:50:44 GMT
etag: "5d8743f4-85ff"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/flag-de.png
136.243.20.96200 OK 234 B URL HTTP/2 globaldugunsalonu.de/images/flag-de.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 14 x 11, 8-bit colormap, non-interlaced\012- data
Hash 628bd5af0b8f7b5d7003cdbe1bebd0b5
b5bd1004116018153a0ae40d70feb00994e3e37b
bb2996dc15c669cd78048de2f00cb13bb0ddb9fe9abe4a0c5271ca5f3ce4a713
GET /images/flag-de.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: image/png
content-length: 234
x-accel-version: 0.01
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "ea-550ebcc9e0d00"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/masterslider.min.js
136.243.20.96200 OK 156 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/masterslider.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (32107), with CRLF line terminators
Size 156 kB (155627 bytes)
Hash 5c55233c2742fb590ea9dd2003720c7b
865a2cc6885cf1acc985ccb3aa720a579322eefb
b0ffacac7cb2113c2d5bacd89163b9b10bf4beaed7552673048b646540845151
Analyzer Verdict Alert fortinet Phishing
GET /js/masterslider/masterslider.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 155627
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-25feb"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 21d1b5be072df45253749eeb3290be82
4ac9978797c085289b9fcc2fe9a57b619e1c78c9
9ea779e1ad86a4a7c403b574908e2dc60d079b366ab1cf439b34c73c9a9c64c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eefbc3e92429d8e2beb6d1d913cd7442
ed50f0d6bf3aaa67945627d401d70f357940c786
693b3bff56a8f267f7831903e497dcfde37b16b188824fa63fd310698ab13388
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
globaldugunsalonu.de/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
136.243.20.96200 OK 57 kB URL HTTP/2 globaldugunsalonu.de/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Analyzer Verdict Alert fortinet Phishing
GET /css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://globaldugunsalonu.de/css/font-awesome/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:56 GMT
content-type: font/woff2
content-length: 56780
last-modified: Thu, 01 Jun 2017 20:22:34 GMT
etag: "5930778a-ddcc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Global_DUGUN_NISAN_KINA_SUNNET_SALONU.jpg
136.243.20.96200 OK 258 kB URL HTTP/2 globaldugunsalonu.de/images/Global_DUGUN_NISAN_KINA_SUNNET_SALONU.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x640, components 3\012- data
Size 258 kB (257883 bytes)
Hash a958699549e3c92431bcf4ab53786b6c
4b13a08de0199cfab78f32a918f2bd3737cf5ec7
eae93ba8f67e397c23e0c4bf19c75409d731453d2e93bcaa666ae99f1c5761a7
GET /images/Global_DUGUN_NISAN_KINA_SUNNET_SALONU.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/css/layouts.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:56 GMT
content-type: image/jpeg
content-length: 257883
last-modified: Thu, 01 Jun 2017 20:22:46 GMT
etag: "59307796-3ef5b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 08:31:01 GMT
expires: Wed, 06 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 59215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:21 GMT
expires: Thu, 31 Aug 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 537815
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 537828
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.110.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.110.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tBah1Kn2ZVUkgZ2YxKyUuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x9vSamQidvErubXHtVt54zdfm58=
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 18:57:58 GMT
expires: Tue, 05 Sep 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 107998
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:35:48 GMT
expires: Thu, 31 Aug 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 537728
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 537828
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 12:31:58 GMT
expires: Sun, 03 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 303958
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube-nocookie.com/s/player/c16db54a/www-player.css
142.250.74.14200 OK 49 kB URL HTTP/2 www.youtube-nocookie.com/s/player/c16db54a/www-player.css
IP 142.250.74.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 666388d9ac2c812d3d9b0e511b1cfea0
4dfa524e6558a4aaf676578dd3275f544cb36625
a1532094c979ab2823b5baf7e5843d731e1c64765a8b8495f89bb56b7f7df117
GET /s/player/c16db54a/www-player.css HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49081
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:48:56 GMT
expires: Sat, 02 Sep 2023 20:48:56 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/css
age: 360540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/style/loading-2.gif
136.243.20.96200 OK 2.7 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/style/loading-2.gif
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 32 x 32\012- data
Hash 214f3c5ef3de8b01b2fe67da6ccfc7e7
