www.marouf.fi/
31.217.192.146301 Moved Permanently 0 B IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 28 Jan 2023 15:23:03 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://marouf.fi/
Content-Length: 0
Keep-Alive: timeout=2, max=200
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11787
Expires: Sat, 28 Jan 2023 18:39:30 GMT
Date: Sat, 28 Jan 2023 15:23:03 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5292
Expires: Sat, 28 Jan 2023 16:51:15 GMT
Date: Sat, 28 Jan 2023 15:23:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 14:43:05 GMT
content-type: application/json
age: 2398
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2519
Expires: Sat, 28 Jan 2023 16:05:02 GMT
Date: Sat, 28 Jan 2023 15:23:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IMOTiTjbuMuWQYmeIr9MxyPNXNbAULFw/Oe8xzENVfypz0zBrXQjKgpz1rYmGCJGSUtM5Btk7f4=
x-amz-request-id: 6ZZX0PR4GNHCNJSS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 14:49:56 GMT
age: 1987
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:23:04 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 14:41:40 GMT
age: 2484
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6305
Expires: Sat, 28 Jan 2023 17:08:09 GMT
Date: Sat, 28 Jan 2023 15:23:04 GMT
Connection: keep-alive
marouf.fi/wp-content/plugins/atomic-blocks/dist/assets/fontawesome/css/all.min.css?ver=1611050033
31.217.192.146200 OK 47 kB URL HTTP/2 marouf.fi/wp-content/plugins/atomic-blocks/dist/assets/fontawesome/css/all.min.css?ver=1611050033
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type ASCII text, with very long lines (46750)
Hash 20a9ce516eaea76da29a23adc43e8998
cf1a3fd771900af34f2af22142beecfb47367548
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/atomic-blocks/dist/assets/fontawesome/css/all.min.css?ver=1611050033 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Jan 2021 09:53:53 GMT
accept-ranges: bytes
content-length: 46930
content-type: text/css
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.15.1
31.217.192.146200 OK 1.6 kB URL HTTP/2 marouf.fi/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.15.1
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type ASCII text, with very long lines (1634), with no line terminators
Hash 5f209d26ccda9892a1fa030b3062a59d
7d6522a7107d3e8d60e37740f2f91844be48689b
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.15.1 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Jan 2021 09:54:33 GMT
accept-ranges: bytes
content-length: 1634
content-type: text/css
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.15.1
31.217.192.146200 OK 13 kB URL HTTP/2 marouf.fi/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.15.1
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type ASCII text, with very long lines (12612), with no line terminators
Hash 98ab18ae30aa945c250d1518125306ed
43456bf05e87a9d6166040a80da131874d09894e
cd1c57063478b82f0dbf91525785d7dd35115da8a1cee2aba6472bab7e069c7a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.15.1 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Jan 2021 09:54:33 GMT
accept-ranges: bytes
content-length: 12612
content-type: text/css
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marouf.fi/wp-includes/css/classic-themes.min.css?ver=1
31.217.192.146200 OK 217 B URL HTTP/2 marouf.fi/wp-includes/css/classic-themes.min.css?ver=1
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
accept-ranges: bytes
content-length: 217
content-type: text/css
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/plugins/atomic-blocks/dist/blocks.style.build.css?ver=1611050034
31.217.192.146200 OK 45 kB URL HTTP/2 marouf.fi/wp-content/plugins/atomic-blocks/dist/blocks.style.build.css?ver=1611050034
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type ASCII text, with very long lines (7310)
Hash e16b5fe7a92c4be04a2accaf6758d561
1aa05eb64bf3b81f6d112985ebba0bf712111002
7aea74fa8de4d5a91fd7de7396b304a6e180d6395b8662e2932092d7138a40ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/atomic-blocks/dist/blocks.style.build.css?ver=1611050034 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Jan 2021 09:53:54 GMT
accept-ranges: bytes
content-length: 44914
content-type: text/css
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/fonts/d1ba280aaf3ef56eba8f543d89750fb7.css
31.217.192.146200 OK 36 kB URL HTTP/2 marouf.fi/wp-content/fonts/d1ba280aaf3ef56eba8f543d89750fb7.css
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
Hash 8db0e1d8b1a2c8f49ad61f2c77f8e0c0
139e5756d7abec3da66d65a17812692deb6806dd
443c80267f27837966ef87ebd76fd077ba20dc1ddaf95bbe6a4586cf7968d035
GET /wp-content/fonts/d1ba280aaf3ef56eba8f543d89750fb7.css HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Dec 2022 09:20:40 GMT
accept-ranges: bytes
content-length: 36544
content-type: text/css
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
31.217.192.146200 OK 95 kB URL HTTP/2 marouf.fi/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
accept-ranges: bytes
content-length: 94889
content-type: text/css
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/themes/bold-photography/style.css?ver=20221212-92039
31.217.192.146200 OK 123 kB URL HTTP/2 marouf.fi/wp-content/themes/bold-photography/style.css?ver=20221212-92039
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type assembler source, ASCII text, with very long lines (1156)
Size 123 kB (123417 bytes)
Hash 93ad3c42d152bc646f60ccad9ca66192
d0953cc7affcf489dcb9c3af40c0994a88fce1ab
06d71824da3ed613d7ca6d2153da5b5bfac511ae291a0d14ce41c639d290692b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/bold-photography/style.css?ver=20221212-92039 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Dec 2022 09:20:39 GMT
accept-ranges: bytes
content-length: 123417
content-type: text/css
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-143550033-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-143550033-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash faf4818548acfdea0a1000b3c4d88f35
5d8d8ecc611cdfcf4e434d805d7e27638abbad05
7b4bda76389fd29aa82250b8fe8ffb1352ade003be7ee91308a555af3253d22c
GET /gtag/js?id=UA-143550033-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 15:23:04 GMT
expires: Sat, 28 Jan 2023 15:23:04 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44022
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
marouf.fi/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
31.217.192.146200 OK 12 kB URL HTTP/2 marouf.fi/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type ASCII text, with very long lines (1577)
Hash a76f61318af036823b08d73536486be6
31ff9b215dcef9151b9f4fc50ea91a9df1962102
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Dec 2022 09:20:15 GMT
accept-ranges: bytes
content-length: 11898
content-type: application/javascript
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/uploads/2019/07/MARouf-type-logo_250px.png
31.217.192.146200 OK 4.1 kB URL HTTP/2 marouf.fi/wp-content/uploads/2019/07/MARouf-type-logo_250px.png
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type PNG image data, 250 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 6509a1e94bd905b55be8a20b258715aa
7734fd9516cb31a86ea79c0bdb5e4dfdf9692cca
d39547d1c809aeded4f386fefeef3f526734a19a28420804ca6e7921b15083fe
