globaldugunsalonu.de/
136.243.20.96301 Moved Permanently 162 B IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 06 Oct 2022 02:53:36 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://globaldugunsalonu.de/
firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Yo-0fNGdAQS3L5NutI5FfgT3KIhknaD4KEjef0vst5o_LEKMvZ2jXA==
Age: 39978
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4252
Expires: Thu, 06 Oct 2022 04:04:28 GMT
Date: Thu, 06 Oct 2022 02:53:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
54.230.111.7200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 54.230.111.7:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5N8hZx0BepilbUKZCpTvdLvxSca83AP9WVUBI8uLsFz247uOlQk5PA==
age: 82264
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 61188c434f07f5be9738f553ed7eaed6
ef5ed52ef9edca00a65a803a0ce1ed5fd07be55c
8b8641b6c5e3418d81758d481b0321a25e5bfc389f5959e66bb6a0c339fade28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B8641B6C5E3418D81758D481B0321A25E5BFC389F5959E66BB6A0C339FADE28"
Last-Modified: Wed, 05 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 06 Oct 2022 08:53:36 GMT
Date: Thu, 06 Oct 2022 02:53:36 GMT
Connection: keep-alive
globaldugunsalonu.de/
136.243.20.96200 OK 6.0 kB IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (311), with CRLF line terminators
Hash 8052ac1f1e657ff331fbd3c8a0966209
b78c1dcf6a52f845ede0b3727136e31bf8487d3e
cb31bd4535389fb90f0d520e9cfb8c0c823bdf0f133001126e8910009948a4a0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:36 GMT
content-type: text/html; charset=UTF-8
content-length: 5984
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: global dugun salonu, PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/ui/1.11.4/jquery-ui.js
69.16.175.42200 OK 114 kB URL HTTP/2 code.jquery.com/ui/1.11.4/jquery-ui.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (547)
Size 114 kB (114093 bytes)
Hash 0e45b665669abd2d0dd45fed0e5f0199
d4167d336e4cd359a99daaf01006f59a5e8bc062
cec192e20cf22c995517ee84d3b5a4715f4ad3affb902436b3ee32456e309978
GET /ui/1.11.4/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:53:37 GMT
content-encoding: gzip
content-length: 114093
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd700-72e44"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1665024817.dop015.sk1.t,1665024817.cds202.sk1.hn,1665024817.cds247.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
globaldugunsalonu.de/js/mainmenu/menu.css
136.243.20.96200 OK 20 kB URL HTTP/2 globaldugunsalonu.de/js/mainmenu/menu.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 6ae5092016259cce58f77e4f329e19f3
b36330b168ef0e385946d5566534a41e8772aa0f
a66767ae766df56ce05c119683474e4a6c469fb81c7eb904418dc19d3396f4cf
GET /js/mainmenu/menu.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 20247
last-modified: Wed, 27 Nov 2019 11:36:36 GMT
etag: "5dde5fc4-4f17"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube-nocookie.com/s/player/55fdc514/www-player.css
142.250.74.46200 OK 50 kB URL HTTP/2 www.youtube-nocookie.com/s/player/55fdc514/www-player.css
IP 142.250.74.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ce9b3268e83e864464ee0b1c1bcbd395
aec0d122b7a1674fd2c903e350d7c1e345bdda9a
eccc42a16e7cb2c976a2f247265ef435954d636410182b6e8d6443457252d0e6
GET /s/player/55fdc514/www-player.css HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 50095
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 15:04:43 GMT
expires: Thu, 05 Oct 2023 15:04:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:20:53 GMT
content-type: text/css
age: 42534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube-nocookie.com/s/player/55fdc514/www-embed-player.vflset/www-embed-player.js
142.250.74.46200 OK 97 kB URL HTTP/2 www.youtube-nocookie.com/s/player/55fdc514/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (572)
Hash 25913148e87059714551dcf4917e9cda
77186ee8b563a941961829ca4df183e6c0b63660
2c1f6b675637c3df7fce30c177b7a16047d026aca38b4f2e562b8328d775acf0
GET /s/player/55fdc514/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 15:04:43 GMT
expires: Thu, 05 Oct 2023 15:04:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:20:53 GMT
content-type: text/javascript
age: 42534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube-nocookie.com/s/player/55fdc514/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.46200 OK 2.8 kB URL HTTP/2 www.youtube-nocookie.com/s/player/55fdc514/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.46:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/55fdc514/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 15:04:43 GMT
expires: Thu, 05 Oct 2023 15:04:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:20:53 GMT
content-type: text/javascript
age: 42534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube-nocookie.com/s/player/55fdc514/player_ias.vflset/en_US/base.js
142.250.74.46200 OK 592 kB URL HTTP/2 www.youtube-nocookie.com/s/player/55fdc514/player_ias.vflset/en_US/base.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (554)
Size 592 kB (592045 bytes)
Hash 49f27d11dc9dba238fee54e219f9bb6c
a952ae8d9115266720c306df517a4bd3633379ed
691ca616c64c4f020e9363c94e83406d0fa241238b7a719a4cb055783e9e74c3
GET /s/player/55fdc514/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 592045
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 15:07:13 GMT
expires: Thu, 05 Oct 2023 15:07:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:20:53 GMT
content-type: text/javascript
age: 42384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d10264.355887448864!2d8.3917!3d49.97219!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x383e13c358ad2f26!2sSalon+Global!5e0!3m2!1sde!2sde!4v1461619906982
142.250.74.164200 OK 1.3 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d10264.355887448864!2d8.3917!3d49.97219!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x383e13c358ad2f26!2sSalon+Global!5e0!3m2!1sde!2sde!4v1461619906982
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2750)
Hash dc71d0cfc5489b91d36b7de2dbdc1294
ecf41891bb267b1616e5d23541bc342f3383bf1b
cdf8b6db8ee75867b41ff5ff1dd4f9eafe6f6d4ee6c49768832b0714ae79e4fc
GET /maps/embed?pb=!1m14!1m8!1m3!1d10264.355887448864!2d8.3917!3d49.97219!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x383e13c358ad2f26!2sSalon+Global!5e0!3m2!1sde!2sde!4v1461619906982 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 06 Oct 2022 02:53:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-VUU_FuBncrGrrbPi7GYXyQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1302
x-xss-protection: 0
server-timing: gfet4t7; dur=179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 02:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 02:56:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LdX1juOpuWN3E-p-uRoS8Tr_n3ShMzLiSrXg4LqooaUtdiX63IAe-g==
Age: 1436
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6288
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:37 GMT
Last-Modified: Thu, 06 Oct 2022 01:08:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
globaldugunsalonu.de/css/shortcodes.css
136.243.20.96200 OK 21 kB URL HTTP/2 globaldugunsalonu.de/css/shortcodes.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash e1e5db21564f906e82100fe1d2440eed
0841824f0a0c2bfc13e1e4da9a980aaa1e132b7b
0966fabb44e7cf6edf02371246f68f1ddcf87f0feb7ac1559e73e73c3b7e1dc3
GET /css/shortcodes.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 21131
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-528b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/font-awesome/css/font-awesome.min.css
136.243.20.96200 OK 24 kB URL HTTP/2 globaldugunsalonu.de/css/font-awesome/css/font-awesome.min.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (23577), with CRLF line terminators
Hash f667e6132f8470a39d2395b81ab4ef09
3e435d5167460aaf367836e1973e90a47039faea
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7
GET /css/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 23742
last-modified: Thu, 01 Jun 2017 20:22:34 GMT
etag: "5930778a-5cbe"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/responsive-leyouts.css
136.243.20.96200 OK 48 kB URL HTTP/2 globaldugunsalonu.de/css/responsive-leyouts.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash d4fb9a9e45b01d800d982964566dd5ad