e3839756e2515361eb5bedaed9919d4ca53f7b8f
014e4b61c8d6dbafa792dbccb03d65d38675a32a8bde54f45a6e00b6805dd57a
GET /js/masterslider/style/loading-2.gif HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/js/masterslider/style/masterslider.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:56 GMT
content-type: image/gif
content-length: 2707
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-a93"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/style/light-skin-1.png
136.243.20.96200 OK 4.3 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/style/light-skin-1.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 152 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash a3a5c82f953a4a05e52f906dc41feec8
7c8acef254914991154acdfe9c389308d2653187
0ffe16667a16b259f9e27c8bb6726f7e6c63750d5276aa3a02009d823030cb37
GET /js/masterslider/style/light-skin-1.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/js/masterslider/style/masterslider.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:56 GMT
content-type: image/png
content-length: 4267
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-10ab"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube-nocookie.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
142.250.74.14200 OK 98 kB URL HTTP/2 www.youtube-nocookie.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (592)
Hash 26b6e79984361d593bcf000927f559db
36dc3faef99c68636ed7d8a2d46783ccfc3be7ff
2795564d0f494ec4aed32d6708062dd699c22324d3df26588d5e2e2c2a956b36
GET /s/player/c16db54a/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:48:56 GMT
expires: Sat, 02 Sep 2023 20:48:56 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 360540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eefbc3e92429d8e2beb6d1d913cd7442
ed50f0d6bf3aaa67945627d401d70f357940c786
693b3bff56a8f267f7831903e497dcfde37b16b188824fa63fd310698ab13388
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube-nocookie.com/s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.14200 OK 2.8 kB URL HTTP/2 www.youtube-nocookie.com/s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.14:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:48:56 GMT
expires: Sat, 02 Sep 2023 20:48:56 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 360540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube-nocookie.com/s/player/c16db54a/player_ias.vflset/en_US/base.js
142.250.74.14200 OK 587 kB URL HTTP/2 www.youtube-nocookie.com/s/player/c16db54a/player_ias.vflset/en_US/base.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (596)
Size 587 kB (586778 bytes)
Hash da3059ae3f2d892ccddf5832ff6f7a5a
df25b539e3bc115ff39343862807b32cfce2b4bc
abe75b67d443e17494a271925559be75c8a07e454c645153dac3e4f3a82947c4
GET /s/player/c16db54a/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 586778
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:54:04 GMT
expires: Sat, 02 Sep 2023 20:54:04 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 360232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/slide3.jpg
136.243.20.96200 OK 93 kB URL HTTP/2 globaldugunsalonu.de/images/slide3.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=Paint.NET v3.5.11], baseline, precision 8, 1913x871, components 3\012- data
Hash 67e60c1efc81a1fc53a9b027f8dd8ae3
eedb58857bc7b729b1e99e0a8d9dfbc1cdb65ba4
d23a0f861aaa18eff168e086260d5f4af3f1cbc8cae40a02b97bcdf6aa42269b
GET /images/slide3.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:56 GMT
content-type: image/jpeg
content-length: 93234
last-modified: Wed, 27 Feb 2019 12:18:38 GMT
etag: "5c76801e-16c32"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0b218225171cae57237cd71ae6f3347b
821f6cda5bf110fad5777736e92a27db636d488c
1372a445d0f8e9b0b2b3abb6762ca5ec3867bb42928aa2f7ed84a47f660f3c59
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6206
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Last-Modified: Tue, 06 Sep 2022 23:14:30 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/de_DE/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/de_DE/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash a52ef152850080cfc64c270f204e7048
b4023943dcedcbce405f4120f00a6c2be654d4ef
013ec1edbca1fff24f03709af22c76f0c2be035bdb210c9247e784f3cff2e067
GET /de_DE/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e5f7a282b1dc475fb0959c1650cb8651
etag: "15928e6f3a99b8720e1a5338c8e2db51"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 07 Sep 2022 01:07:38 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: pS7xUoUAgM/GTCcPIE5wSA==
x-fb-debug: 3KtwUUw3Zk4dotyK8FmZ5Tp9jDHivokgwrT59S7q+Hl+waW659kMdC1AupbQ60lYOsKT+FaVjjwZbHP3E6/tsA==
content-length: 1686
x-fb-trip-id: 1904183273
date: Wed, 07 Sep 2022 00:57:56 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
globaldugunsalonu.de/favicon.ico
136.243.20.96200 OK 1.2 kB URL HTTP/2 globaldugunsalonu.de/favicon.ico
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash dc55ecf113542a196690a4bc6925bb09
fba6f74de96439f98275661592d4c7fb33be6530