GET /wp-content/uploads/2019/07/MARouf-type-logo_250px.png HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Jul 2019 11:47:57 GMT
accept-ranges: bytes
content-length: 4115
content-type: image/png
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
31.217.192.146200 OK 11 kB URL HTTP/2 marouf.fi/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-length: 11224
content-type: application/javascript
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/themes/bold-photography/assets/js/skip-link-focus-fix.min.js?ver=201800703
31.217.192.146200 OK 499 B URL HTTP/2 marouf.fi/wp-content/themes/bold-photography/assets/js/skip-link-focus-fix.min.js?ver=201800703
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type ASCII text, with very long lines (499), with no line terminators
Hash 278766d6c10dd9b4bb1a900f6388151e
7732c1eccb628404c52d94d13faef1041495de76
84a6ab28ada312061955342f678d4da17561d188060fda0ac08bbd80f4baff3d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/bold-photography/assets/js/skip-link-focus-fix.min.js?ver=201800703 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Dec 2022 09:20:39 GMT
accept-ranges: bytes
content-length: 499
content-type: application/javascript
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/themes/bold-photography/assets/js/functions.min.js?ver=201800703
31.217.192.146200 OK 6.0 kB URL HTTP/2 marouf.fi/wp-content/themes/bold-photography/assets/js/functions.min.js?ver=201800703
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type ASCII text, with very long lines (6040), with no line terminators
Hash f390abf6c551d59e014e70d2e006590f
75e33f5d74a56fd0737d15e49de14ffa50822e35
69b0490b323eb94721a4107e7149528e7ebf83e96cb61d8e7d112310dede1b38
GET /wp-content/themes/bold-photography/assets/js/functions.min.js?ver=201800703 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Dec 2022 09:20:39 GMT
accept-ranges: bytes
content-length: 6040
content-type: application/javascript
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
31.217.192.146200 OK 25 kB URL HTTP/2 marouf.fi/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type Unicode text, UTF-8 text, with very long lines (24733), with no line terminators
Hash a1ade95e21102c15d71ee475ac3818f6
13c693d748d12cc673b292261adf54b4ce0c10db
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Dec 2022 09:20:20 GMT
accept-ranges: bytes
content-length: 24734
content-type: application/javascript
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
31.217.192.146200 OK 19 kB URL HTTP/2 marouf.fi/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
content-length: 18617
content-type: application/javascript
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/plugins/atomic-blocks/dist/assets/js/dismiss.js?ver=1611050033
31.217.192.146200 OK 923 B URL HTTP/2 marouf.fi/wp-content/plugins/atomic-blocks/dist/assets/js/dismiss.js?ver=1611050033
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
Hash 5dccdb539f2edcbadd56c95eaf9f9211
8c7ffbc627f350836d2b93723b3b17b4924c7a24
91690ac97c038313496895a305a808da41d7702f5568ebc6b34a4c3cdd549961
GET /wp-content/plugins/atomic-blocks/dist/assets/js/dismiss.js?ver=1611050033 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Jan 2021 09:53:53 GMT
accept-ranges: bytes
content-length: 923
content-type: application/javascript
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.213.121.129101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.121.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m1eFlJngaYCL1PbRrhzalA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2dWNWQoceg07QINxB5gjL6RHBB4=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marouf.fi/wp-content/fonts/open-sans/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
31.217.192.146200 OK 45 kB URL HTTP/2 marouf.fi/wp-content/fonts/open-sans/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/open-sans/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://marouf.fi/wp-content/fonts/d1ba280aaf3ef56eba8f543d89750fb7.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Dec 2022 09:20:40 GMT
accept-ranges: bytes
content-length: 44856
content-type: font/woff2
date: Sat, 28 Jan 2023 15:23:05 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/fonts/oswald/TK3iWkUHHAIjg752GT8G.woff2
31.217.192.146200 OK 25 kB URL HTTP/2 marouf.fi/wp-content/fonts/oswald/TK3iWkUHHAIjg752GT8G.woff2
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/oswald/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://marouf.fi/wp-content/fonts/d1ba280aaf3ef56eba8f543d89750fb7.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Dec 2022 09:20:40 GMT
accept-ranges: bytes
content-length: 25372
content-type: font/woff2
date: Sat, 28 Jan 2023 15:23:05 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
31.217.192.146200 OK 471 B URL HTTP/2 marouf.fi/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
Hash 12a41c3677624d6ec4ab206a3eef9b00
03f14c307cc2d4894a26760b247655ff018c837d
f104c376f91a2edc6845fc9c19ef2d4d2cacfbd92f277b04b72712553b3d81d4
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
accept-ranges: bytes
content-length: 89684
content-type: application/javascript
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/plugins/atomic-blocks/dist/assets/fontawesome/webfonts/fa-brands-400.woff2
31.217.192.146200 OK 64 kB URL HTTP/2 marouf.fi/wp-content/plugins/atomic-blocks/dist/assets/fontawesome/webfonts/fa-brands-400.woff2
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type Web Open Font Format (Version 2), TrueType, length 64144, version 1.0\012- data
Hash 6814d0e8136d34e313623eb7129d538e
d902f8db3e021155f177f698a252fb98d6e61768
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/atomic-blocks/dist/assets/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://marouf.fi/wp-content/plugins/atomic-blocks/dist/assets/fontawesome/css/all.min.css?ver=1611050033
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Jan 2021 09:53:53 GMT
accept-ranges: bytes
content-length: 64144
content-type: font/woff2
date: Sat, 28 Jan 2023 15:23:05 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
216.58.207.227200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 26592, version 1.0\012- data
Hash c2d66029cf6ae68a19e1398fc02feda6
c37e5907e49d2ed5b11f59841a3d16c911da7a5c
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
GET /s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://marouf.fi
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:35:21 GMT
expires: Thu, 25 Jan 2024 19:35:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
content-type: font/woff2
age: 244064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 12a41c3677624d6ec4ab206a3eef9b00
03f14c307cc2d4894a26760b247655ff018c837d
f104c376f91a2edc6845fc9c19ef2d4d2cacfbd92f277b04b72712553b3d81d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4997
Cache-Control: max-age=90782
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:05 GMT
Etag: "63d3e9f2-1d7"
Expires: Sun, 29 Jan 2023 16:36:07 GMT
Last-Modified: Fri, 27 Jan 2023 15:12:50 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 149702
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 168142
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
marouf.fi/wp-content/uploads/2019/07/cropped-MARouf-favicon-192x192.png