e97151c7389233d3a7b492c171d9c7669860faea
c0fa6e601ba79cfbc706491df56d46abcf94d8382e8f24bdf880ee40189d6ea4
GET /css/responsive-leyouts.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 48294
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-bca6"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/bootstrap/bootstrap.min.css
136.243.20.96200 OK 116 kB URL HTTP/2 globaldugunsalonu.de/js/bootstrap/bootstrap.min.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65367), with CRLF line terminators
Size 116 kB (116120 bytes)
Hash c5dbd3731a680a1edd84b8cfa71ef238
f7eacf3a9b73512d3de368be41f7b580083f058e
4c65b5252f9af4b95b218def505b68bedc807d741397be7b5cee3f65683fd81f
GET /js/bootstrap/bootstrap.min.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 116120
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-1c598"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/cubeportfolio/cubeportfolio.min.css
136.243.20.96200 OK 86 kB URL HTTP/2 globaldugunsalonu.de/js/cubeportfolio/cubeportfolio.min.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (756), with CRLF line terminators
Hash d07afc4c2c06c1cd5023e7323ae8f081
ea34d919a2bea0be54480f61c90c876ab135b166
a29a1826b3e3c88c3aeb2317bbf3e18b3fe72787f76c7f69ee9b46ac906a63de
GET /js/cubeportfolio/cubeportfolio.min.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 85537
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-14e21"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/style/masterslider.css
136.243.20.96200 OK 58 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/style/masterslider.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 6d8d5b9259eecfb3cad5359f876455fa
ba93ddb5f3645c27883c1f257533716294294b20
9314f06b3521dd07dfb56771bded554678880bb4e74f5c4fdb6bd1f3ba2d4156
GET /js/masterslider/style/masterslider.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 57702
last-modified: Wed, 27 Nov 2019 11:38:42 GMT
etag: "5dde6042-e166"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/Simple-Line-Icons-Webfont/simple-line-icons.css
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/css/Simple-Line-Icons-Webfont/simple-line-icons.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2600), with CRLF line terminators
Hash 925397028c82f9becaaf576dc7034acb
9d989ac7ef95dac8cbfb3b8ae837d92093809e8c
bb1b54f441f134201c3495fcb8a28ae197861429237dc3ea62ca25d87e7037d3
GET /css/Simple-Line-Icons-Webfont/simple-line-icons.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 11557
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-2d25"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/et-line-font/et-line-font.css
136.243.20.96200 OK 7.4 kB URL HTTP/2 globaldugunsalonu.de/css/et-line-font/et-line-font.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1512), with CRLF line terminators
Hash 6cd6db7ff6e40c7868819acc1290b782
32dd750f8243e419e645d7566ee9824132ea8dbd
88724d0da8e1aa54c7446dbfed47b54043dd7e298132bed2f9f120f811eba78c
GET /css/et-line-font/et-line-font.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 7395
last-modified: Thu, 01 Jun 2017 20:22:34 GMT
etag: "5930778a-1ce3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/owl-carousel/owl.carousel.css
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/js/owl-carousel/owl.carousel.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash d39643e9ac5bde4257e4fb947c81d690
ee89b09974f7da4426d3e0fb372934fdd1cd11ae
09396b8514566fe0ba5418240609d9926062281781b3928aa10f508c766f3ce7
GET /js/owl-carousel/owl.carousel.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 12024
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "5930779c-2ef8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/colors/lightblue.css
136.243.20.96200 OK 1.0 kB URL HTTP/2 globaldugunsalonu.de/css/colors/lightblue.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type assembler source, ASCII text, with CRLF line terminators
Hash 4e7b5e6b0938549c311f12fdc9400a4a
a8b1bf27dc00ebf71d0c69aaf6044c03b9db746b
3742c2f8ef88e0a0f6e8739a198af7ecd07430e3fa4cc820c54592035cc7eba5
GET /css/colors/lightblue.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 1026
last-modified: Wed, 27 Nov 2019 11:38:42 GMT
etag: "5dde6042-402"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.167.231.108101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.231.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DA6pzTdSmthZ4HRcsQWTfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I5QVN2+g9EZPvPagqYV67Sv2q+8=
globaldugunsalonu.de/css/layouts.css
136.243.20.96200 OK 120 kB URL HTTP/2 globaldugunsalonu.de/css/layouts.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Size 120 kB (119517 bytes)
Hash 1851046babce23f284c7f27afc9473c9
f09dc0152e076efda08b6e30d303481b992d1bfb
740cd5dd38b6c904786773cfa13d947626a410c1af39b902474695a37575a48a
GET /css/layouts.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 119517
last-modified: Thu, 01 Jun 2017 20:22:30 GMT
etag: "59307786-1d2dd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/css/default.css
136.243.20.96200 OK 115 kB URL HTTP/2 globaldugunsalonu.de/css/default.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type assembler source, ASCII text, with CRLF line terminators
Size 115 kB (115436 bytes)
Hash 5bf879b47cea36a123803085ee3dad06
8be83a3949f0ab63d6ef128bbd1b7391b06c0d18
b0d9701cc9ec12f29f1a5ed8c3570cda2b9e2db3db3e99e67c8e4871f51f13e6
GET /css/default.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 115436
last-modified: Wed, 27 Nov 2019 11:32:14 GMT
etag: "5dde5ebe-1c2ec"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/smart-forms/smart-forms.css
136.243.20.96200 OK 70 kB URL HTTP/2 globaldugunsalonu.de/js/smart-forms/smart-forms.css
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 7b7a5ca9fec882ea60ebf9db7be92a95
525fd5da21af1a8f3f85c0b1c0864ef49238bb1c
17af6a7ba1e4f4bcef24c616b049c9688839025270a344267a272f6cfe0bb814
GET /js/smart-forms/smart-forms.css HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: text/css
content-length: 69879
last-modified: Thu, 01 Jun 2017 20:22:54 GMT
etag: "5930779e-110f7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/bootstrap/bootstrap.min.js
136.243.20.96200 OK 36 kB URL HTTP/2 globaldugunsalonu.de/js/bootstrap/bootstrap.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32025), with CRLF line terminators
Hash 1ae0e64754a542cbea996dec63c326fd
e2ddfe5a574c29f39b511aada1bd85e0ba60fa70
6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap/bootstrap.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: application/javascript
content-length: 35957
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-8c75"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/cubeportfolio/jquery.cubeportfolio.min.js
136.243.20.96200 OK 56 kB URL HTTP/2 globaldugunsalonu.de/js/cubeportfolio/jquery.cubeportfolio.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32009), with CRLF line terminators
Hash 495a1f7432c2ad83f2a974ce94c0af34
726cc50171d95900845a1cbb83a3ee32cbc6b2e6
a7e9173a6c34a1666270c955d98f28654937df350ac78de8844ede9e734aa230
Analyzer Verdict Alert fortinet Phishing
GET /js/cubeportfolio/jquery.cubeportfolio.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: application/javascript
content-length: 55640
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-d958"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/cubeportfolio/main2.js
136.243.20.96200 OK 1.9 kB URL HTTP/2 globaldugunsalonu.de/js/cubeportfolio/main2.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash e4c60b53a738e14ab8ae43eae58b6084
23b154b1ae8e3c5d7567a3dd55181289912c657e
0269c82aa36c2b6956f0fccb9d2f374313368fc588a83b463e0d1a9a1ecc3832
Analyzer Verdict Alert fortinet Phishing
GET /js/cubeportfolio/main2.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: application/javascript
content-length: 1933
last-modified: Thu, 01 Jun 2017 20:22:48 GMT
etag: "59307798-78d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/jquery.easing.min.js
136.243.20.96200 OK 7.0 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/jquery.easing.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (3524), with CRLF line terminators
Hash 921bcb1f5a81945e66f5db4f3e714813