1ac141ecb060bc919fc4e969818215614d478aa358039f610c79853c73ce73f4
GET /favicon.ico HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:56 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Wed, 27 Nov 2019 12:08:42 GMT
etag: "5dde674a-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0b218225171cae57237cd71ae6f3347b
821f6cda5bf110fad5777736e92a27db636d488c
1372a445d0f8e9b0b2b3abb6762ca5ec3867bb42928aa2f7ed84a47f660f3c59
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6206
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Last-Modified: Tue, 06 Sep 2022 23:14:30 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 521428b0e694b41561bc2ed785219929
45bf3b914325f9d646879bd16bb01feb8f29f2d4
9e2c58593cb9b9baae14e338253ca44b199d965e106ddc70c700f66f0203465a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.211.2200 OK 57 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (2897)
Hash fb610a49219b2e062e81bf3f98b727b5
93bea5e57573c34b4a401857ffc1b180a63dc4af
71e85e142d55ba672a8018da950a8f656e9901556617f1d5c4c2cb2d529c5238
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Wed, 07 Sep 2022 00:57:56 GMT
expires: Wed, 07 Sep 2022 00:57:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8394568071960698056
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/de_DE/sdk.js?hash=86cb0a89a557d50edea6b8b4640a0812
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/de_DE/sdk.js?hash=86cb0a89a557d50edea6b8b4640a0812
IP 31.13.72.12:0
File type ASCII text, with very long lines (13115)
Hash 295359cd9968e5053390487abeae8f42
876527f9434f8e46a9e2f6fdd43122d389eb833a
021b5354b5558d730bbb2f7ac3b7949711d5428813df45d63b079ea15e0268e7
GET /de_DE/sdk.js?hash=86cb0a89a557d50edea6b8b4640a0812 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 863d42a6d14f9470de1a4b86adce89e7
etag: "f395b70d898f8b2259031e7e74f07738"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 07 Sep 2023 00:27:37 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: KVNZzZlo5QUzkEh6vq6PQg==
x-fb-debug: wMkvSJ2cseYf6shAskTenISVd6SDxZ/6VuFeEJV2xuAN0GFyaxIJrhkiliyInrA8BgvjcdpkpCznB/sIDf0Xww==
content-length: 86756
x-fb-trip-id: 1904183273
date: Wed, 07 Sep 2022 00:57:56 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/GlobalDugunSalonu_slid2.jpg
136.243.20.96200 OK 224 kB URL HTTP/2 globaldugunsalonu.de/images/GlobalDugunSalonu_slid2.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x640, components 3\012- data
Size 224 kB (223967 bytes)
Hash 379ff0f33dd249c8e7c62b4077242cf8
2f8470e82937757456c0378a61c4d45a765258f9
feab276e1f8ae02f7938fe12e2f907becbb7fb5ee507c653e61d2bfbb74e0811
GET /images/GlobalDugunSalonu_slid2.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:56 GMT
content-type: image/jpeg
content-length: 223967
last-modified: Thu, 01 Jun 2017 20:22:46 GMT
etag: "59307796-36adf"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 521428b0e694b41561bc2ed785219929
45bf3b914325f9d646879bd16bb01feb8f29f2d4
9e2c58593cb9b9baae14e338253ca44b199d965e106ddc70c700f66f0203465a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220901/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Tue, 06 Sep 2022 13:11:03 GMT
expires: Tue, 20 Sep 2022 13:11:03 GMT
cache-control: public, max-age=1209600
age: 42413
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/GlobalDugunSalonu_slid1.jpg
136.243.20.96200 OK 206 kB URL HTTP/2 globaldugunsalonu.de/images/GlobalDugunSalonu_slid1.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x640, components 3\012- data
Size 206 kB (205529 bytes)
Hash 7b4d6b457b307cb74945d5721267e276
a4d8dc0473d1fddb2045fc5290da29c5c2171e0e
9e57fb34c0cfd3fd8bb5f334af5e9a386a3166a79ef57d79a4cefbf575c1558b
GET /images/GlobalDugunSalonu_slid1.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:56 GMT
content-type: image/jpeg
content-length: 205529
last-modified: Thu, 01 Jun 2017 20:22:46 GMT
etag: "59307796-322d9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/universal/jquery.js
136.243.20.96200 OK 1.4 kB URL HTTP/2 globaldugunsalonu.de/js/universal/jquery.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type gzip compressed data, max compression\012- data
Hash b20f946368e90630723da354956a354c
379855bb4eb668dfb380c6f6b10502717e419fd3
cbdfe17dd079e97fda40bfb7410244b57cbd73835da543f691202314e8e4a2fe
Analyzer Verdict Alert fortinet Phishing
GET /js/universal/jquery.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 00:57:55 GMT
content-type: application/javascript
content-length: 84324
last-modified: Thu, 01 Jun 2017 20:22:56 GMT
etag: "593077a0-14964"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35bebda821efbdb6fec21090c26fcff0
5371b373af16c80121ad475bfbd377aadb9001b5
f10eb86a8452f13e8e9c9215e9a5b0c68bf9ddfa1979b9c7e1ad7acd8bb4dd9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0ed4613ac4f971e3c5df691cbacefa8
8de2786096df5a34e658b8ccbbfff29258bda7e0
6e5163de39ab980bdf6cfa1209e062d073a01beda848ad8333a71e0551f68dd4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0ed4613ac4f971e3c5df691cbacefa8
8de2786096df5a34e658b8ccbbfff29258bda7e0