31.217.192.146200 OK 5.9 kB URL HTTP/2 marouf.fi/wp-content/uploads/2019/07/cropped-MARouf-favicon-192x192.png
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a91c78949736befc67e34fe28548ca4d
ef3c907c577fd9b63d994917d0753575408fcc64
fa1ad293ebe35f9d02cab4de4064e0c9a0be0bf9199188638b0e892457366c72
GET /wp-content/uploads/2019/07/cropped-MARouf-favicon-192x192.png HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Jul 2019 12:20:03 GMT
accept-ranges: bytes
content-length: 5915
content-type: image/png
date: Sat, 28 Jan 2023 15:23:05 GMT
server: Apache
X-Firefox-Spdy: h2
marouf.fi/wp-content/uploads/2019/07/cropped-MARouf-favicon-32x32.png
31.217.192.146200 OK 791 B URL HTTP/2 marouf.fi/wp-content/uploads/2019/07/cropped-MARouf-favicon-32x32.png
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ef36d3ad586bed112d9c02584e80a81
6dbf7df6f572021938de4c97738e92234dc2c023
b7e57d3a806e87822f2f25603a9d4311a6ddb8c941cb95a4fe8b4e6193b1adae
GET /wp-content/uploads/2019/07/cropped-MARouf-favicon-32x32.png HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Jul 2019 12:20:03 GMT
accept-ranges: bytes
content-length: 791
content-type: image/png
date: Sat, 28 Jan 2023 15:23:05 GMT
server: Apache
X-Firefox-Spdy: h2
player-v2.yle.fi/899.04754cd6af8116c1f882.js
54.230.111.105200 OK 266 kB URL HTTP/2 player-v2.yle.fi/899.04754cd6af8116c1f882.js
IP 54.230.111.105:0
File type ASCII text, with very long lines (65454)
Size 266 kB (265702 bytes)
Hash 01e8d50593ce0c48e318a5670e2b59bd
04069d072b9a6d8d28475082186b98cf67f32925
01fc6d885e3b157a6d5423c386c438da638e13050259e7da41d8add96d2944be
GET /899.04754cd6af8116c1f882.js HTTP/1.1
Host: player-v2.yle.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Thu, 26 Jan 2023 09:32:17 GMT
last-modified: Thu, 19 Jan 2023 12:44:11 GMT
etag: W/"0f68c806bd627c329daac0d7881642e3"
cache-control: public,max-age=31536000
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 210Wc1sgmFxk514XA1OazjQX278HTCu6IUdcEDPA4udg4gqyVIURdA==
age: 193849
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 28 Jan 2023 13:45:20 GMT
expires: Sat, 28 Jan 2023 15:45:20 GMT
cache-control: public, max-age=7200
age: 5865
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed/embed.96c059f6.css
151.101.86.251200 OK 15 kB URL HTTP/2 open.spotifycdn.com/cdn/build/embed/embed.96c059f6.css
IP 151.101.86.251:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash ccef53bd9fdce15c39d2ec81392c3ed6
c9d869f8d35a158dbbdafc0b79915e75b1741864
323757fc14d5a5fdb096b09f67a4b3b16ae30732f99c50777d92da0dd4c27ac2
GET /cdn/build/embed/embed.96c059f6.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 02 Jan 2023 14:29:48 GMT
etag: "ccef53bd9fdce15c39d2ec81392c3ed6"
x-goog-generation: 1672669788910408
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 14660
content-type: text/css
content-encoding: gzip
accept-ranges: bytes
date: Sat, 28 Jan 2023 15:23:05 GMT
age: 2249222
x-served-by: cache-chi-klot8100123-CHI, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 287, 90934
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14660
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed/vendor~embed.359598f4.css
151.101.86.251200 OK 1.0 kB URL HTTP/2 open.spotifycdn.com/cdn/build/embed/vendor~embed.359598f4.css
IP 151.101.86.251:0
File type ASCII text, with very long lines (9735), with no line terminators
Hash 1709e694ecf23c10d4a5354eee9b33f4
3fa698f29cd0bbc27df50a4b220d02ccd61a0286
e172cd12a441b036216d6808178611c41a605d625c87daa40830a9acee5a54e1
GET /cdn/build/embed/vendor~embed.359598f4.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 08 Dec 2022 08:51:22 GMT
etag: "1709e694ecf23c10d4a5354eee9b33f4"
x-goog-generation: 1670489482436115
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1047
content-type: text/css
content-encoding: gzip
accept-ranges: bytes
date: Sat, 28 Jan 2023 15:23:05 GMT
age: 4429690
x-served-by: cache-chi-klot8100109-CHI, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 55, 87807
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1047
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/generated-locales/embed/en.3251d5e9.json
151.101.86.251200 OK 786 B URL HTTP/2 open.spotifycdn.com/cdn/generated-locales/embed/en.3251d5e9.json
IP 151.101.86.251:0
File type JSON data\012- , ASCII text
Hash e2382f65dec4d0440560cacbdc428561
7bff0be2dc6880803045b4529ba8e96cb18b02db
5100fb012280146c9ff35e7b4c072f774d2269fb8a663e8b3f686e6da1c3ebe8
GET /cdn/generated-locales/embed/en.3251d5e9.json HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2022 00:01:31 GMT
etag: "e2382f65dec4d0440560cacbdc428561"
x-goog-generation: 1669680091216351
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 786
content-type: application/json
content-encoding: gzip
accept-ranges: bytes
date: Sat, 28 Jan 2023 15:23:05 GMT
age: 5204219
x-served-by: cache-chi-klot8100140-CHI, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 49, 599
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 786
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed/vendor~embed.2e25bfef.js
151.101.86.251200 OK 296 kB URL HTTP/2 open.spotifycdn.com/cdn/build/embed/vendor~embed.2e25bfef.js
IP 151.101.86.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 296 kB (295683 bytes)
Hash edf64656176f5f0869cfa4d900f3bd8f
c98889e1ce335c7c050376dc7eb63d56b05507f3
e2f82d4a882d9bc54a02f60b41ad1a7a829dc602032f0f2e0dd4e50e13b519a2
GET /cdn/build/embed/vendor~embed.2e25bfef.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 15:12:02 GMT
etag: "edf64656176f5f0869cfa4d900f3bd8f"
x-goog-generation: 1674832322393231
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 295683
content-type: application/javascript
content-encoding: gzip
accept-ranges: bytes
date: Sat, 28 Jan 2023 15:23:05 GMT
age: 86848
x-served-by: cache-chi-klot8100075-CHI, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 12, 7139
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 295683
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
151.101.86.248200 OK 84 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
IP 151.101.86.248:0
File type Web Open Font Format (Version 2), TrueType, length 84088, version 1.66\012- data
Hash f7b12903dd7a2d536ceb2b7cd1dba2c1
82d12ab89c971973141475ecbefa5da97ad57195
3760e89dfff6078afcdc5404e4735e266a4799babd9fa853ff388c702e992c5f
GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 84027
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: "f7b12903dd7a2d536ceb2b7cd1dba2c1"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 15:23:05 GMT
Age: 17372773
X-Served-By: cache-ord1745-ORD, cache-chi-kigq8000169-CHI, cache-bma1660-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 31731
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
open.spotifycdn.com/cdn/build/embed/embed.19991136.js
151.101.86.251200 OK 51 kB URL HTTP/2 open.spotifycdn.com/cdn/build/embed/embed.19991136.js
IP 151.101.86.251:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 5dad85e79f0ab2fb9dae043b730bf8c1
554e441889a1d4541a042d54b81452ffc59be2f8
07aec702b9311dbfeed9ed555384bc44436dc80111fa863a14a73e466c8169d7
GET /cdn/build/embed/embed.19991136.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 28 Jan 2023 07:01:02 GMT
etag: "5dad85e79f0ab2fb9dae043b730bf8c1"
x-goog-generation: 1674889262863971
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 50991