f1f69c73577a78b57ffdad42ea63cda8e318d7b5
e6c2814936ac13f206f1e09255f75d3faafbb29bddbe22e93fd6464f817ca49e
Analyzer Verdict Alert fortinet Phishing
GET /js/masterslider/jquery.easing.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 7035
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-1b7b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/mainmenu/customeUI.js
136.243.20.96200 OK 2.2 kB URL HTTP/2 globaldugunsalonu.de/js/mainmenu/customeUI.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 6636030ec6d9104a8c56f51a7700cbe7
289116cf7dfeffcae8d9ae256aa6e514dabc8ae7
e7e3ca7a9f8eab3f55030ba7659d00d4ef44db41161bed6fbc9961c54dd24b6a
Analyzer Verdict Alert fortinet Phishing
GET /js/mainmenu/customeUI.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 2224
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-8b0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/owl-carousel/owl.carousel.js
136.243.20.96200 OK 54 kB URL HTTP/2 globaldugunsalonu.de/js/owl-carousel/owl.carousel.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash b6d84ff48712a3cfb6eaf2d1fdfcaad4
e45d0c9898cacea360a19035c6956b3271f53621
c56a75dc2b5875e9e1fcbd06c6bb6f4fc11435128e08772155e52f97233264a6
Analyzer Verdict Alert fortinet Phishing
GET /js/owl-carousel/owl.carousel.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 54413
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "5930779c-d48d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/owl-carousel/custom.js
136.243.20.96200 OK 5.3 kB URL HTTP/2 globaldugunsalonu.de/js/owl-carousel/custom.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash f97aeafd6e6683b5920aa5a839bbef9f
320a390ddfee190bcfbea61a055d6454919cc06e
f4147bd05994fa64bf40f647f9ba48f35ece1f3d5b18be75e7ead15c442db40f
Analyzer Verdict Alert fortinet Phishing
GET /js/owl-carousel/custom.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 5341
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "5930779c-14dd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/scrolltotop/totop.js
136.243.20.96200 OK 230 B URL HTTP/2 globaldugunsalonu.de/js/scrolltotop/totop.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 477a943069f55f1ca1dc5dfe8d382019
d3b473a9954eed11bbe770e2f08f2af1434d1535
ae83f5984385e02c01f5bd8a08bf61b3bdd954692b8a1c6b8737aca63e6bd229
Analyzer Verdict Alert fortinet Phishing
GET /js/scrolltotop/totop.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 230
x-accel-version: 0.01
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "160-550ebcd181f00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/mainmenu/jquery.sticky.js
136.243.20.96200 OK 7.4 kB URL HTTP/2 globaldugunsalonu.de/js/mainmenu/jquery.sticky.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash df5375f96ba10f79b785b111f6281931
66d903c92952cbef54d3ba47ffd5590fac7be68d
43a24608e742c8adc12bc142cdbe6c8838100b1b507e954ab9965c8059896cf7
Analyzer Verdict Alert fortinet Phishing
GET /js/mainmenu/jquery.sticky.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 7389
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-1cdd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/flag-tr.png
136.243.20.96200 OK 1.3 kB URL HTTP/2 globaldugunsalonu.de/images/flag-tr.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 14 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash a93c4aed5b49b8df9c4055762374a3b3
1f93d39c2274024a3975454e472b8838ae30b316
c29eb1bc60c23ad4445292115d4404ab7394f92074b986631e8b3a669d130d63
GET /images/flag-tr.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: image/png
content-length: 1274
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-4fa"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/200.png
136.243.20.96200 OK 5.8 kB URL HTTP/2 globaldugunsalonu.de/images/200.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 95 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash acc853f85d7577a0d1600daa2449e9b5
5aaa4fb2cded1561fa7a7ab424bf76b98c625de3
8a72462d40b47c63635935571ad75d69255f7b008dbfa60051829ac27112c949
GET /images/200.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: image/png
content-length: 5788
last-modified: Wed, 27 Nov 2019 11:07:54 GMT
etag: "5dde590a-169c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/flag-de.png
136.243.20.96200 OK 234 B URL HTTP/2 globaldugunsalonu.de/images/flag-de.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 14 x 11, 8-bit colormap, non-interlaced\012- data
Hash 628bd5af0b8f7b5d7003cdbe1bebd0b5
b5bd1004116018153a0ae40d70feb00994e3e37b
bb2996dc15c669cd78048de2f00cb13bb0ddb9fe9abe4a0c5271ca5f3ce4a713
GET /images/flag-de.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: image/png
content-length: 234
x-accel-version: 0.01
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "ea-550ebcc9e0d00"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/blank.gif
136.243.20.96200 OK 43 B URL HTTP/2 globaldugunsalonu.de/js/masterslider/blank.gif
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /js/masterslider/blank.gif HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: image/gif
content-length: 43
x-accel-version: 0.01
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "2b-550ebccf99a80"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Dugun-Salonu.jpg
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/images/Dugun-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=@foto, design & projects mbu], progressive, precision 8, 263x175, components 3\012- data
Hash d2b9c0fdd6de5f209d73ec416641b9a8
3227c4c98fe1f07cc966bb10e341c03ffa6e40ee
b6f77172bcdf7d0758963838940d8e6c6228e048fc54c90ec98fda083f2d660b
GET /images/Dugun-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: image/jpeg
content-length: 11863
last-modified: Thu, 01 Jun 2017 20:22:46 GMT
etag: "59307796-2e57"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Nisan-Salonu.jpg
136.243.20.96200 OK 12 kB URL HTTP/2 globaldugunsalonu.de/images/Nisan-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 263x175, components 3\012- data
Hash 1eba475ffd83afe232fae9b37ca110cf
d09f809dad48d8e10030f66fec9687a86c0cd043
023a8d52e3097840413ff8e81b634baee6d5b9a673ceff8a711703847ac2110e
GET /images/Nisan-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: image/jpeg
content-length: 12013
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-2eed"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Kina-Salonu.jpg
136.243.20.96200 OK 11 kB URL HTTP/2 globaldugunsalonu.de/images/Kina-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 263x176, components 3\012- data
Hash ec9c5f186ef81bc56c856fd3a527d709
84403684285b7f8d40060291d9c3b3ee1834b4b6
09b0e575a4e168b539682de1df59bf198071172cd5ca03403625a3580c62f182
GET /images/Kina-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: image/jpeg
content-length: 11363
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-2c63"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Sunnet-Salonu.jpg
136.243.20.96200 OK 9.6 kB URL HTTP/2 globaldugunsalonu.de/images/Sunnet-Salonu.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 263x176, components 3\012- data
Hash 6f4baa96f78a50b17de5d5caf82f295d
b895ebd56849959cc5c2f52dba7f56b2d81ecdd5
5de79d9beb6653fffdf654fbfd408de962bb022beefa7abac1ee24cd4a0f07ca
GET /images/Sunnet-Salonu.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: image/jpeg
content-length: 9637
last-modified: Thu, 01 Jun 2017 20:22:44 GMT
etag: "59307794-25a5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/talip.jpg
136.243.20.96200 OK 34 kB URL HTTP/2 globaldugunsalonu.de/images/talip.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 700x175, components 3\012- data
Hash 77488536204ace7c327b8467e798097d
2cc2e1bebe0567bfddb6843712d3653add51f8cc
052ba4ed4ad10ad4ec5231f68f6870a176902dd61edbf2311ab578f8d1ff773d
GET /images/talip.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: image/jpeg
content-length: 34303
last-modified: Sun, 22 Sep 2019 09:50:44 GMT
etag: "5d8743f4-85ff"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/smart-forms/jquery.form.min.js
136.243.20.96200 OK 15 kB URL HTTP/2 globaldugunsalonu.de/js/smart-forms/jquery.form.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (14900), with CRLF line terminators
Hash c96241e183012fd2646c4d6917155168