6e5163de39ab980bdf6cfa1209e062d073a01beda848ad8333a71e0551f68dd4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=globaldugunsalonu.de
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=globaldugunsalonu.de
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=globaldugunsalonu.de HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Sep 2022 00:57:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=globaldugunsalonu.de
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=globaldugunsalonu.de
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=globaldugunsalonu.de HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Sep 2022 00:57:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35bebda821efbdb6fec21090c26fcff0
5371b373af16c80121ad475bfbd377aadb9001b5
f10eb86a8452f13e8e9c9215e9a5b0c68bf9ddfa1979b9c7e1ad7acd8bb4dd9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 07 Sep 2022 00:57:57 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5f3f28b6d5a4a68640bc7ed8f096f4c7
938278bbcb14a358eac032b5d53b3c369930ee14
f4686071bb1392532b5032f1adf5d986c32dc12f993196afd7b6b80ebc1cc9a0
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 07 Sep 2022 00:57:57 GMT
server: ESF
cache-control: private
content-length: 30748
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f826e6c7ed5681ea2e4fb221deee4c65
85450db9a100d7b512f454c49237d8071e6f5a05
d96e95c4e9ec09f5e53aef9d6be1e36858601c5b999587f1d104e588bbc49e8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e8542ed01da8d9bfddbd6d82394f0e6
d92ac8e90830344f890c2bb080effe359d47fa78
4cffde9a938edfbcd412c77c329388bb12bd49d7a332c16658323e6aca72a356
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b6c1068216577e4920f7603fd80b6f7
992bbe3b7e8e0a2d1e5bfcf51dee0e7a626a45b7
874daa5370299e1f4105e65094ccc7e68e657f724775bcbcc31d40d3e2ebaf6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9640
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Wed, 07 Sep 2022 00:57:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9640
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Wed, 07 Sep 2022 00:57:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9640
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Wed, 07 Sep 2022 00:57:57 GMT
Connection: keep-alive
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662533877&ei=lewXY8mrF4WjyQXw5LrYDA&ip=91.90.42.154&id=o-ANd0my1mbZipnudkfJecGeX7_0A4TGkDesaMo3ga7lii&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7k&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=893750&spc=lT-KhhokBviqxuLzckvU8P2zIeTTkkg&vprv=1&mime=audio%2Fwebm&ns=zOXHpQq5lPoO6dp-Cpz9l90H&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1662511985&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=L0W8kzVkgod1Pw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgC827AROoX0pKM4W3UGGO4quhivEh_7o4w65CIbna_BwCIBbdPK5gMwmLII471l0c2ijgJPVrlBFm-yZ2mVM7g6So&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgcQzkNR_b7-MgiyqPn9TcO0jObvKGiL6CcLkXfsY6bsICIDAy0EAFNN9dUYzcpD20e8Lk33avbrvN7SYRjpZGhuwX&alr=yes&cpn=a9NUrqaO112STt4l&cver=1.20220831.01.01&range=0-66352&rn=2&rbuf=0
91.90.45.173200 OK 66 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662533877&ei=lewXY8mrF4WjyQXw5LrYDA&ip=91.90.42.154&id=o-ANd0my1mbZipnudkfJecGeX7_0A4TGkDesaMo3ga7lii&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7k&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=893750&spc=lT-KhhokBviqxuLzckvU8P2zIeTTkkg&vprv=1&mime=audio%2Fwebm&ns=zOXHpQq5lPoO6dp-Cpz9l90H&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1662511985&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=L0W8kzVkgod1Pw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgC827AROoX0pKM4W3UGGO4quhivEh_7o4w65CIbna_BwCIBbdPK5gMwmLII471l0c2ijgJPVrlBFm-yZ2mVM7g6So&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgcQzkNR_b7-MgiyqPn9TcO0jObvKGiL6CcLkXfsY6bsICIDAy0EAFNN9dUYzcpD20e8Lk33avbrvN7SYRjpZGhuwX&alr=yes&cpn=a9NUrqaO112STt4l&cver=1.20220831.01.01&range=0-66352&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash dfa219188e0fa46b73b7e3e950f391d6
636fd0700b7df3c6da23e28fa7d5a98260292063
297a398ea187d67b768347aaf89bed7c5ca05340133a9733d12ae6d62828b382
GET /videoplayback?expire=1662533877&ei=lewXY8mrF4WjyQXw5LrYDA&ip=91.90.42.154&id=o-ANd0my1mbZipnudkfJecGeX7_0A4TGkDesaMo3ga7lii&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7k&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=893750&spc=lT-KhhokBviqxuLzckvU8P2zIeTTkkg&vprv=1&mime=audio%2Fwebm&ns=zOXHpQq5lPoO6dp-Cpz9l90H&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1662511985&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=L0W8kzVkgod1Pw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgC827AROoX0pKM4W3UGGO4quhivEh_7o4w65CIbna_BwCIBbdPK5gMwmLII471l0c2ijgJPVrlBFm-yZ2mVM7g6So&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgcQzkNR_b7-MgiyqPn9TcO0jObvKGiL6CcLkXfsY6bsICIDAy0EAFNN9dUYzcpD20e8Lk33avbrvN7SYRjpZGhuwX&alr=yes&cpn=a9NUrqaO112STt4l&cver=1.20220831.01.01&range=0-66352&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Jul 2019 08:41:03 GMT