content-type: application/javascript
content-encoding: gzip
accept-ranges: bytes
date: Sat, 28 Jan 2023 15:23:05 GMT
age: 29886
x-served-by: cache-chi-klot8100058-CHI, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 45, 2873
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 50991
X-Firefox-Spdy: h2
marouf.fi/wp-content/themes/bold-photography/assets/css/blocks.css?ver=1.0
31.217.192.146200 OK 90 kB URL HTTP/2 marouf.fi/wp-content/themes/bold-photography/assets/css/blocks.css?ver=1.0
IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
File type gzip compressed data, from Unix\012- data
Hash 216b12b5a9657850b1b324e158454f8e
b02b14e1ed70d323167efa295ceb8ba156a37fab
81c0ae5eb7c7ea1bca274d51be67818e3f2577e63c9f2ee766b20e8964335db9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/bold-photography/assets/css/blocks.css?ver=1.0 HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Dec 2022 09:20:39 GMT
accept-ranges: bytes
content-length: 22750
content-type: text/css
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1173ffbbb80f075731ea68afe30d5fa8
ad54230570cfcbeaafd512b9493826496fafb08b
64a4bace37bed7721ad6a459f875903f5fb2ccf964e07a362b1ab0cbfdd1f02d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4354
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:05 GMT
Last-Modified: Sat, 28 Jan 2023 14:10:32 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
locations.api.yle.fi/v3/address/current?callback=YlePlayerLocation4348837825827&app_id=player_static_prod&app_key=8930d72170e48303cf5f3867780d549b
54.230.111.41200 OK 975 B URL HTTP/2 locations.api.yle.fi/v3/address/current?callback=YlePlayerLocation4348837825827&app_id=player_static_prod&app_key=8930d72170e48303cf5f3867780d549b
IP 54.230.111.41:0
Hash 220f490228e14bb5cad246d68b25673d
515fb9a63363b1895697e6265ed69ba546015ffe
90787d7f6af52f2b467fad33b325a51fe3a07377a5aacb37ab8b7e874b0cd08c
GET /v3/address/current?callback=YlePlayerLocation4348837825827&app_id=player_static_prod&app_key=8930d72170e48303cf5f3867780d549b HTTP/1.1
Host: locations.api.yle.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 28 Jan 2023 15:23:05 GMT
server: nginx/1.23.1
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RF1w4ecUqytwPflY04WIBd5nuSBtHC3NZTxP6l7JjlAjHX4UQw1AZw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19405
Expires: Sat, 28 Jan 2023 20:46:31 GMT
Date: Sat, 28 Jan 2023 15:23:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19405
Expires: Sat, 28 Jan 2023 20:46:31 GMT
Date: Sat, 28 Jan 2023 15:23:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19405
Expires: Sat, 28 Jan 2023 20:46:31 GMT
Date: Sat, 28 Jan 2023 15:23:06 GMT
Connection: keep-alive
i.scdn.co/image/ab67616d00001e02af42d4889f45b11eafb10997
151.101.86.248200 OK 26 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e02af42d4889f45b11eafb10997
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 0b82ac691b7a5b61ec1d01d19064d6ed
4c569b1ce48dc340c9ef3377b33e93a553d8c58f
19f1e3f563ba3d98f7a26adbe5573e80fac3c87865d6636b6bfc8e59c4560599
GET /image/ab67616d00001e02af42d4889f45b11eafb10997 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 26334
Last-Modified: Wed, 04 Sep 2019 12:42:37 GMT
ETag: "0b82ac691b7a5b61ec1d01d19064d6ed"
x-goog-generation: 1567600957831201
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26334
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 15:23:06 GMT
Age: 261899
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100026-CHI, cache-bma1631-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 5, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
www.youtube.com/embed/CDv1Jui4G3U?feature=oembed
142.250.74.110200 OK 39 kB URL HTTP/2 www.youtube.com/embed/CDv1Jui4G3U?feature=oembed
IP 142.250.74.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58572)
Hash 5b84ccc9c8f13527bb27fd6af69afaf5
f79d378e4470afdacaf8a7128d8b4e1e7077b6a6
cfc72ddefddbd7fd200ee6ad0d0a71f10ac88059c17e2cb37cc079c50e394664
GET /embed/CDv1Jui4G3U?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 28 Jan 2023 15:23:05 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=whvhyLvfdHA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpjeU16azRNakE0TURBM056UXlPQT09ENn71J4GGNn71J4G; Domain=.youtube.com; Expires=Thu, 27-Jul-2023 15:23:05 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=nTIzhLUitmE; Domain=.youtube.com; Expires=Thu, 27-Jul-2023 15:23:05 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+976; expires=Mon, 27-Jan-2025 15:23:05 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1WE1zQwrCGVy8HLT9_BFkAr6rQE_ROyttMOByR32KeT0w2Hd_ylvYQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:16:00 GMT
age: 61626
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 05:20:03 GMT
age: 36183
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57b73886cbbb719eda5f733c018eedfb
b84ed40973f8a0d3c10529e34f9466746cfdaf0c
4ba11c23e0bbd2aed53b04ad0b3d22161af1971ddcfb75ae55734de9a49af207
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: c1743fed-205a-431b-8648-474facde6d09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwFtboAMF9rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-5b94864c707c42fc36fbc63a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 35sWCIsACAhQvXkJvBn0LGf2m9OTklgDprONw5CDUoXD97TUpJ9j5Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:35 GMT
age: 62851
etag: "b84ed40973f8a0d3c10529e34f9466746cfdaf0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 62780
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2460c8c41af24f0be92e6cbc1feaaf9
18fa4a8f80df7b8ddadc8948ee1e8ecf446feee9
b0c5e7085cbf1845cfb8b8ca208096281c6bb3a412a000f6bf2a85bf8c49395d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C5E7085CBF1845CFB8B8CA208096281C6BB3A412A000F6BF2A85BF8C49395D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8281
Expires: Sat, 28 Jan 2023 17:41:07 GMT
Date: Sat, 28 Jan 2023 15:23:06 GMT
Connection: keep-alive
player.api.yle.fi/v1/preview/1-50298495.json?language=fin&countryCode=NO&host=marouffi&isPortabilityRegion=true&ssl=true&app_id=player_static_prod&app_key=8930d72170e48303cf5f3867780d549b
54.230.111.19200 OK 1.3 kB URL HTTP/2 player.api.yle.fi/v1/preview/1-50298495.json?language=fin&countryCode=NO&host=marouffi&isPortabilityRegion=true&ssl=true&app_id=player_static_prod&app_key=8930d72170e48303cf5f3867780d549b
IP 54.230.111.19:0
Hash 416a81233ad760ade11865b51f4a9bb6
5a5a7d23b2fa2ba04e2809ee9d414fa7623caf06
34a8eda7be0b9dfc87c5fb2173ebbfe1118dc32d49a238e9d7efb781a3f70281
GET /v1/preview/1-50298495.json?language=fin&countryCode=NO&host=marouffi&isPortabilityRegion=true&ssl=true&app_id=player_static_prod&app_key=8930d72170e48303cf5f3867780d549b HTTP/1.1
Host: player.api.yle.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://marouf.fi
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json;charset=utf-8
date: Sat, 28 Jan 2023 15:23:06 GMT
server: nginx/1.23.1
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GEBYRM3buPPVT8sYyLrZ4BSZKM17FxqwUePtA2Nred6pGYLT_Wtzjg==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 195316042e7f798eeeb7993fecb3a383
4aeca24ad4702f87feaf9674ea0c1ff6d71826a3
b7e0a61060455241fce844d2c91eca500d409804361063ddb61053cbc9c7b1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13376
x-amzn-requestid: 64d0092e-1f1a-4183-a4a6-805e0bf37d32