98a92639a7de79a392c60b56e090e504071bc1f8
27e9042e0cd29ac1e29332d3a88a1aa1bc84fb912ac5b14ced66d8f5e6890938
Analyzer Verdict Alert fortinet Phishing
GET /js/smart-forms/jquery.form.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 15258
last-modified: Thu, 01 Jun 2017 20:22:54 GMT
etag: "5930779e-3b9a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/smart-forms/jquery.validate.min.js
136.243.20.96200 OK 22 kB URL HTTP/2 globaldugunsalonu.de/js/smart-forms/jquery.validate.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (21445), with CRLF line terminators
Hash a3601786b7ee8fa301939c8fd4f9cba6
969fd5d7bef5559b6ffd8ea477d4e7ba732f55af
af39c945f12c4e06595178be35788c26086ef65ff070326126ad00cba7e5b1b0
Analyzer Verdict Alert fortinet Phishing
GET /js/smart-forms/jquery.validate.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 21587
last-modified: Thu, 01 Jun 2017 20:22:54 GMT
etag: "5930779e-5453"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/smart-forms/additional-methods.min.js
136.243.20.96200 OK 16 kB URL HTTP/2 globaldugunsalonu.de/js/smart-forms/additional-methods.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (16269), with CRLF line terminators
Hash daeaf2389ee5b79d04e35c8321c604c8
600388221f35c8bea790952881d90320f71d0286
e0bc6d8a48c3f364d5edf6eb3da74eb070dcb087fe6051400331d644abdcd9c3
Analyzer Verdict Alert fortinet Phishing
GET /js/smart-forms/additional-methods.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 16418
last-modified: Thu, 01 Jun 2017 20:22:54 GMT
etag: "5930779e-4022"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/smart-forms/smart-form.js
136.243.20.96200 OK 3.6 kB URL HTTP/2 globaldugunsalonu.de/js/smart-forms/smart-form.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
Hash 01db552dbb48920a22c99b93347072ce
dd2d025cb0be90c4ef4e4d76c862f0f8adfbd35b
0bd69177a36fe7c9274926867ccb81ae506d209fbcf2444562116aad518b6adb
Analyzer Verdict Alert fortinet Phishing
GET /js/smart-forms/smart-form.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 3647
last-modified: Sun, 03 Jun 2018 00:03:48 GMT
etag: "5b133064-e3f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/masterslider.min.js
136.243.20.96200 OK 156 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/masterslider.min.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (32107), with CRLF line terminators
Size 156 kB (155627 bytes)
Hash 5c55233c2742fb590ea9dd2003720c7b
865a2cc6885cf1acc985ccb3aa720a579322eefb
b0ffacac7cb2113c2d5bacd89163b9b10bf4beaed7552673048b646540845151
Analyzer Verdict Alert fortinet Phishing
GET /js/masterslider/masterslider.min.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 155627
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-25feb"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/universal/jquery.js
136.243.20.96200 OK 84 kB URL HTTP/2 globaldugunsalonu.de/js/universal/jquery.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32180), with CRLF line terminators
Hash 86d5206af37b6bcea4d24b54336eee6b
17a740d68a1c330876c198b6a4d9319f379f3af2
aa73d1e53f493e06f442ff045a58e3e1c85068e43e9003367f90b3ea9aa4c464
Analyzer Verdict Alert fortinet Phishing
GET /js/universal/jquery.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:37 GMT
content-type: application/javascript
content-length: 84324
last-modified: Thu, 01 Jun 2017 20:22:56 GMT
etag: "593077a0-14964"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/scripts/functions.js
136.243.20.96200 OK 1.4 kB URL HTTP/2 globaldugunsalonu.de/js/scripts/functions.js
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 185625c21ad398aac0bd3a612f8d4db8
cd28a37edf501c11d5d76e9f0d8fff8c2ea8f1e4
8c7cde44bee5610f37960477fb36a62a708e1bc548cb5c7f240daa9a62c2a592
Analyzer Verdict Alert fortinet Phishing
GET /js/scripts/functions.js HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: application/javascript
content-length: 1399
last-modified: Thu, 01 Jun 2017 20:22:52 GMT
etag: "5930779c-577"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US®ion=de&callback=onApiLoad
142.250.74.42200 OK 57 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US®ion=de&callback=onApiLoad
IP 142.250.74.42:0
File type ASCII text, with very long lines (2468)
Hash 021d463fcfd56589baaab437e958a13f
1f28e64ce1fdcd007aecb97203e93d51d97c7d26
c53b778969162b3dd1ddec65a79ddfceefbaf7ee0aaa5be4533bc2e0d0dbbd45
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US®ion=de&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56575
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=13
date: Thu, 06 Oct 2022 02:48:50 GMT
expires: Thu, 06 Oct 2022 03:18:50 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 397300
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 00:48:31 GMT
expires: Sat, 30 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 525907
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 431083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:21 GMT
expires: Thu, 05 Oct 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 26357
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:57:58 GMT
expires: Tue, 03 Oct 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 201340
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 26370
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 26370
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:35:48 GMT
expires: Thu, 05 Oct 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 26270
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
globaldugunsalonu.de/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
136.243.20.96200 OK 57 kB URL HTTP/2 globaldugunsalonu.de/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Analyzer Verdict Alert fortinet Phishing
GET /css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://globaldugunsalonu.de/css/font-awesome/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: font/woff2
content-length: 56780
last-modified: Thu, 01 Jun 2017 20:22:34 GMT
etag: "5930778a-ddcc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/Global_DUGUN_NISAN_KINA_SUNNET_SALONU.jpg
136.243.20.96200 OK 258 kB URL HTTP/2 globaldugunsalonu.de/images/Global_DUGUN_NISAN_KINA_SUNNET_SALONU.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x640, components 3\012- data
Size 258 kB (257883 bytes)
Hash a958699549e3c92431bcf4ab53786b6c
4b13a08de0199cfab78f32a918f2bd3737cf5ec7
eae93ba8f67e397c23e0c4bf19c75409d731453d2e93bcaa666ae99f1c5761a7
GET /images/Global_DUGUN_NISAN_KINA_SUNNET_SALONU.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/css/layouts.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: image/jpeg
content-length: 257883
last-modified: Thu, 01 Jun 2017 20:22:46 GMT
etag: "59307796-3ef5b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/style/loading-2.gif
136.243.20.96200 OK 2.7 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/style/loading-2.gif
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 32 x 32\012- data
Hash 214f3c5ef3de8b01b2fe67da6ccfc7e7
e3839756e2515361eb5bedaed9919d4ca53f7b8f
014e4b61c8d6dbafa792dbccb03d65d38675a32a8bde54f45a6e00b6805dd57a
GET /js/masterslider/style/loading-2.gif HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/js/masterslider/style/masterslider.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: image/gif
content-length: 2707
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-a93"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/js/masterslider/style/light-skin-1.png
136.243.20.96200 OK 4.3 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/style/light-skin-1.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 152 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash a3a5c82f953a4a05e52f906dc41feec8
7c8acef254914991154acdfe9c389308d2653187
0ffe16667a16b259f9e27c8bb6726f7e6c63750d5276aa3a02009d823030cb37
GET /js/masterslider/style/light-skin-1.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/js/masterslider/style/masterslider.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: image/png
content-length: 4267
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-10ab"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/slide3.jpg