Content-Type: audio/webm
Date: Wed, 07 Sep 2022 00:57:57 GMT
Expires: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 66353
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46aec6c9-5dde-4aba-879c-d92f0cfec73f.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46aec6c9-5dde-4aba-879c-d92f0cfec73f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f754103a24f76f89b092a30c13f2d5d5
800998b57db224e881f26b245baa4da9626d9f0a
2d535af5239ad8c836cb8545ae6bcc957b3ebcf5ae3abe60fb4281c9e268b0be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46aec6c9-5dde-4aba-879c-d92f0cfec73f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13523
x-amzn-requestid: 10df7b4c-540c-4706-a511-5ff96a3aeb9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDikTETaIAMFk6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317b14e-4afbd43f3d8117aa10e91f64;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 20:45:02 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dDCQ13zMHNL9RVL9bvUVut-AfDpiTNaj8798O5T20k0hiSkL2t3KjA==
via: 1.1 1dd804267731601ebefbfc73a35de7a8.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:15 GMT
etag: "800998b57db224e881f26b245baa4da9626d9f0a"
content-type: image/jpeg
age: 11202
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1462b0c8fff091f29c7c5145031c08aa
55154c3878e9650f463805c3829f03a1603f14c1
62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11778
x-amzn-requestid: 2956f23c-8907-48de-b82a-73da9ae1d75e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYVHnLoAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdce-5d76bbe82dc2823407fe67f3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6tTqfG7yRrMw0cMwiQFlu9XuRzxlK7uzTXL-cAMFmrrDrKL9Rd3zqA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:20 GMT
age: 11797
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu_gwn-1wXS4PcrEEq17um1B10UutRWUw4sVKw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.3 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_gwn-1wXS4PcrEEq17um1B10UutRWUw4sVKw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 2b61ca2ae20ff40e80518a8c71513069
29c273d1eb97a35acb263a65715549b48f1f3bdf
5b2fee1f1005cabf52d07e6ffc13dfed78ee6500bb02d467037128580b8ad5fb
GET /ytc/AMLnZu_gwn-1wXS4PcrEEq17um1B10UutRWUw4sVKw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Sep 2022 00:57:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Sep 2022 00:57:57 GMT
server: fife
content-length: 1322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa395dcd-c2bf-4b9e-a70f-5dc4000d8b8f.jpeg
34.120.237.76200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa395dcd-c2bf-4b9e-a70f-5dc4000d8b8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed39b35d8a767c2aad6a77fadc60f233
f9767c74a6f717635f67ac541f0126f5a63bd7d3
343efa10126cf70588f1968dea7c77ec3ff8a121e1152f1f9b9b4960fc42bddb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa395dcd-c2bf-4b9e-a70f-5dc4000d8b8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3187
x-amzn-requestid: 8a44698f-2fd0-4980-9882-971810debb88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X6Wf9GyaoAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63140465-3a46f65e5f8c4522065c5ad5;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 01:50:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: skw7KXeCdFODdGvzIqmWcyKbf3jbapZMoMXLqbu6WPaAmStKp2TKlg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 23:55:36 GMT
age: 3741
etag: "f9767c74a6f717635f67ac541f0126f5a63bd7d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 03:37:00 GMT
age: 76857
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2cde93c-0513-450d-8955-bde7c6e24fcb.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2cde93c-0513-450d-8955-bde7c6e24fcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8270b1deb7d093ca8add7908bcc5136
d7f050173460584cecb8e280aefeb0e0f3a8c1d6
148080cd0f4f5aafcfc5a9d737dd99e101895f83a177e0dc15d27079cf6b56bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2cde93c-0513-450d-8955-bde7c6e24fcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8501
x-amzn-requestid: 5424e02c-4ff4-4d45-9e1d-7a43ac9a2d8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDrvxFRRIAMFfug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bffe-5d1e19c74682a1c950221ece;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:47:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -_7fvry5PiqGos8cS42sr0MXgZzw34IxmsYoQ6ePjLFvtbFU3KWGcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:25 GMT
etag: "d7f050173460584cecb8e280aefeb0e0f3a8c1d6"
content-type: image/jpeg
age: 11192
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ee4c9bd1e550045d69f24ad511070c
3bf0d51801523d7014ac76b5ab90c989fc7a770f
ee48c13050faa498f79222216f9c71b20b3a4e5e8e5c59c7156c276ab942703c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8756