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-DvHIyoAMF6fA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b1-6387770232ddca74531bce91;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jqb6G21QeTDiI0HWT9Fd87D-HkAOiesyfN9vr7vMxrOUADBxV-_Fug==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:42 GMT
age: 62844
etag: "4aeca24ad4702f87feaf9674ea0c1ff6d71826a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2460c8c41af24f0be92e6cbc1feaaf9
18fa4a8f80df7b8ddadc8948ee1e8ecf446feee9
b0c5e7085cbf1845cfb8b8ca208096281c6bb3a412a000f6bf2a85bf8c49395d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C5E7085CBF1845CFB8B8CA208096281C6BB3A412A000F6BF2A85BF8C49395D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8281
Expires: Sat, 28 Jan 2023 17:41:07 GMT
Date: Sat, 28 Jan 2023 15:23:06 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash af1c521d29c662e208d80836c19fa58a
64e18dcf8f3ea43f6aeb1c66299bd37121cdfe14
57fe9c6dbb637c6090c7110234fb9d3aadb75850d6d5ed5c668376ebd121c1f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.102200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.102:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 15:12:52 GMT
expires: Sat, 28 Jan 2023 15:27:52 GMT
cache-control: public, max-age=900
age: 615
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 28 Jan 2023 15:23:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash af1c521d29c662e208d80836c19fa58a
64e18dcf8f3ea43f6aeb1c66299bd37121cdfe14
57fe9c6dbb637c6090c7110234fb9d3aadb75850d6d5ed5c668376ebd121c1f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 28 Jan 2023 15:23:07 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 622311873d3819b9911301b09bc2d43c
9f08d648e40479aa12da033da15b80a15017c739
6138674cec17da8b7bb02bf0686bf3e7aefa2bce6a5f844ebd80e10b665818b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ebda1422c1b860b175fca234528f9c99
e9f44761488e0e99492506e41e4d0309da9c422c
cc07fbf6fe91c1a6e21afb138e0faf727e3eb643d5f22ef778a5fff209c59af7
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 28 Jan 2023 15:23:07 GMT
server: ESF
cache-control: private
content-length: 30954
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36171)
Hash a13a76dd17af226d4a24bd16ef702377
c364171cd0f66eb4a1a8dde04e1e083154d81dbd
1dd3352cbdb7561b142954006a2bb94008486c22760c3d5ebb1b6fffeb325173
GET /js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14250
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 18:38:28 GMT
expires: Sat, 27 Jan 2024 18:38:28 GMT
cache-control: public, max-age=31536000
age: 74679
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash dc69cc609408fd8da7942d5c817d7d60
53a02b51bec17ad307f2216cf18000da388e69a5
4b8dbcf7fe6f815181b7c924acf5e5d3f3c5c168f70e894fe030a0a922648117
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 28 Jan 2023 15:23:07 GMT
server: ESF
cache-control: private
content-length: 31076
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e2579e6546ece9f51d426a7d7f271499
1a73b4aa9dd0a6ad011c8d56d5bfdd1be30e2b10
56f86a1282b4e619ae6a9f211ccebaa8a6ddf614acec73700814986dc84a593c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/tWw8vmtsxsQ/sddefault.webp
142.250.74.182200 OK 19 kB URL HTTP/2 i.ytimg.com/vi_webp/tWw8vmtsxsQ/sddefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e7d1fc8718dd455ea342760262da2a23
88505a26e65f82e61a9e748d9a041abfcc778bc0
027d8740b741abe2a285f02ac5d45a71aa2cdfcffbfbf7dfdcde799c6ee02724
GET /vi_webp/tWw8vmtsxsQ/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 19182
date: Sat, 28 Jan 2023 15:23:07 GMT
expires: Sat, 28 Jan 2023 17:23:07 GMT
cache-control: public, max-age=7200
etag: "1508096854"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/3I3dGvHBvgM/maxresdefault.webp
142.250.74.182200 OK 34 kB URL HTTP/2 i.ytimg.com/vi_webp/3I3dGvHBvgM/maxresdefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e59dc274b61d59153d8fef2f81b7baa
2db7b61ded77069c125f989aad7b40be2c98a9d1
cbb3b801affb739d003c577c7191733a17e9cfcc6edb565cefc77ff8d4a3636b
GET /vi_webp/3I3dGvHBvgM/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33510
date: Sat, 28 Jan 2023 15:23:07 GMT
expires: Sat, 28 Jan 2023 17:23:07 GMT
cache-control: public, max-age=7200
etag: "1613736696"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e2579e6546ece9f51d426a7d7f271499
1a73b4aa9dd0a6ad011c8d56d5bfdd1be30e2b10
56f86a1282b4e619ae6a9f211ccebaa8a6ddf614acec73700814986dc84a593c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bc7c4f207ec97cacb1eedd94d2f6b371
5f0948a39435ace8bacc4ac5fb3df19045908e42
bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 166bf2c6932f048996b3fe12e1cf3db9
9489d067ac8215775dda446a4c291e6db1e8ab3f
896314990eb656b725f8ec5d3753e70bf71e956c142a15b45773a77bb7d6ff24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/w9hCFBtWVDpRwzY9hmCox-9uWZbSbXS0nI639IN6jBdMgIi2eXJOdMyCRk_ILZOVSXPPjde6alM=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.7 kB URL HTTP/2 yt3.ggpht.com/w9hCFBtWVDpRwzY9hmCox-9uWZbSbXS0nI639IN6jBdMgIi2eXJOdMyCRk_ILZOVSXPPjde6alM=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash bed322d1a3f1fc264c5f76165d8f4edd
47baf61ba808323a0eea76a9e34b4672a08dc060
90fa44c843a029ddcef1a4501966d258394f60c34b75dc58f430c14775f38883
GET /w9hCFBtWVDpRwzY9hmCox-9uWZbSbXS0nI639IN6jBdMgIi2eXJOdMyCRk_ILZOVSXPPjde6alM=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3724
x-xss-protection: 0
date: Sat, 28 Jan 2023 15:23:07 GMT
expires: Sat, 28 Jan 2023 07:14:39 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 28 Jan 2023 15:23:07 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-143550033-1&cid=230723477.1674919389&jid=746921735&gjid=283388167&_gid=79865913.1674919389&_u=aGBAAUIgAAAAACAAI~&z=1616527887
173.194.73.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-143550033-1&cid=230723477.1674919389&jid=746921735&gjid=283388167&_gid=79865913.1674919389&_u=aGBAAUIgAAAAACAAI~&z=1616527887
IP 173.194.73.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-143550033-1&cid=230723477.1674919389&jid=746921735&gjid=283388167&_gid=79865913.1674919389&_u=aGBAAUIgAAAAACAAI~&z=1616527887 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://marouf.fi
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://marouf.fi
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 28 Jan 2023 15:23:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 34e1d89856c159d9c69eefa94798df39
59bceacfcf4a66c3f52d78c577c8a531efa9edba
ad59c18848bf34a1433c8355a8323fa8872bf70608c2e5b0e125e594f2a0d58a
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1202
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 28 Jan 2023 15:23:07 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
login.api.yle.fi/v1/user/login?app_id=player_static_prod&app_key=8930d72170e48303cf5f3867780d549b
54.230.111.20401 Unauthorized 562 B URL HTTP/2 login.api.yle.fi/v1/user/login?app_id=player_static_prod&app_key=8930d72170e48303cf5f3867780d549b
IP 54.230.111.20:0
Hash ae9d0d12de7850ab4cdb2c077e632ac3
8e4629cb8b46183ca6e5f7c389a72c528bbdb496
280fe442c863abee8928353a9f70dc5f1e130b0233621238e2a618ac42dbf305
GET /v1/user/login?app_id=player_static_prod&app_key=8930d72170e48303cf5f3867780d549b HTTP/1.1
Host: login.api.yle.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://marouf.fi
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: application/json;charset=utf-8