136.243.20.96200 OK 93 kB URL HTTP/2 globaldugunsalonu.de/images/slide3.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=Paint.NET v3.5.11], baseline, precision 8, 1913x871, components 3\012- data
Hash 67e60c1efc81a1fc53a9b027f8dd8ae3
eedb58857bc7b729b1e99e0a8d9dfbc1cdb65ba4
d23a0f861aaa18eff168e086260d5f4af3f1cbc8cae40a02b97bcdf6aa42269b
GET /images/slide3.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: image/jpeg
content-length: 93234
last-modified: Wed, 27 Feb 2019 12:18:38 GMT
etag: "5c76801e-16c32"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
globaldugunsalonu.de/favicon.ico
136.243.20.96200 OK 1.2 kB URL HTTP/2 globaldugunsalonu.de/favicon.ico
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash dc55ecf113542a196690a4bc6925bb09
fba6f74de96439f98275661592d4c7fb33be6530
1ac141ecb060bc919fc4e969818215614d478aa358039f610c79853c73ce73f4
GET /favicon.ico HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Wed, 27 Nov 2019 12:08:42 GMT
etag: "5dde674a-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3791fae35fa0754166a153c17b4d33c
2416c0ebeb59a5dbb874c88a747242fa03e32bb6
6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1400
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:38 GMT
Last-Modified: Thu, 06 Oct 2022 02:30:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
globaldugunsalonu.de/js/masterslider/style/grab.png
136.243.20.96200 OK 2.9 kB URL HTTP/2 globaldugunsalonu.de/js/masterslider/style/grab.png
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash e659367c40a35b37ae64231785e70f68
d6a7b62e802d2a64d5132181997fd0da025b2500
6fce3743627cd0d4f89b035ae2fc9ea6bd3a569cc5ad12eeb977743e19f43c2c
GET /js/masterslider/style/grab.png HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/js/masterslider/style/masterslider.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: image/png
content-length: 2893
last-modified: Thu, 01 Jun 2017 20:22:50 GMT
etag: "5930779a-b4d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
connect.facebook.net/de_DE/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/de_DE/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash d5075198ee642d421ab46604b96dd423
5b12c06f5b976066ea68dd0da7a76dc8bf82f29f
b30ce0a83fa129f01a2e600f87ba4e75fb788415d3e1b7ee6e5f06c40119f4f6
GET /de_DE/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: fe2b9c172cd6781b0a52e0565ddb2193
etag: "168f27fa5a0b5585ccaaddaf35ccb2a1"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 06 Oct 2022 03:09:26 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 1QdRmO5kLUIatGYEuW3UIw==
x-fb-debug: FRRancNOAH3Zp0OWfHLshuT6JDeqYYpAZfeJch2vpy+0n7T9+u/Vf2iTuqFn2zPU7Hb3GXAMFB8/IzzChJbMqA==
content-length: 1684
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 02:53:38 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.42200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.42:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 06 Oct 2022 02:53:38 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/50/8/init_embed.js
142.250.74.163200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/8/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash 138be41e120e3cc80ab8eb02a2607f96
6fd6da61dbb2ff9d894ba9bcd1c5b3b3ccf36f71
f13fe4c3fd6b55f59ccf0ce2a234043203e9ebdf92c097ba81dff2fb3d4c1393
GET /maps-api-v3/embed/js/50/8/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68697
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 16:37:59 GMT
expires: Thu, 05 Oct 2023 16:37:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 03 Oct 2022 19:56:10 GMT
content-type: text/javascript
age: 36939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3791fae35fa0754166a153c17b4d33c
2416c0ebeb59a5dbb874c88a747242fa03e32bb6
6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1400
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:38 GMT
Last-Modified: Thu, 06 Oct 2022 02:30:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0000189b493ced4e64cff3a718386e1b
623284308d1fe2436f288827645701d83e98071d
fe169a1d69d9d43bd4c85760ccbf821bb0d704d1c9a089f890ed24d2ed53e958
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 06 Oct 2022 02:53:38 GMT
server: ESF
cache-control: private
content-length: 30980
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/de_DE/sdk.js?hash=92e7188bacc3afc6df6fdd7de2f5d6da
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/de_DE/sdk.js?hash=92e7188bacc3afc6df6fdd7de2f5d6da
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash c07cb341d3a082717f96e435fd2f7a80
241e46a9f7f4be4f2335d9520743b7445ff36e5d
73e64518ec78cd78f8a521eb865477aa3c023d959446c866f45de2b0b26e48d1
GET /de_DE/sdk.js?hash=92e7188bacc3afc6df6fdd7de2f5d6da HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://globaldugunsalonu.de
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 25e7ebb065bc028fa214f1d4c0647c81
etag: "50ed41e4b858d94a4257d95044c2ad7d"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 06 Oct 2023 00:38:26 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: wHyzQdOggnF/luQ1/S96gA==
x-fb-debug: Snk4A4tleUrj7rrXdtZyRry/F81gIx9NQXT0yIT5lcmJfU+TKNHlhliY3QH4gKeW9xOV49CCf/VwtFQcQa4/tg==
content-length: 87004
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 02:53:38 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu_gwn-1wXS4PcrEEq17um1B10UutRWUw4sVKw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.3 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_gwn-1wXS4PcrEEq17um1B10UutRWUw4sVKw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 2b61ca2ae20ff40e80518a8c71513069
29c273d1eb97a35acb263a65715549b48f1f3bdf
5b2fee1f1005cabf52d07e6ffc13dfed78ee6500bb02d467037128580b8ad5fb
GET /ytc/AMLnZu_gwn-1wXS4PcrEEq17um1B10UutRWUw4sVKw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 07 Oct 2022 02:53:39 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 02:53:39 GMT
server: fife
content-length: 1322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3705
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 02:53:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3705
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 02:53:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3705
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 02:53:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 82050
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a508ac9cd743bec987b2a24454418265
8c7ecefe6908387e2128dc849a6ba857991ba0ab
afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
content-type: image/jpeg
age: 18000
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
globaldugunsalonu.de/images/GlobalDugunSalonu_slid2.jpg
136.243.20.96200 OK 224 kB URL HTTP/2 globaldugunsalonu.de/images/GlobalDugunSalonu_slid2.jpg
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x640, components 3\012- data
Size 224 kB (223967 bytes)
Hash 379ff0f33dd249c8e7c62b4077242cf8
2f8470e82937757456c0378a61c4d45a765258f9
feab276e1f8ae02f7938fe12e2f907becbb7fb5ee507c653e61d2bfbb74e0811
GET /images/GlobalDugunSalonu_slid2.jpg HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:53:39 GMT
content-type: image/jpeg
content-length: 223967
last-modified: Thu, 01 Jun 2017 20:22:46 GMT
etag: "59307796-36adf"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:39:28 GMT
age: 18851
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d101e6535dfc8ea8c193d3e97c07e1d
d839f3aa41455d818da9a794b0688b1144b3a03a
d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:18 GMT
age: 17061
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af17f003b33d854fd024dcd3980fea27
1282572af57f7d04cae3f736a9b9fcb378efdf70
5e0112558b9196f1025a354f4b69fb02321d9a345c2d302e523001a56b51cc31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12156
x-amzn-requestid: 0640ef42-f082-43cb-9fbb-ba509f7ec1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZXYcIFhmIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63393ab3-2fbc1cf648993ee1346ec9b2;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 07:16:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LZZWZlT3DnlbEyrOaNR-emsGas3uCB6VaQYdTQ76-W0XL7_Yq3BAJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 13:09:19 GMT
age: 49460
etag: "1282572af57f7d04cae3f736a9b9fcb378efdf70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 746e3c38e01d58e6fa0728798221a830
b19dd1d42995ea4242505b152e77835442341581