x-amzn-requestid: d48113bc-fe40-4d59-b700-194b1092ab67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqmxQEbVoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630db807-14ff6f5b0ffb9a7f08e57906;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:11:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YKs0giofWi83MnLBqx6zAu1NGd_A9-l6y2pULUBn2RK0-H3KNRzrUg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 15:59:32 GMT
age: 32305
etag: "3bf0d51801523d7014ac76b5ab90c989fc7a770f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662533877&ei=lewXY8mrF4WjyQXw5LrYDA&ip=91.90.42.154&id=o-ANd0my1mbZipnudkfJecGeX7_0A4TGkDesaMo3ga7lii&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7k&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=893750&spc=lT-KhhokBviqxuLzckvU8P2zIeTTkkg&vprv=1&mime=audio%2Fwebm&ns=zOXHpQq5lPoO6dp-Cpz9l90H&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1662511985&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=L0W8kzVkgod1Pw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgC827AROoX0pKM4W3UGGO4quhivEh_7o4w65CIbna_BwCIBbdPK5gMwmLII471l0c2ijgJPVrlBFm-yZ2mVM7g6So&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgcQzkNR_b7-MgiyqPn9TcO0jObvKGiL6CcLkXfsY6bsICIDAy0EAFNN9dUYzcpD20e8Lk33avbrvN7SYRjpZGhuwX&alr=yes&cpn=a9NUrqaO112STt4l&cver=1.20220831.01.01&range=66353-131888&rn=3&rbuf=3236
91.90.45.173200 OK 66 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662533877&ei=lewXY8mrF4WjyQXw5LrYDA&ip=91.90.42.154&id=o-ANd0my1mbZipnudkfJecGeX7_0A4TGkDesaMo3ga7lii&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7k&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=893750&spc=lT-KhhokBviqxuLzckvU8P2zIeTTkkg&vprv=1&mime=audio%2Fwebm&ns=zOXHpQq5lPoO6dp-Cpz9l90H&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1662511985&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=L0W8kzVkgod1Pw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgC827AROoX0pKM4W3UGGO4quhivEh_7o4w65CIbna_BwCIBbdPK5gMwmLII471l0c2ijgJPVrlBFm-yZ2mVM7g6So&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgcQzkNR_b7-MgiyqPn9TcO0jObvKGiL6CcLkXfsY6bsICIDAy0EAFNN9dUYzcpD20e8Lk33avbrvN7SYRjpZGhuwX&alr=yes&cpn=a9NUrqaO112STt4l&cver=1.20220831.01.01&range=66353-131888&rn=3&rbuf=3236
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
Hash c401e4c1786a0706a04a22939b84f576
79bec3d862505aedcdd8ec9b3efa054cd4b1121e
ae9ea37a6e33d6530c79b9e5f2eda8ed79476f3c85d57b0689e070d9bb5bde72
GET /videoplayback?expire=1662533877&ei=lewXY8mrF4WjyQXw5LrYDA&ip=91.90.42.154&id=o-ANd0my1mbZipnudkfJecGeX7_0A4TGkDesaMo3ga7lii&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7k&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=893750&spc=lT-KhhokBviqxuLzckvU8P2zIeTTkkg&vprv=1&mime=audio%2Fwebm&ns=zOXHpQq5lPoO6dp-Cpz9l90H&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1662511985&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=L0W8kzVkgod1Pw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgC827AROoX0pKM4W3UGGO4quhivEh_7o4w65CIbna_BwCIBbdPK5gMwmLII471l0c2ijgJPVrlBFm-yZ2mVM7g6So&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgcQzkNR_b7-MgiyqPn9TcO0jObvKGiL6CcLkXfsY6bsICIDAy0EAFNN9dUYzcpD20e8Lk33avbrvN7SYRjpZGhuwX&alr=yes&cpn=a9NUrqaO112STt4l&cver=1.20220831.01.01&range=66353-131888&rn=3&rbuf=3236 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Jul 2019 08:41:03 GMT
Content-Type: audio/webm
Date: Wed, 07 Sep 2022 00:57:57 GMT
Expires: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 65536
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e8542ed01da8d9bfddbd6d82394f0e6
d92ac8e90830344f890c2bb080effe359d47fa78
4cffde9a938edfbcd412c77c329388bb12bd49d7a332c16658323e6aca72a356
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f826e6c7ed5681ea2e4fb221deee4c65
85450db9a100d7b512f454c49237d8071e6f5a05
d96e95c4e9ec09f5e53aef9d6be1e36858601c5b999587f1d104e588bbc49e8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 13f32c51522de1520845381e8a9fc8a9
80cd3229bfb73e07bf3325b2a1049f69680f037c
1f7c1f756fb00ac9d27963e2f3fefc12c0c8326d5b0155613daa51cdd95601b0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
khms1.googleapis.com/kh?v=930&hl=en-US&x=1071&y=694&z=11
142.250.74.106200 OK 18 kB URL HTTP/2 khms1.googleapis.com/kh?v=930&hl=en-US&x=1071&y=694&z=11
IP 142.250.74.106:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash b96836cddf1de7c0e694746f93bed1dc
9f5fdae779369898fcf7a80a3159b37db05528b3
3bdacb512ccfecc1162e2ac7d726737f22ef2a41f02634aeacf59b9360fc81c7
GET /kh?v=930&hl=en-US&x=1071&y=694&z=11 HTTP/1.1
Host: khms1.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 07 Sep 2023 00:57:57 GMT
x-content-type-options: nosniff
date: Wed, 07 Sep 2022 00:57:57 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 17574
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
142.250.74.10200 OK 24 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
IP 142.250.74.10:0
Hash 84de046bf60c4b1530c3d90962ed9328
8f1f18e60f42321a4095d07bad4db3aa25f0d7a8
a293f012db818e546f69ccd835122066521b49e489f7010ce4ee14293bd2ec5b
GET /css?family=Roboto:100,200,300,400,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 00:57:55 GMT