date: Sat, 28 Jan 2023 15:23:07 GMT
server: nginx/1.23.1
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00
x-cache: Error from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mhiId1yIp_XD31OfQGVqIo9wiqh5n89P1M2wCEY-lUg8DS3bqkfROQ==
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 034666b1efabad086f647721f84b839f
3ef82f3be8ddb6e6ee70915ab281c8d5dd274cf5
511e8d99633bde02bf63720fdcc932b1c8eca21bab72a52ce50e237f15e75ec1
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 883
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 28 Jan 2023 15:23:07 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AL5GRJU5WXvv98Alm3mKB_VL_XFZMYNh8ymDvvR4v3yjow=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJU5WXvv98Alm3mKB_VL_XFZMYNh8ymDvvR4v3yjow=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, description=MA Rouf - The People, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 511da737a16f5261ac7b9eee38b993e8
78598363e9219f3edad60f9bed52fba17cd0148b
e548e3ca0502e9fcfb12b729911678b06e1ba4fd4a69336b58ac7d742761d1e7
GET /ytc/AL5GRJU5WXvv98Alm3mKB_VL_XFZMYNh8ymDvvR4v3yjow=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3075
x-xss-protection: 0
date: Sat, 28 Jan 2023 15:23:07 GMT
expires: Sat, 28 Jan 2023 19:43:44 GMT
cache-control: public, max-age=86400, no-transform
etag: "v73b"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5e6640a9e5168f6081c1c9c0b8b00139
6a9eb96baa5c08f7159fb074f7d9393571ca38ec
d09a06e856228261ec6432b5a52dcc7e5cd5ee557375dbc488d06bd1a5db9cc0
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 28 Jan 2023 15:23:07 GMT
server: ESF
cache-control: private
content-length: 31022
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnapisec.kaltura.com/p/1955031/embedPlaykitJs/uiconf_id/47912943
23.38.200.111200 OK 420 kB URL HTTP/2 cdnapisec.kaltura.com/p/1955031/embedPlaykitJs/uiconf_id/47912943
IP 23.38.200.111:0
File type Unicode text, UTF-8 text, with very long lines (47901)
Size 420 kB (419666 bytes)
Hash dadfde5050853b463659613d413ea837
64444eda41597d8a3e365cd7aad5d7eebd3d387a
22cf3f975ac8ddfa8351c2d1d3dde1bb9b674549c7f918c215afb66dbb0afe79
GET /p/1955031/embedPlaykitJs/uiconf_id/47912943 HTTP/1.1
Host: cdnapisec.kaltura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 23 Jan 2023 17:53:50 GMT
etag: 96053f21c12a09941ec9889fba224012
content-type: text/javascript;charset=UTF-8
x-me: ny-nvp1-fapi-157f
x-kaltura-session: 1356858167, 1674496599
pragma: no-cache
access-control-allow-origin: *
x-robots-tag: noindex
content-encoding: gzip
x-proxy-me: nvp1-front-proxy-blue-5b47ff55fc-zdn28
x-proxy-session: 966becd3b014a9943a9f4a262bb261fc
server: Kaltura
content-length: 419666
cache-control: public, max-age=102
expires: Sat, 28 Jan 2023 15:24:49 GMT
date: Sat, 28 Jan 2023 15:23:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-143550033-1&cid=230723477.1674919389&jid=746921735&_u=aGBAAUIgAAAAACAAI~&z=1237896632
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-143550033-1&cid=230723477.1674919389&jid=746921735&_u=aGBAAUIgAAAAACAAI~&z=1237896632
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-143550033-1&cid=230723477.1674919389&jid=746921735&_u=aGBAAUIgAAAAACAAI~&z=1237896632 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 15:23:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 112 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 613a3b4dbe2b5f5251f7f354473dbeb5
78349b8454b8c1f6fcf0559eff2293d19c4d8d4f
3785fb262577b3dc8273e819e7938dc5e31e33a8c228d71ce6f1172206c1ed08
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 112
date: Sat, 28 Jan 2023 15:23:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0737746917b93e6877d7fddde01411ab
f2bf1b90b7ce6d4464d4efbc641af747be3c79e3
9824a4cffa3af04903093170fc6577409f46d50539c68294e2b7797bf3e54504
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 28 Jan 2023 15:23:07 GMT
server: ESF
cache-control: private
content-length: 30934
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
images.cdn.yle.fi/image/upload/f_auto,fl_lossy,q_auto,dpr_1,w_480,c_fill,ar_16:9,d_yle-areena.jpg/v1670245350/13-1-50298495-1572128168772.jpg
151.101.130.102200 OK 20 kB URL HTTP/2 images.cdn.yle.fi/image/upload/f_auto,fl_lossy,q_auto,dpr_1,w_480,c_fill,ar_16:9,d_yle-areena.jpg/v1670245350/13-1-50298495-1572128168772.jpg
IP 151.101.130.102:0
File type ISO Media, AVIF Image\012- data
Hash 32c394bcc8f3b86ffa28692eefe31086
0c26de228bbef34cb641e3ab09172ce36dfd62e7
27aff5ff26efea7527bcea13cf599d6ebf8260b85eb42543c266449442992975
GET /image/upload/f_auto,fl_lossy,q_auto,dpr_1,w_480,c_fill,ar_16:9,d_yle-areena.jpg/v1670245350/13-1-50298495-1572128168772.jpg HTTP/1.1
Host: images.cdn.yle.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/avif
etag: "32c394bcc8f3b86ffa28692eefe31086"
last-modified: Sun, 09 Jan 2022 19:44:26 GMT
date: Sat, 28 Jan 2023 15:23:08 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, max-age=300
server-timing: fastly;dur=223;cpu=0;start=2023-01-28T15:23:07.854Z;desc=miss,rtt;dur=10,cloudinary;dur=128;start=2023-01-28T15:23:07.903Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 19679
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4e76a8b1ac1e0acb9912985cf584da4a
0724b71b8e83e6faf6124b08e554957726a91a49
922f7006a2486e8e1ffebb2353b0086674de521e0cf40a8f36483317b2746cad
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1032
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 28 Jan 2023 15:23:08 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 725b9b335cfb00c716098de41875e708
51cd44534ed6869c79d01f7ad8ce6e52e963a397
b7a85d8392301162ded5e6a55f1d66a9faf3c6896afa2edc3ccf3f32fbb8b666
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 28 Jan 2023 15:23:08 GMT
server: ESF
cache-control: private
content-length: 30704
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c08fe6b4bade9f6ef146e0c0458ce63e
eba4342dd15dec6d344a7498991b30bef231ce56
25555d586cda0e36d7e393eefe7678fb9671a953722cf8120512a9e72504029a
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1210
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 28 Jan 2023 15:23:08 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f35e84d7035aeed2fb0de5f7497aabbb
e435ab3bc2b3467c5952288ebbb6a6316006c379
e17fc189ea60a0a37fd90dd590c2ced31c997440eef96369ad7f489292f0e8dc
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1351
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 28 Jan 2023 15:23:08 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
151.101.86.248200 OK 0 B URL HTTP/1.1 encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
IP 151.101.86.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 87344
Last-Modified: Thu, 19 May 2022 07:59:23 GMT
ETag: "db1a27b35e26398fef4be920ea96078d"
x-goog-generation: 1652947162999500
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 87344
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 15:23:05 GMT
Age: 17817873
X-Served-By: cache-ord1746-ORD, cache-chi-klot8100076-CHI, cache-bma1677-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 183667
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Sat, 28 Jan 2023 15:23:09 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
151.101.86.248200 OK 0 B URL HTTP/1.1 encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