c524a2e7e29690030b7402077f711e643674c8f42de071214f3909b447fb1e3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6933
x-amzn-requestid: aa50b0cd-e931-49a9-bce3-00366738aea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtNGKPoAMF6UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df987-77a4f8306103dcdf3de7d1fd;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:19 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: aRwLcesGtAJ-M6BLPyzdprcMh8tvcxVH6AOG2LJc8aSYLR0BR9WAwg==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:09 GMT
etag: "b19dd1d42995ea4242505b152e77835442341581"
content-type: image/jpeg
age: 17070
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9e961da259210d028bb507eb7583dc56
f06d209e1a4f7a9e2df0652f60bb2265eb559c53
d89228f5a19e5700feb397cebf7e4ad370b1f546dee6ef215dc5e5fdf4eeb118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fcf303766d476a80c0bb7affc5757ccf
3f4162c56c5553a570589e1c5e4e23f32f2a1746
1484252c9a448975f91b74b730e9d617881916913f70455bf328b9c78391e3b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1800000&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=video%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&mt=1665024304&fvip=4&keepalive=yes&fexp=24001373%2C24007246&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALMSd9RVMoa7ZXf2udSOX2wd0h8lCo37AaXe1rXHtTSEAiBBraOAwqYsIFGO8HUkBLbtlE0XellLv4-JnmM-aKs-Yg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQGyQBr0uudQ_5U-3bvnQ0dHP8BV91HDHsWPw7LgBmfQCIEAR6v4Ljzp9hNye9Jxjczd88Vny5ioUHu8WZIxaeaSx&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&sq=0&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1800000&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=video%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&mt=1665024304&fvip=4&keepalive=yes&fexp=24001373%2C24007246&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALMSd9RVMoa7ZXf2udSOX2wd0h8lCo37AaXe1rXHtTSEAiBBraOAwqYsIFGO8HUkBLbtlE0XellLv4-JnmM-aKs-Yg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQGyQBr0uudQ_5U-3bvnQ0dHP8BV91HDHsWPw7LgBmfQCIEAR6v4Ljzp9hNye9Jxjczd88Vny5ioUHu8WZIxaeaSx&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&sq=0&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1093), with no line terminators
Hash 07a05dd385e68b016b8c25e45ddcda68
929d680ad4324556d6be6bd5b11400c4122fe14e
e2b322308f433196fbbd76004ea9dfa271c32878ee0dda9d79ed4e5fba30db57
GET /videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1800000&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=video%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&mt=1665024304&fvip=4&keepalive=yes&fexp=24001373%2C24007246&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALMSd9RVMoa7ZXf2udSOX2wd0h8lCo37AaXe1rXHtTSEAiBBraOAwqYsIFGO8HUkBLbtlE0XellLv4-JnmM-aKs-Yg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQGyQBr0uudQ_5U-3bvnQ0dHP8BV91HDHsWPw7LgBmfQCIEAR6v4Ljzp9hNye9Jxjczd88Vny5ioUHu8WZIxaeaSx&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 06 Oct 2022 02:53:39 GMT
Expires: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1093
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1800000&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=audio%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1665024304&fvip=4&keepalive=yes&fexp=24001373%2C24007246&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgV38tKOWzVrJ3-qIMm71Y0NFY984V-2SIP9V_wsknlqkCIQDETsn96RhHHKm5pu9HGtM1JIbnf6ISLyjDf1uL6Tr_5A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQGyQBr0uudQ_5U-3bvnQ0dHP8BV91HDHsWPw7LgBmfQCIEAR6v4Ljzp9hNye9Jxjczd88Vny5ioUHu8WZIxaeaSx&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&range=0-66352&rn=2&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1800000&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=audio%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1665024304&fvip=4&keepalive=yes&fexp=24001373%2C24007246&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgV38tKOWzVrJ3-qIMm71Y0NFY984V-2SIP9V_wsknlqkCIQDETsn96RhHHKm5pu9HGtM1JIbnf6ISLyjDf1uL6Tr_5A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQGyQBr0uudQ_5U-3bvnQ0dHP8BV91HDHsWPw7LgBmfQCIEAR6v4Ljzp9hNye9Jxjczd88Vny5ioUHu8WZIxaeaSx&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&range=0-66352&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1056), with no line terminators
Hash 42a14464ed5d2b249d7f5eee51c109c8
6638102fe1a5d843e36c113599a028e13507c15c
05f64bcb62ddc596477dd3d637436dd2d7576242dcc578c1415394d2acc93e4f
GET /videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=251&source=youtube&requiressl=yes&mh=5g&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1800000&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=audio%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&mt=1665024304&fvip=4&keepalive=yes&fexp=24001373%2C24007246&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgV38tKOWzVrJ3-qIMm71Y0NFY984V-2SIP9V_wsknlqkCIQDETsn96RhHHKm5pu9HGtM1JIbnf6ISLyjDf1uL6Tr_5A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgQGyQBr0uudQ_5U-3bvnQ0dHP8BV91HDHsWPw7LgBmfQCIEAR6v4Ljzp9hNye9Jxjczd88Vny5ioUHu8WZIxaeaSx&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&range=0-66352&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 06 Oct 2022 02:53:39 GMT
Expires: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1056
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fcf303766d476a80c0bb7affc5757ccf
3f4162c56c5553a570589e1c5e4e23f32f2a1746
1484252c9a448975f91b74b730e9d617881916913f70455bf328b9c78391e3b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a7b0171100e64adfbc2c025e52d695f1
8eeeabf4b27c6f1dadc4bfb9dbcea9c453c45b38
ce4a99f292100b06ebd1ddc18806e8622de2c4ead0963b0cb89c8e0a1735cfe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a7b0171100e64adfbc2c025e52d695f1
8eeeabf4b27c6f1dadc4bfb9dbcea9c453c45b38
ce4a99f292100b06ebd1ddc18806e8622de2c4ead0963b0cb89c8e0a1735cfe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr4---sn-5go7ynez.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=video%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALMSd9RVMoa7ZXf2udSOX2wd0h8lCo37AaXe1rXHtTSEAiBBraOAwqYsIFGO8HUkBLbtlE0XellLv4-JnmM-aKs-Yg%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5go7ynez&ms=rdu&mt=1665024540&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaqDef09OPhfOd13mVhDBNa9wEEJAPDBjJbiAADwh9GoCICWZPdz-PwXGsgDKeQixV4enLOUg5HsHeKsXAI4plxLO&sq=0&rn=3&rbuf=0
173.194.163.90200 OK 1.1 kB URL HTTP/1.1 rr4---sn-5go7ynez.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=video%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALMSd9RVMoa7ZXf2udSOX2wd0h8lCo37AaXe1rXHtTSEAiBBraOAwqYsIFGO8HUkBLbtlE0XellLv4-JnmM-aKs-Yg%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5go7ynez&ms=rdu&mt=1665024540&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaqDef09OPhfOd13mVhDBNa9wEEJAPDBjJbiAADwh9GoCICWZPdz-PwXGsgDKeQixV4enLOUg5HsHeKsXAI4plxLO&sq=0&rn=3&rbuf=0
IP 173.194.163.90:0
File type ASCII text, with very long lines (1110), with no line terminators
Hash 421df8e1d0854459bf33098cb264d277
6ac463bfe1a9327b1002a968ec6cdb0efb2468e0
bcea3b0cbdbdbe2fc0f6d11944552c452bd321e19ce1075983ac608c54a01d4e
GET /videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=video%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALMSd9RVMoa7ZXf2udSOX2wd0h8lCo37AaXe1rXHtTSEAiBBraOAwqYsIFGO8HUkBLbtlE0XellLv4-JnmM-aKs-Yg%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5go7ynez&ms=rdu&mt=1665024540&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaqDef09OPhfOd13mVhDBNa9wEEJAPDBjJbiAADwh9GoCICWZPdz-PwXGsgDKeQixV4enLOUg5HsHeKsXAI4plxLO&sq=0&rn=3&rbuf=0 HTTP/1.1
Host: rr4---sn-5go7ynez.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 06 Oct 2022 02:53:39 GMT
Expires: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1110
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr4---sn-5go7ynez.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=251&source=youtube&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=audio%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgV38tKOWzVrJ3-qIMm71Y0NFY984V-2SIP9V_wsknlqkCIQDETsn96RhHHKm5pu9HGtM1JIbnf6ISLyjDf1uL6Tr_5A%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5go7ynez&ms=rdu&mt=1665024540&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOWOxdLo5kS6kRL8yjT8qWv8gXsdc02iWkAjN2Wpm6DKAiB8VDf9WGf87uusGObE1nogPWV-OMNYbpMca3NSObpcwA%3D%3D&range=0-66352&rn=4&rbuf=0
