r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20914
Expires: Sat, 17 Sep 2022 20:08:18 GMT
Date: Sat, 17 Sep 2022 14:19:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 17 Sep 2022 14:11:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tF91nr-AiDGv0x2GiIPLIQEIPx1JD89VJeV64AmeUklycjqihyaSJA==
Age: 499
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9wX-SR3djSvOUfCD6UbZKvRsPZGXHCQOquwCcgz6-VlFEG1jkeD4IQ==
age: 38942
X-Firefox-Spdy: h2
barbershopcashflow.com/styles/mtb/login.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
96.125.164.240301 Moved Permanently 363 B URL HTTP/1.1 barbershopcashflow.com/styles/mtb/login.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c2016317a3429456da03744941574866
8ec08fcc1f0538287d1984da9914a40618b31ecd
007e79365915c615fc4193d494f73efd209248075cb10446e9a527eb886e2f00
GET /styles/mtb/login.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 14:19:44 GMT
Server: Apache
Location: https://barbershopcashflow.com/styles/mtb/login.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Content-Length: 363
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 14:19:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 17 Sep 2022 14:03:22 GMT
Cache-Control: max-age=3600
Expires: Sat, 17 Sep 2022 14:41:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ijSNiy2uW8W7YDBGkzKcvz0o_ymMgK72map3pujK_ud4z2fdoaGKaA==
Age: 982
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9bf3402af9fef57aa11ffe2943728de4
a3a443aab8226d212be9698623717dd06e46c720
54987a5417af4a99d78532e502cf4685dd3372c1e9f717a8907f3d2b7c8926eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1348
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:45 GMT
Last-Modified: Sat, 17 Sep 2022 13:57:17 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IpmdRzy/e44dAnBt5MIMJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tWpa5b4zAgnUXcZyQ86FsK2pDHA=
barbershopcashflow.com/styles/mtb/login.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
96.125.164.240302 Found 327 B URL HTTP/1.1 barbershopcashflow.com/styles/mtb/login.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d2448721712e09789e4baa2f0d435383
63a7dd918f952c4261c16a8555dd66d68ffc11a5
bdd950d3eeb89399c5051587dc374786a9755aa7fb7588007aea7a4d2c9d329b
GET /styles/mtb/login.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Sat, 17 Sep 2022 14:19:44 GMT
Server: Apache
Location: http://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Content-Length: 327
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
96.125.164.240301 Moved Permanently 352 B URL HTTP/1.1 barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 31d737a637e02083606b82a547123672
fd873a1bcbb91f9929db561816d03331a56ef1cb
f799b3e128d86ea67a3d2cc8177c393729042365acdda8e9a047ef12c897e48d
GET /index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 14:19:45 GMT
Server: Apache
Location: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Content-Length: 352
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
96.125.164.240200 OK 26 kB URL HTTP/1.1 barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (708), with CRLF, LF line terminators
Hash 68bfea1527ff1649bb894f7a6d941275
05f99f1337c157d2bccee5ee27a701ee68ccd0ec
b2d00c850e95ba3541fb28e0e76c0f0d11a7fd63ad1ddc98420671ee8b418a34
GET /index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:45 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0; path=/
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
code.jquery.com/ui/1.10.3/jquery-ui.js
69.16.175.42200 OK 107 kB URL HTTP/2 code.jquery.com/ui/1.10.3/jquery-ui.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (840)
Size 107 kB (106766 bytes)
Hash 6d02c84ef577ce34a723a6311a74cf22
33ff30eca74203d9ad2e5b6e380d160a54edcf9c
3139dd4625f05562ea4491bdcfef505f8b59849c8257b3495ba5435af7e2c1cf
GET /ui/1.10.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:19:46 GMT
content-encoding: gzip
content-length: 106766
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd700-6a684"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663424386.dop013.sk1.t,1663424386.cds071.sk1.hn,1663424386.cds238.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13047
Expires: Sat, 17 Sep 2022 17:57:13 GMT