date: Wed, 07 Sep 2022 00:57:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 07 Sep 2022 00:57:57 GMT
expires: Wed, 07 Sep 2022 00:57:57 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3639ba0efe4098829800b697fa38405d
96391802923ca3b07fdc294b6140c2749fd43a60
c99cafe0cef0d9d8c1212c49b7e4155efc6ee4cc9650bd6e256875599be1d8d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662533877&ei=lewXY8mrF4WjyQXw5LrYDA&ip=91.90.42.154&id=o-ANd0my1mbZipnudkfJecGeX7_0A4TGkDesaMo3ga7lii&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7k&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=893750&spc=lT-KhhokBviqxuLzckvU8P2zIeTTkkg&vprv=1&mime=video%2Fwebm&ns=zOXHpQq5lPoO6dp-Cpz9l90H&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&mt=1662511985&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=L0W8kzVkgod1Pw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNoutXqpVdjy5oNHNTvxGnQgFBamnWIyyIwCAA-bQhkkCIQCtoNgKE3x-o0FLmUxe9QtVaHbcpYhwkBmGtDvJK4JgPA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgcQzkNR_b7-MgiyqPn9TcO0jObvKGiL6CcLkXfsY6bsICIDAy0EAFNN9dUYzcpD20e8Lk33avbrvN7SYRjpZGhuwX&alr=yes&cpn=a9NUrqaO112STt4l&cver=1.20220831.01.01&sq=0&rn=1&rbuf=0
91.90.45.173200 OK 278 B URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662533877&ei=lewXY8mrF4WjyQXw5LrYDA&ip=91.90.42.154&id=o-ANd0my1mbZipnudkfJecGeX7_0A4TGkDesaMo3ga7lii&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7k&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=893750&spc=lT-KhhokBviqxuLzckvU8P2zIeTTkkg&vprv=1&mime=video%2Fwebm&ns=zOXHpQq5lPoO6dp-Cpz9l90H&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&mt=1662511985&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=L0W8kzVkgod1Pw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNoutXqpVdjy5oNHNTvxGnQgFBamnWIyyIwCAA-bQhkkCIQCtoNgKE3x-o0FLmUxe9QtVaHbcpYhwkBmGtDvJK4JgPA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgcQzkNR_b7-MgiyqPn9TcO0jObvKGiL6CcLkXfsY6bsICIDAy0EAFNN9dUYzcpD20e8Lk33avbrvN7SYRjpZGhuwX&alr=yes&cpn=a9NUrqaO112STt4l&cver=1.20220831.01.01&sq=0&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash b256eb8cc796f0095f5cd107696eb8f0
c34a226b812a46859847542b14f4785d8f229e2c
f2a52a28e98fd4ee14220e3225b9920d682e71bc14ef0daf47c7a44c884a4a29
GET /videoplayback?expire=1662533877&ei=lewXY8mrF4WjyQXw5LrYDA&ip=91.90.42.154&id=o-ANd0my1mbZipnudkfJecGeX7_0A4TGkDesaMo3ga7lii&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7k&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=893750&spc=lT-KhhokBviqxuLzckvU8P2zIeTTkkg&vprv=1&mime=video%2Fwebm&ns=zOXHpQq5lPoO6dp-Cpz9l90H&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&mt=1662511985&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=L0W8kzVkgod1Pw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNoutXqpVdjy5oNHNTvxGnQgFBamnWIyyIwCAA-bQhkkCIQCtoNgKE3x-o0FLmUxe9QtVaHbcpYhwkBmGtDvJK4JgPA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgcQzkNR_b7-MgiyqPn9TcO0jObvKGiL6CcLkXfsY6bsICIDAy0EAFNN9dUYzcpD20e8Lk33avbrvN7SYRjpZGhuwX&alr=yes&cpn=a9NUrqaO112STt4l&cver=1.20220831.01.01&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 17 Aug 2022 00:58:22 GMT
Content-Type: video/webm
Date: Wed, 07 Sep 2022 00:57:57 GMT
Expires: Wed, 07 Sep 2022 00:57:57 GMT
Cache-Control: private, max-age=21300
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
i.ytimg.com/vi_webp/81IGerHCy3Y/maxresdefault.webp
172.217.21.182200 OK 50 kB URL HTTP/2 i.ytimg.com/vi_webp/81IGerHCy3Y/maxresdefault.webp
IP 172.217.21.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0829d74baf74386dd15c5fda6d8f2828
b3b1e6aab17a7e12aa025728019e72a910795bbe
63df9b90841c136282afad5dd79b4f1f216108825b5dcc32a8e43098fe7ea4c2
GET /vi_webp/81IGerHCy3Y/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49686
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 00:57:57 GMT
expires: Wed, 07 Sep 2022 02:57:57 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3639ba0efe4098829800b697fa38405d
96391802923ca3b07fdc294b6140c2749fd43a60
c99cafe0cef0d9d8c1212c49b7e4155efc6ee4cc9650bd6e256875599be1d8d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 00:57:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/3qxx1w_4YTJ.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/3qxx1w_4YTJ.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4093)
Hash 08aaa36041ae749475a01245c6cfd855
8ff5f5e52e8ed44d9656592b67c6f4674a141d07
276c23c43e98a1e6ed20d52d13f014ddae4ba0d69e17daac56f28672eab2e074
GET /rsrc.php/v3/yL/l/0,cross/3qxx1w_4YTJ.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 05 Sep 2023 15:28:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CKqjYEGudJR1oBJFxs/YVQ==
x-fb-debug: /Q3qHPbJBrIYpAAyzqi3+fkPocXDOJpLhzeZuQ13HMEVMgwm2F69U84dKnoEZ7EBTTJ9aCcfMPNQXF7EWBuJsw==
content-length: 5077
x-fb-trip-id: 1904183273
date: Wed, 07 Sep 2022 00:57:58 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 29 Aug 2023 23:02:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: 6fz6C88YLD0zrDgQWE8WbxUG/2QD+QJb5c3Bqi5EOEiYGzUgoHH9EDt5l3xqbMjKQGMAVO6FQr4s7IUQKPFUsA==