173.194.163.90200 OK 1.1 kB URL HTTP/1.1 rr4---sn-5go7ynez.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=251&source=youtube&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=audio%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgV38tKOWzVrJ3-qIMm71Y0NFY984V-2SIP9V_wsknlqkCIQDETsn96RhHHKm5pu9HGtM1JIbnf6ISLyjDf1uL6Tr_5A%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5go7ynez&ms=rdu&mt=1665024540&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOWOxdLo5kS6kRL8yjT8qWv8gXsdc02iWkAjN2Wpm6DKAiB8VDf9WGf87uusGObE1nogPWV-OMNYbpMca3NSObpcwA%3D%3D&range=0-66352&rn=4&rbuf=0
IP 173.194.163.90:0
File type ASCII text, with very long lines (1065), with no line terminators
Hash 8866ee3b4a733994de428268a7855c1e
7fb42d65f344cabf582b3f0e66b2a6accb17b60d
f78a53373066a9c33743a2f4247900a7b7d2f8aab5c38f8d377ea9ed9feca976
GET /videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=251&source=youtube&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=audio%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgV38tKOWzVrJ3-qIMm71Y0NFY984V-2SIP9V_wsknlqkCIQDETsn96RhHHKm5pu9HGtM1JIbnf6ISLyjDf1uL6Tr_5A%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=5g&mm=29&mn=sn-5go7ynez&ms=rdu&mt=1665024540&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOWOxdLo5kS6kRL8yjT8qWv8gXsdc02iWkAjN2Wpm6DKAiB8VDf9WGf87uusGObE1nogPWV-OMNYbpMca3NSObpcwA%3D%3D&range=0-66352&rn=4&rbuf=0 HTTP/1.1
Host: rr4---sn-5go7ynez.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 06 Oct 2022 02:53:39 GMT
Expires: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1065
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a7b0171100e64adfbc2c025e52d695f1
8eeeabf4b27c6f1dadc4bfb9dbcea9c453c45b38
ce4a99f292100b06ebd1ddc18806e8622de2c4ead0963b0cb89c8e0a1735cfe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 130ee302a2d581b152c8beccdc64866e
41fba8278d61fd6638376868fbe50c752f858b44
5345486b353cd67707512700d28f5937d9ad53f23b590e82cb624f1e509c1943
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=251&source=youtube&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=audio%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgV38tKOWzVrJ3-qIMm71Y0NFY984V-2SIP9V_wsknlqkCIQDETsn96RhHHKm5pu9HGtM1JIbnf6ISLyjDf1uL6Tr_5A%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&cm2rm=sn-capm-vnae7l,sn-5goey7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1665024519&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANnB1_CzqvG4vfR49D10uxK9DncUmRzO1oZDPMye4LxJAiEA499hULr8ZR2h7ke4fhq0bD70kvvIIP-NeMotLoD6Tv0%3D&range=0-66352&rn=6&rbuf=0
172.217.132.138200 OK 66 kB URL HTTP/1.1 rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=251&source=youtube&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=audio%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgV38tKOWzVrJ3-qIMm71Y0NFY984V-2SIP9V_wsknlqkCIQDETsn96RhHHKm5pu9HGtM1JIbnf6ISLyjDf1uL6Tr_5A%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&cm2rm=sn-capm-vnae7l,sn-5goey7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1665024519&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANnB1_CzqvG4vfR49D10uxK9DncUmRzO1oZDPMye4LxJAiEA499hULr8ZR2h7ke4fhq0bD70kvvIIP-NeMotLoD6Tv0%3D&range=0-66352&rn=6&rbuf=0
IP 172.217.132.138:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash dfa219188e0fa46b73b7e3e950f391d6
636fd0700b7df3c6da23e28fa7d5a98260292063
297a398ea187d67b768347aaf89bed7c5ca05340133a9733d12ae6d62828b382
GET /videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=251&source=youtube&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=audio%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&gir=yes&clen=6490359&otfp=1&dur=321.921&lmt=1564303263692199&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgV38tKOWzVrJ3-qIMm71Y0NFY984V-2SIP9V_wsknlqkCIQDETsn96RhHHKm5pu9HGtM1JIbnf6ISLyjDf1uL6Tr_5A%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&cm2rm=sn-capm-vnae7l,sn-5goey7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1665024519&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANnB1_CzqvG4vfR49D10uxK9DncUmRzO1oZDPMye4LxJAiEA499hULr8ZR2h7ke4fhq0bD70kvvIIP-NeMotLoD6Tv0%3D&range=0-66352&rn=6&rbuf=0 HTTP/1.1
Host: rr5---sn-5hne6nzk.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Jul 2019 08:41:03 GMT
Content-Type: audio/webm
Date: Thu, 06 Oct 2022 02:53:39 GMT
Expires: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 66353
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 06 Oct 2022 02:53:39 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/81IGerHCy3Y/maxresdefault.webp
172.217.21.182200 OK 50 kB URL HTTP/2 i.ytimg.com/vi_webp/81IGerHCy3Y/maxresdefault.webp
IP 172.217.21.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0829d74baf74386dd15c5fda6d8f2828
b3b1e6aab17a7e12aa025728019e72a910795bbe
63df9b90841c136282afad5dd79b4f1f216108825b5dcc32a8e43098fe7ea4c2
GET /vi_webp/81IGerHCy3Y/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49686
date: Thu, 06 Oct 2022 02:53:39 GMT
expires: Thu, 06 Oct 2022 04:53:39 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/jmwFw7cFwXx.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/jmwFw7cFwXx.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4093)
Hash 41d7703b07edba4edf92d1f4f49af4c2
bab657ebb9062d102db8b7944bf1a9c67f8f35c3
6eb8123090b728466c3c6d0386d1aa9812093adb0fec10b88ea9995186916834
GET /rsrc.php/v3/yi/l/0,cross/jmwFw7cFwXx.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 05 Oct 2023 16:40:35 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QddwOwftuk7fktH09Jr0wg==
x-fb-debug: +KTqVyecixO46hYZgWtHk9Ea8duyzgSvOwlA70TJof3dapenHOjOxc+GTEDrtxXNTlreduXi6NGH6wEtSoQciw==
priority: u=2
content-length: 4828
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 02:53:39 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 01 Oct 2023 02:34:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: Mg7Nl07Xeql2UYYfQ6U/d1jn84nc3Q4LytEgVL7Xk+CBl4lQzTK7FILgs4ua4Ua/O6TCYVesBEj5iKDSf2WZUw==
content-length: 827
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 02:53:39 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d549d474d0821c2abdc2358e73aad47a
a6127162273290c04725fdab900a77e1beb329da
a2d4941bd892b5cc08ee590834c57e3465d82c3e733730f13246b3c488b2d149
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 852
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 06 Oct 2022 02:53:39 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dfa96565fba9a%26domain%3Dglobaldugunsalonu.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fglobaldugunsalonu.de%252Ff4c79aeb627db4%26relation%3Dparent.parent&container_width=263&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGlobal-Dugun-Salonu-Bischofsheim-220366597975552&locale=de_DE&sdk=joey&show_facepile=true&small_header=false&width=300
31.13.72.36200 OK 105 kB URL HTTP/2 www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dfa96565fba9a%26domain%3Dglobaldugunsalonu.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fglobaldugunsalonu.de%252Ff4c79aeb627db4%26relation%3Dparent.parent&container_width=263&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGlobal-Dugun-Salonu-Bischofsheim-220366597975552&locale=de_DE&sdk=joey&show_facepile=true&small_header=false&width=300
IP 31.13.72.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19655)
Size 105 kB (104974 bytes)
Hash 75d2ad7404bef2c24c2eddb2812b1682
9a253a324aa4f9c5878c9f1345d33f110a423c3b
e8fd2e45df4c751765be3c5596c71e849476cdefd082ac91cd17fad6541e5ea7
GET /v2.6/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dfa96565fba9a%26domain%3Dglobaldugunsalonu.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fglobaldugunsalonu.de%252Ff4c79aeb627db4%26relation%3Dparent.parent&container_width=263&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGlobal-Dugun-Salonu-Bischofsheim-220366597975552&locale=de_DE&sdk=joey&show_facepile=true&small_header=false&width=300 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 8HEx6TdIGXhK5JVQI6X4AMVYguf5Nza/Ge4S/dyaOn3iwmnYY6GB7bvZbUFa7aZuxZbTaXNzUzYCl8nIvR2NIw==