Date: Sat, 17 Sep 2022 14:19:46 GMT
Connection: keep-alive
code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css
69.16.175.42200 OK 6.1 kB URL HTTP/2 code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css
IP 69.16.175.42:0
File type ASCII text, with very long lines (1339)
Hash a65dd4a64c5ce305a9faa7928821ad32
7bd2a26914856f0edf10b228967e6917bfd65921
914032cf5bb3d987223b5b591fc295bd61915ce5a161d262dfb6264bfa5ddc29
GET /ui/1.10.3/themes/smoothness/jquery-ui.css HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:19:46 GMT
content-encoding: gzip
content-length: 6050
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd700-7d2e"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663424386.dop013.sk1.t,1663424386.cds071.sk1.hn,1663424386.cds250.sk1.c
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 0ccf02d52b75b85c65aa5460aa24aebf
50d1a19cb9ebbd6d42173ce2d963ea4df29e8e5a
d13778acf057777bad23fd020088463d65d2b7baff042cd4529d27faa46daf38
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 323
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sat, 17 Sep 2022 14:19:46 GMT
Etag: "f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Last-Modified: Wed, 31 Aug 2022 20:41:50 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F707)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29220
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F269c619b-7793-4ef9-ae9d-9464582f4b56.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F269c619b-7793-4ef9-ae9d-9464582f4b56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f1583c126dab43886a89cda3f82d760
5740a5507f21449319597ef49dbb456cbf7372b5
3b8ea2490bd6d777ec64358a84a07bdb1ccd4a6dfa30969feed45cfa7725745f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F269c619b-7793-4ef9-ae9d-9464582f4b56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12221
x-amzn-requestid: ede87d50-8626-40bf-bb1a-d3f95e252f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUrGuqIAMF7tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-2952b2ba7271a5b516295a55;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 39THgu_2WIUs5Hx0CElOMyYu8f9XzzgwzO1naHT1gWJiAyo83lnzuw==
via: 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:50:31 GMT
age: 59355
etag: "5740a5507f21449319597ef49dbb456cbf7372b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98d68511-1d61-4e7e-9647-8c57b409e85e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98d68511-1d61-4e7e-9647-8c57b409e85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67046c783f8a224572cb8c70625cec67
6b17fa76a13bca3d75efb59a2f4b04c4a43477b6
44aed2e381a512e648202a775c70b7e5ebd5ce8f2c8762bb24c8bb8ee9b98f4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98d68511-1d61-4e7e-9647-8c57b409e85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: d9194b5e-17bc-4e08-b1bb-97dda96ac30e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknslF7KoAMF8xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ecb6-56733ebe2050abfd16e2d5a1;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:37:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Meblc1VO8Te1dcBvdt5QsMM6ACc9gnE0OvPomm4vjJD-_IHDefh4zA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:50:26 GMT
age: 59360
etag: "6b17fa76a13bca3d75efb59a2f4b04c4a43477b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: clBnXbh8x6GItJ6ObFVEM4Es3jAKlfMS8CMGlU6RBf_eshZ_HfFkOA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:31:13 GMT
age: 56913
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d46a910081eb782408f1a2fa3c6aabba
28ac45ef155c66dd79a306f14d3b38f597b6a32e
d5787a6a12d275555c627e3245b37d4e751148345a09d5671b343cfebe7173b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: e1ca6cef-c033-4887-80cf-2014ab8e620c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ykn5cEnLIAMFrzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ed09-3afc16cf66fef0e62dd6f3cc;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:39:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pPCI5VDX3PIldEnkLv-VNCFWuykiarYQdLYguNTfmbwxYCDVaS2EcA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:01:45 GMT
age: 58681