IP 151.101.86.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 85585
Last-Modified: Thu, 19 May 2022 07:59:22 GMT
ETag: "0e196bce574e01f42fc686e3e6dc4f76"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 15:23:05 GMT
Age: 17817875
X-Served-By: cache-ord1740-ORD, cache-chi-kigq8000179-CHI, cache-bma1661-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 173280
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 861
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Sat, 28 Jan 2023 15:23:09 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 955
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Sat, 28 Jan 2023 15:23:09 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnapisec.kaltura.com/api_v3/service/multirequest
23.38.200.111200 OK 1.5 kB URL HTTP/2 cdnapisec.kaltura.com/api_v3/service/multirequest
IP 23.38.200.111:0
File type JSON data\012- , ASCII text, with very long lines (8261), with no line terminators
Hash 2935612e6e363c7bc0b938d84494bac6
9921cd647a0b0f8276c56d55ddb9fec99b1a3733
5ec59cccb9d8734f4b96a81e8058986684191b51aa7d42c80f98002bdbf6678f
POST /api_v3/service/multirequest HTTP/1.1
Host: cdnapisec.kaltura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 853
Origin: https://marouf.fi
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 1475
x-me: ny-nvp1-fapi-9c91
access-control-expose-headers: Server, Content-Length, Content-Range, Date, X-Kaltura, X-Kaltura-Session, X-Me
access-control-allow-origin: *
x-kaltura-session: 25879258, 1674919389
x-kaltura-part-of-multirequest: cached-dispatcher,cache_v3-7e1a72bbe8b117098b00105d617468f7,0.00013899803161621, cached-dispatcher,cache_v3-e10c688e120aaff5347cc27a0bc2db9e,0.0026998519897461, cached-dispatcher,cache_v3-ecfd5c1221a3bfd60c8c575f33b255f6,0.0021657943725586, cached-dispatcher,cache_v3-f34fdcb8e8db4bcbd28750fd3ed7522a,0.002079963684082
x-kaltura: cache-key,cache_v3-afff46e1d395e825ddcca409c42a7fbb
content-encoding: gzip
x-proxy-me: nvp1-front-proxy-blue-5b47ff55fc-fww5j
x-proxy-session: 9cd148992d40935808c578d77414df86
server: Kaltura
expires: Sat, 28 Jan 2023 15:23:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 28 Jan 2023 15:23:09 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 7530a78592a651641385447119a77515
7b1b48005018db6bff748d21f5f1cedb0b9cbd3c
9ec590fa8380cb87c33194f15d24f4f3a812eec86cf430dca2e789a43818bd4c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138479
Date: Sat, 28 Jan 2023 15:23:09 GMT
Etag: "63d4ad57-1d7"
Expires: Mon, 30 Jan 2023 05:51:08 GMT
Last-Modified: Sat, 28 Jan 2023 05:06:31 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2znEYUCnUcNx4HqXSPgCS-HZHdyHZyLSo2pgVp8ujjZZUT-8rDzQMw==
Age: 2677
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9c61a659fc21720e8eb04f7acf8c1f04
749627b6730b74e25c4795e4d11ea49a77a4b5ac
7e8953d316bc55cf5ffe967bffacf9f1cdd9cf41b1a51cc04143a0f0c84c31bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3045
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:23:10 GMT
Last-Modified: Sat, 28 Jan 2023 14:32:25 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 2156
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Sat, 28 Jan 2023 15:23:09 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3D717B335952EB220A495D55%40AdobeOrg&d_nsid=0&ts=1674919393176
54.72.143.161200 OK 307 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3D717B335952EB220A495D55%40AdobeOrg&d_nsid=0&ts=1674919393176
IP 54.72.143.161:0
File type JSON data\012- , ASCII text, with very long lines (362), with no line terminators
Hash 2d1e5ac425635ad5a4ada18d049fca83
84a78616aa5250424a93695a1bba7dea15d50588
9921239c4724e213e21c9a769a316cc9ce38397ae44afac4df58e3531f1c1f79
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3D717B335952EB220A495D55%40AdobeOrg&d_nsid=0&ts=1674919393176 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://marouf.fi
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://marouf.fi
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0078884aa.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=82919442560435011650029817723867069204; Max-Age=15552000; Expires=Thu, 27 Jul 2023 15:23:10 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: uTd1gg+xStw=
Content-Length: 307
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 010c6a9a6892cbdcf5e136dd79b2bc42
7d30af4fab56c0bf1b4faa8facd6f7fa6b79696e
3d0c270df9dfe0dd4c61e3ccdfc99605fb03cd5bd233b90a2271e4b14409fa9b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 15:23:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 28 Jan 2023 00:40:35 GMT
Expires: Sun, 29 Jan 2023 00:40:35 GMT
ETag: "7d30af4fab56c0bf1b4faa8facd6f7fa6b79696e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
analytics.kaltura.com/api_v3/index.php?service=analytics&action=trackEvent&apiVersion=3.3.0&format=1&playerJSLoadTime=205&eventType=1&partnerId=1955031&entryId=1_uf4t9v7b&sessionId=09fad714-1aa8-17b1-8be5-0e1f800f8fe5%3Affdd6744-17a6-6ec3-1590-3f139d7825d9&eventIndex=1&referrer=https%3A%2F%2Fmarouf.fi%2F&deliveryType=dash&playbackType=vod&clientVer=7.34.1&clientTag=html5%3Av7.34.1&position=0&playbackSpeed=1&ks=djJ8MTk1NTAzMXzSsY3I2a7wenGEKho0G7oyn6CmYTcvIP4MdYHzO93Oorn8TcwgP0mFT-2OUHzZCgOT5b5qn3ikCx_rkgyw-pG7A0nbWPW1esmLxWNfokRNbg%3D%3D&uiConfId=47912943
35.165.115.120200 OK 48 B URL HTTP/1.1 analytics.kaltura.com/api_v3/index.php?service=analytics&action=trackEvent&apiVersion=3.3.0&format=1&playerJSLoadTime=205&eventType=1&partnerId=1955031&entryId=1_uf4t9v7b&sessionId=09fad714-1aa8-17b1-8be5-0e1f800f8fe5%3Affdd6744-17a6-6ec3-1590-3f139d7825d9&eventIndex=1&referrer=https%3A%2F%2Fmarouf.fi%2F&deliveryType=dash&playbackType=vod&clientVer=7.34.1&clientTag=html5%3Av7.34.1&position=0&playbackSpeed=1&ks=djJ8MTk1NTAzMXzSsY3I2a7wenGEKho0G7oyn6CmYTcvIP4MdYHzO93Oorn8TcwgP0mFT-2OUHzZCgOT5b5qn3ikCx_rkgyw-pG7A0nbWPW1esmLxWNfokRNbg%3D%3D&uiConfId=47912943
IP 35.165.115.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c825e5725813dbd487946a51775ce58f
07c0f092ffb1930eb779f0db67e0d9b9a3a1e9eb
adcdbcc00dceecd48b7663bd5e3e35b29549aab98e298c6144afc1631a302dd1
GET /api_v3/index.php?service=analytics&action=trackEvent&apiVersion=3.3.0&format=1&playerJSLoadTime=205&eventType=1&partnerId=1955031&entryId=1_uf4t9v7b&sessionId=09fad714-1aa8-17b1-8be5-0e1f800f8fe5%3Affdd6744-17a6-6ec3-1590-3f139d7825d9&eventIndex=1&referrer=https%3A%2F%2Fmarouf.fi%2F&deliveryType=dash&playbackType=vod&clientVer=7.34.1&clientTag=html5%3Av7.34.1&position=0&playbackSpeed=1&ks=djJ8MTk1NTAzMXzSsY3I2a7wenGEKho0G7oyn6CmYTcvIP4MdYHzO93Oorn8TcwgP0mFT-2OUHzZCgOT5b5qn3ikCx_rkgyw-pG7A0nbWPW1esmLxWNfokRNbg%3D%3D&uiConfId=47912943 HTTP/1.1
Host: analytics.kaltura.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://marouf.fi
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:23:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Kava-Me: ip-172-30-36-72
Access-Control-Allow-Origin: https://marouf.fi
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Origin,Range,Accept-Encoding,Referer,Cache-Control,User-Agent,Content-Type
Access-Control-Expose-Headers: Server,Content-Length,Content-Range,Date
Expires: Sat, 28 Jan 2023 15:23:09 GMT
Cache-Control: no-cache
player-v2.yle.fi/initAdobeAnalytics.65726c4e7b18d11673058ef9e5cff0e4.js
54.230.111.105200 OK 109 kB URL HTTP/2 player-v2.yle.fi/initAdobeAnalytics.65726c4e7b18d11673058ef9e5cff0e4.js