date: Thu, 06 Oct 2022 02:53:39 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yi/r/iiDbYMCPtB3.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/r/iiDbYMCPtB3.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1982)
Hash 533ff4519e2c7f77fac72ef04457f8f3
2df2b7ede2f719967e46649159d1068204ba11b3
2a960abb70d73b54902cb06087d6fdb584931d7759a838437560c266191c8cb4
GET /rsrc.php/v3/yi/r/iiDbYMCPtB3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Sep 2023 07:15:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Uz/0UZ4sf3f6xy7wRFf48w==
x-fb-debug: aDXKn+pbatKB5FH6OY3oX1n7+GvoWbD2oAhUknkAqpOfUF8ldWBh6JfJMXKyV52QOW69WkPAOfZ5OWZUL3sECA==
priority: u=3,i
content-length: 1657
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 02:53:39 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yh/r/WOLN5pzG8JN.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yh/r/WOLN5pzG8JN.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5540)
Hash ef22d2d8fd6a9cdb4561161a47734081
25109ce0f418e17988c3721d5e581e96820907ea
a989b62b6c180f71495b290aacebf65fd8305ddc468a16a4eee004a7f448c00d
GET /rsrc.php/v3/yh/r/WOLN5pzG8JN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 04 Oct 2023 07:24:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 7yLS2P1qnNtFYRYaR3NAgQ==
x-fb-debug: gExl4GJ8fFQaMeBJ5uHtMmGap0T9JZ3bR9YlE27Qd3s+p58p0NGOz/kFZ8PNMXLW1iHqhPhfQ5NiSm08lKSung==
content-length: 12270
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 02:53:39 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yU/r/q6VzhXzzuec.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yU/r/q6VzhXzzuec.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8258)
Hash bed6f1c97375602a8f8498010934286f
7b209330b2ddc87f0818681e7901a0945367c02c
bb35559f9d7e20bd535239de676ef530aece43abf2fa748ed1c9af4220297118
GET /rsrc.php/v3/yU/r/q6VzhXzzuec.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 04:48:13 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: vtbxyXN1YCqPhJgBCTQobw==
x-fb-debug: 8Pd1cRV6dx95GTudaHeGI5LZA2/bhGzvy3idl7RH6O0ZCAN8+x+BwBcdJLwJgUG+XVXKLpRMD+38mthuipKQKg==
content-length: 16189
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 02:53:39 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yC/l/de_DE/YJojGYumZIr.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iAxA4/yC/l/de_DE/YJojGYumZIr.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (42079)
Hash 571b73c2cc382b1f7434486e1a006f38
3c8c6eebd36d480d096657626473fc5279110ecf
41004e0b75ca31c9b9ee63581feb32f8b173c43bdfc1630b111ada21828bf2f2
GET /rsrc.php/v3iAxA4/yC/l/de_DE/YJojGYumZIr.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 05:07:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Vxtzwsw4Kx90NEhuGgBvOA==
x-fb-debug: tq29e+gQTNtibQ7Yy7i3ltLJjFGbj2WinDKCjxp5AX93mJu1O9UDU1V6DOeRfRroJ1ybmwgU15zA4betxjzcRw==
content-length: 23390
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 02:53:39 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 130ee302a2d581b152c8beccdc64866e
41fba8278d61fd6638376868fbe50c752f858b44
5345486b353cd67707512700d28f5937d9ad53f23b590e82cb624f1e509c1943
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
31.13.72.12200 OK 573 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
IP 31.13.72.12:0
File type PNG image data, 13 x 39, 8-bit colormap, non-interlaced\012- data
Hash d3b686ff6004b431d5019e4b51a8cc0d
34ec288bdcad2eada81c75960439bf60b95eb285
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
GET /rsrc.php/v3/yw/r/UXtr_j2Fwe-.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/jmwFw7cFwXx.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
expires: Sun, 01 Oct 2023 02:44:32 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: C5fkiTUStbiwj2viaGSQwSb8bdjHyT4h0r4dEZTtuNFkm3a4eIHBa3QCh+aUnJ37njYQkLXKn0wJjKS+DsRyyA==
priority: u=3,i
content-length: 573
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 02:53:40 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yV/r/1lYRIUv3fB9.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yV/r/1lYRIUv3fB9.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4059)
Hash e4f221c6642e6c519ca2462027a15712
6a7225c3221331d35773a252b6dbfb87f214b834
7eafaf8c19afe0e16ea9b18ee23cf0c7b391cfc4dd0fa2d52dd81f0f32348ada
GET /rsrc.php/v3/yV/r/1lYRIUv3fB9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Sep 2023 07:15:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5PIhxmQubFGcokYgJ6FXEg==
x-fb-debug: ch3RzVu63qNzJ7/QB4DTXCq/LUe9uNqEq4lZq6+4MIjIHS0EOpwGmrNtYa7NEz1aIrs7fgqLNLgks1GHtmWXAw==
content-length: 7237
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 02:53:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=video%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALMSd9RVMoa7ZXf2udSOX2wd0h8lCo37AaXe1rXHtTSEAiBBraOAwqYsIFGO8HUkBLbtlE0XellLv4-JnmM-aKs-Yg%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&cm2rm=sn-capm-vnae7l,sn-5goey7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1665024519&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANPPcSmfyyhqz64zz7ziCpMrhsd9TdsAnMWqeOQkQnvEAiBTIRYAYX8qB9K8pt9tigCDuWSqjEH3-vGlm-F5hWtjEw%3D%3D&sq=0&rn=8&rbuf=0
172.217.132.138200 OK 278 B URL HTTP/1.1 rr5---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=video%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALMSd9RVMoa7ZXf2udSOX2wd0h8lCo37AaXe1rXHtTSEAiBBraOAwqYsIFGO8HUkBLbtlE0XellLv4-JnmM-aKs-Yg%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&cm2rm=sn-capm-vnae7l,sn-5goey7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1665024519&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANPPcSmfyyhqz64zz7ziCpMrhsd9TdsAnMWqeOQkQnvEAiBTIRYAYX8qB9K8pt9tigCDuWSqjEH3-vGlm-F5hWtjEw%3D%3D&sq=0&rn=8&rbuf=0
IP 172.217.132.138:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash e3b3f24130926fc46577f8134cd2a849
0ab69732fe2b094870a277e46374f78fe10b30af
860a0226244685245c0bd508a0ab097faead047dfe9f6ba1866a36639aeb4b89
GET /videoplayback?expire=1665046418&ei=MkM-Y_aUMZm_yQWF1agQ&ip=91.90.42.154&id=o-AANQnwE0Yive4O7Mlx768b5Awg7vIuQBPbIjwAhA7y__&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vpxosLD4xn4nf9K_wGFZDiq5pc1Q&vprv=1&mime=video%2Fwebm&ns=RKOcynWabTFJOtIb51fOgZ8I&otf=1&otfp=1&dur=0.000&lmt=1617413991681383&keepalive=yes&fexp=24001373,24007246,24277535&beids=24277535&c=WEB_EMBEDDED_PLAYER&n=gJJWeayTl22w4A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALMSd9RVMoa7ZXf2udSOX2wd0h8lCo37AaXe1rXHtTSEAiBBraOAwqYsIFGO8HUkBLbtlE0XellLv4-JnmM-aKs-Yg%3D%3D&alr=yes&cpn=_E6R2sAhodmk0HqE&cver=1.20221004.01.00&cm2rm=sn-capm-vnae7l,sn-5goey7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=5g&mm=34&mn=sn-5hne6nzk&ms=ltu&mt=1665024519&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANPPcSmfyyhqz64zz7ziCpMrhsd9TdsAnMWqeOQkQnvEAiBTIRYAYX8qB9K8pt9tigCDuWSqjEH3-vGlm-F5hWtjEw%3D%3D&sq=0&rn=8&rbuf=0 HTTP/1.1
Host: rr5---sn-5hne6nzk.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 16 Sep 2022 05:54:28 GMT
Content-Type: video/webm
Date: Thu, 06 Oct 2022 02:53:40 GMT
Expires: Thu, 06 Oct 2022 02:53:40 GMT
Cache-Control: private, max-age=21298
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube-nocookie.com/embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0
IP 142.250.74.46:0
GET /embed/81IGerHCy3Y?autoplay=1&rel=0&showinfo=0 HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 02:53:37 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+795; expires=Sat, 05-Oct-2024 02:53:37 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
globaldugunsalonu.de/globalsalon.mp4
136.243.20.96206 Partial Content 0 B URL HTTP/2 globaldugunsalonu.de/globalsalon.mp4
IP 136.243.20.96:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /globalsalon.mp4 HTTP/1.1
Host: globaldugunsalonu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 06 Oct 2022 02:53:38 GMT
content-type: video/mp4
content-length: 6905442
last-modified: Thu, 28 Feb 2019 17:20:12 GMT
etag: "5c78184c-695e62"
x-powered-by: PleskLin
content-range: bytes 0-6905441/6905442
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
IP 142.250.74.10:0
GET /css?family=Roboto:100,200,300,400,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://globaldugunsalonu.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 02:53:37 GMT
date: Thu, 06 Oct 2022 02:53:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2