priority: u=3,i
content-length: 827
x-fb-trip-id: 1904183273
date: Wed, 07 Sep 2022 00:57:58 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/Y88lOwaPq4F.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/Y88lOwaPq4F.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18501)
Hash e712b0060a23b6c5ede3b67e0bb8639e
faf1f8ee5d679c27fb0fd418f63cf7d851344d26
0efe6b239b3fb45de4071c337078b2b43696cdccdf01024f527af941701239fd
GET /rsrc.php/v3/yH/r/Y88lOwaPq4F.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 06 Sep 2023 21:44:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5xKwBgojtsXt47Z+C7hjng==
x-fb-debug: 43Vr6oEQ0M8c8YowjOVC7tAp6n1bN1BsMkcIKG7b/KgT2eOoSVVjbOxRijrM7dNBMWRzl0uHHCCQuV6LZwc9Uw==
content-length: 90711
x-fb-trip-id: 1904183273
date: Wed, 07 Sep 2022 00:57:58 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 29 Aug 2023 21:51:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: R+zzX7WmRf1X+q8q6BPoX98sZT9HHmBK8mBuiUDRylG8YQE2dqj5AWC1p+a8DynhyN64NvyDA/IKk4p+bhwmbA==
priority: u=3,i
content-length: 1657
x-fb-trip-id: 1904183273
date: Wed, 07 Sep 2022 00:57:58 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/9QJEUDJuAYR.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/9QJEUDJuAYR.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (7299)
Hash 1626e8e828598e06ccd0c47e55b42304
af5c62af35bf22b593fdbe758a2feea6bc1b057f
3798dbb7df2694a222f65f4cadc92e6d133fc8f5fc2b00f326df521cd0c24b25
GET /rsrc.php/v3/yx/r/9QJEUDJuAYR.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 30 Aug 2023 21:53:52 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Fibo6ChZjgbM0MR+VbQjBA==
x-fb-debug: 4WaYryAVZ7NetRVJPvbl+weVea9R3jmMamcOJQrFxhXTBDDbrCB57uesZD5Ni/mP6YsN/9Zo7rVbOSkgzixb3Q==
content-length: 15844
x-fb-trip-id: 1904183273
date: Wed, 07 Sep 2022 00:57:58 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iAxA4/ye/l/de_DE/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iAxA4/ye/l/de_DE/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (42081)
Hash 4eb1724b76b3ff0c5d4cfcaa33b141e9
6615545c588440df0a6b49558752d3cfd45e6308
f7bee7fad9a4297a9433166f59cca22e00291cc3f850b4ab95e8ed7724c3bb84
GET /rsrc.php/v3iAxA4/ye/l/de_DE/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 04 Sep 2023 10:27:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: TrFyS3az/wxdTPyqM7FB6Q==
x-fb-debug: WJGcDjj6NRixFsrDddgOjwxqqd++wuZBPbOx5hI/WU9J7MQvIkmILusMz6Ar8fMNrXC63kPqCWYfzRoqfq7LEQ==
priority: u=3,i
content-length: 23391
x-fb-trip-id: 1904183273
date: Wed, 07 Sep 2022 00:57:58 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 07 Sep 2022 00:57:58 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 122 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3f061346d1957236019d17b72d8b43ef
15408d849bec7dce26111aaadd965e33ad0a80d1
13904246a864883571223ecce5a85645bff98eb33e84f72375f6471663fad07e
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 930
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 07 Sep 2022 00:57:58 GMT
server: ESF
cache-control: private
content-length: 122
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic
IP 142.250.74.10:0
GET /css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 00:57:55 GMT
date: Wed, 07 Sep 2022 00:57:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
IP 142.250.74.14:0
GET /embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0 HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Sep 2022 00:57:56 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+763; expires=Fri, 06-Sep-2024 00:57:56 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2008c882bf6e%26domain%3Dglobaldugunsalonu.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fglobaldugunsalonu.de%252Ff312edbfca030fe%26relation%3Dparent.parent&container_width=263&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGlobal-Dugun-Salonu-Bischofsheim-220366597975552&locale=de_DE&sdk=joey&show_facepile=true&small_header=false&width=300
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2008c882bf6e%26domain%3Dglobaldugunsalonu.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fglobaldugunsalonu.de%252Ff312edbfca030fe%26relation%3Dparent.parent&container_width=263&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGlobal-Dugun-Salonu-Bischofsheim-220366597975552&locale=de_DE&sdk=joey&show_facepile=true&small_header=false&width=300
IP 31.13.72.36:0
GET /v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2008c882bf6e%26domain%3Dglobaldugunsalonu.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fglobaldugunsalonu.de%252Ff312edbfca030fe%26relation%3Dparent.parent&container_width=263&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGlobal-Dugun-Salonu-Bischofsheim-220366597975552&locale=de_DE&sdk=joey&show_facepile=true&small_header=false&width=300 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: K539vmLUBjExTPc/ksdsWtmnjqPcAUkOykTlVG2xwt+rFAe0idp6WFpeBRTVECxuuW1lD49plItA5Jxix1I3yQ==
date: Wed, 07 Sep 2022 00:57:57 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2