IP 54.230.111.105:0
File type ASCII text, with very long lines (65427)
Size 109 kB (109298 bytes)
Hash daade4ebab8ea7918c6739fdb3a9d9a7
8c7dbac66f4f29141636e9d421f389eea9aaf03f
ab3496bd21d650044c582cd9c108442ad9218ec7c4c0fe9d8607e170c417c544
GET /initAdobeAnalytics.65726c4e7b18d11673058ef9e5cff0e4.js HTTP/1.1
Host: player-v2.yle.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Sat, 28 Jan 2023 15:23:10 GMT
last-modified: Thu, 26 Jan 2023 14:19:39 GMT
etag: W/"b93823fb8a692c76f885062322daec5c"
cache-control: public,max-age=31536000
server: AmazonS3
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w1mWqG-wJIGMraqm9wVthIs5umC8FiBfipI8GBEFehg5o7gOrIFfmw==
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25fd26625a6c5339389faf4f6aa8fc6a
05aed76d3966ea8a02d4bbbeff7b41c8a5aac907
9a29ad65cb7a8632a2c454a4caeb43a10c5152ccf3dbab22d584276bdeeb0dbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5746
x-amzn-requestid: 8ab00078-cdf9-465a-a493-64a488c9e634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwEIJIAMFutA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-3f9b5f031812e32f6625f1e6;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jUVP5rlieH6mUh_fgVz4D636AIMAo2JXJqBgzGSI_CyY2-8Pza4IKw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 01:37:10 GMT
age: 49563
etag: "05aed76d3966ea8a02d4bbbeff7b41c8a5aac907"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 109 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ab1068bcb915f9d4ee31d537046a75ba
992131fefe5ebe2284b8af7826e40302d29f0b19
8c0db7ab210e09ab048a9e2b149533d1349fa35172cd139e230dfc3ff9c94ece
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 109
date: Sat, 28 Jan 2023 15:23:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
player-v2.yle.fi/embed.js
54.230.111.105200 OK 0 B URL HTTP/2 player-v2.yle.fi/embed.js
IP 54.230.111.105:0
GET /embed.js HTTP/1.1
Host: player-v2.yle.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
date: Sat, 28 Jan 2023 15:23:05 GMT
last-modified: Thu, 26 Jan 2023 14:19:38 GMT
etag: W/"764661716e158087b9567f01c0af79b8"
cache-control: public,max-age=60
server: AmazonS3
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j2JPTCN3S580-iE0eLB9YQxa_pF90rH3LsbfzD2IQq1xZWm9tx16NA==
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.youtube.com/embed/3I3dGvHBvgM?start=43&feature=oembed
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/embed/3I3dGvHBvgM?start=43&feature=oembed
IP 142.250.74.110:0
GET /embed/3I3dGvHBvgM?start=43&feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 28 Jan 2023 15:23:05 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=rcZM8fd5vVY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpjeU16azRNak00TnpJM05ESTVOdz09ENn71J4GGNn71J4G; Domain=.youtube.com; Expires=Thu, 27-Jul-2023 15:23:05 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=pcGCstYdwCY; Domain=.youtube.com; Expires=Thu, 27-Jul-2023 15:23:05 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+372; expires=Mon, 27-Jan-2025 15:23:05 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/tWw8vmtsxsQ?feature=oembed
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/embed/tWw8vmtsxsQ?feature=oembed
IP 142.250.74.110:0
GET /embed/tWw8vmtsxsQ?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 28 Jan 2023 15:23:05 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=htOMjEmTM2Q; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpjeU16azRNek13TkRNd09USXdNZz09ENn71J4GGNn71J4G; Domain=.youtube.com; Expires=Thu, 27-Jul-2023 15:23:05 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=_-4f2-9kf_c; Domain=.youtube.com; Expires=Thu, 27-Jul-2023 15:23:05 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+523; expires=Mon, 27-Jan-2025 15:23:05 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/d539YpDpS4A?feature=oembed
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/embed/d539YpDpS4A?feature=oembed
IP 142.250.74.110:0
GET /embed/d539YpDpS4A?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 28 Jan 2023 15:23:05 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=bgdR92dQJg0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpjeU16azRNakk0TWpRME9EWXhOUT09ENn71J4GGNn71J4G; Domain=.youtube.com; Expires=Thu, 27-Jul-2023 15:23:05 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=p4jUItxQHdE; Domain=.youtube.com; Expires=Thu, 27-Jul-2023 15:23:05 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+776; expires=Mon, 27-Jan-2025 15:23:05 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
open.spotify.com/embed/album/4leRFMtNAbiVLOhJVc8vBq
35.186.224.25200 OK 0 B URL HTTP/2 open.spotify.com/embed/album/4leRFMtNAbiVLOhJVc8vBq
IP 35.186.224.25:0
GET /embed/album/4leRFMtNAbiVLOhJVc8vBq HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:23:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
set-cookie: sp_t=04f128a5030d60d4d6fa98e98d351d89; path=/; expires=Sun, 28 Jan 2024 15:23:05 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Falbum%2F4leRFMtNAbiVLOhJVc8vBq%3Fsp_cid%3D04f128a5030d60d4d6fa98e98d351d89%26device%3Ddesktop; path=/; expires=Sun, 29 Jan 2023 15:23:05 GMT; domain=.spotify.com; samesite=none; secure; httponly
content-encoding: gzip
x-envoy-upstream-service-time: 66
sp-trace-id: 276fc5f959fbe99e
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
marouf.fi/
31.217.192.146200 OK 0 B IP 31.217.192.146:0
ASN #58003 Planeetta Internet Oy
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: marouf.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://marouf.fi/wp-json/>; rel="https://api.w.org/", <https://marouf.fi/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://marouf.fi/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://marouf.fi/wp-json/tribe/events/v1/
x-tec-api-origin: https://marouf.fi
content-type: text/html; charset=UTF-8
date: Sat, 28 Jan 2023 15:23:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/embed/Np1VpAA7-tg?feature=oembed
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/embed/Np1VpAA7-tg?feature=oembed
IP 142.250.74.110:0
GET /embed/Np1VpAA7-tg?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 28 Jan 2023 15:23:05 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=88FchRuj9DQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=b5fa7EJWKv8; Domain=.youtube.com; Expires=Thu, 27-Jul-2023 15:23:05 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpjeU16azRNekUwTkRrNE9EVTJNZz09ENn71J4GGNn71J4G; Domain=.youtube.com; Expires=Thu, 27-Jul-2023 15:23:05 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+854; expires=Mon, 27-Jan-2025 15:23:05 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
player-v2.yle.fi/50.438c96aa305ecbc0cb97.js
54.230.111.105200 OK 0 B URL HTTP/2 player-v2.yle.fi/50.438c96aa305ecbc0cb97.js
IP 54.230.111.105:0
GET /50.438c96aa305ecbc0cb97.js HTTP/1.1
Host: player-v2.yle.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marouf.fi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Sat, 28 Jan 2023 15:23:06 GMT
last-modified: Thu, 26 Jan 2023 14:19:35 GMT
etag: W/"ed25bc7e91602147fb8342d893c7adb7"
cache-control: public,max-age=31536000
server: AmazonS3
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mHk2fTlQsDa7jneL26K6jBbV-tVb-hv0xS4J9iHCRTtd8L3Vo7i2VQ==
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2