etag: "28ac45ef155c66dd79a306f14d3b38f597b6a32e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4-H_LbXRjS1PJkVz9OIhwsaPfu8ZlL98zTZG--hdmij9Tc6KtmNSFQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:51:13 GMT
age: 59313
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
172.217.21.170200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (32072)
Hash d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 04:47:12 GMT
expires: Sun, 17 Sep 2023 04:47:12 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 34354
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
barbershopcashflow.com/content/global.css
96.125.164.240200 OK 1.2 kB URL HTTP/1.1 barbershopcashflow.com/content/global.css
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8181a341f40f9ec1b074ecf9bc20e553
ef92f5a173f4f264a410e13ed7f7544354961bc1
a97eb4891426711a9523b06d976a194a513e736784db4a6c49991791807eb356
GET /content/global.css HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:46 GMT
Server: Apache
Last-Modified: Thu, 12 Nov 2015 22:10:04 GMT
Accept-Ranges: bytes
Content-Length: 1166
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
barbershopcashflow.com/js/ajax.js
96.125.164.240200 OK 3.9 kB URL HTTP/1.1 barbershopcashflow.com/js/ajax.js
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 391e1442721d3c66ebf1cee6a073017f
76c878f5cb6b0fa13ba174a5792a3860f999fc22
a3273d0e005a52406c06bed560ebb914d1e68a2d9715ddb9eae29071791c90e5
Analyzer Verdict Alert fortinet Phishing
GET /js/ajax.js HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:46 GMT
Server: Apache
Last-Modified: Tue, 26 Jan 2016 14:49:50 GMT
Accept-Ranges: bytes
Content-Length: 3856
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
barbershopcashflow.com/css/responsivemobilemenu.css
96.125.164.240200 OK 3.4 kB URL HTTP/1.1 barbershopcashflow.com/css/responsivemobilemenu.css
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash aab7dff16cc135bcc45c20de62adacb3
85e655ef26dc630cc7b5aef15f96ff0571e80217
e9904725aa3ea0a3fa512dea4e07198eb89cc125907eee3638202f394737569d
GET /css/responsivemobilemenu.css HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:46 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2015 14:40:26 GMT
Accept-Ranges: bytes
Content-Length: 3358
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
barbershopcashflow.com/css/player.css
96.125.164.240200 OK 1.5 kB URL HTTP/1.1 barbershopcashflow.com/css/player.css
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a36185637f26cfa72657b6dd68a533b8
0db2e770e3a5e8991aa432b9691cf6e34c4069a8
df2c18f768b99a574cb411b3f2a94b6302a8f4f674e772f37915769327602b6b
GET /css/player.css HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:46 GMT
Server: Apache
Last-Modified: Sun, 09 Mar 2014 00:44:28 GMT
Accept-Ranges: bytes
Content-Length: 1466
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
barbershopcashflow.com/js/fly-to-basket.js
96.125.164.240200 OK 11 kB URL HTTP/1.1 barbershopcashflow.com/js/fly-to-basket.js
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 273bd11dc4d5aedb008c6edbee994889
1c59418d461b89fd42a7c7ecc9d1bcc0ef3de028
16bac7908eed7b5477d1765be1701b882a9769127aa34ba42f6bfb24d9fb07eb
Analyzer Verdict Alert fortinet Phishing
GET /js/fly-to-basket.js HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:46 GMT
Server: Apache
Last-Modified: Tue, 19 Apr 2016 07:58:16 GMT
Accept-Ranges: bytes
Content-Length: 10787
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
barbershopcashflow.com/js/responsivemobilemenu.js
96.125.164.240200 OK 3.0 kB URL HTTP/1.1 barbershopcashflow.com/js/responsivemobilemenu.js
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash dc900fd1f74dc21b68c048e03e29f4af
4b9a02e9ddc4a38eafb264c247c04265451cc5dd
94a2df82912abdd3d5a87c366762f07f492cc3854b2ba8ee8a5520f5a7c862eb
Analyzer Verdict Alert fortinet Phishing
GET /js/responsivemobilemenu.js HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:46 GMT
Server: Apache
Last-Modified: Tue, 19 Apr 2016 07:59:01 GMT
Accept-Ranges: bytes
Content-Length: 2973
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
barbershopcashflow.com/css/bootstrap-theme.min.css
96.125.164.240200 OK 23 kB URL HTTP/1.1 barbershopcashflow.com/css/bootstrap-theme.min.css
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23192)
Hash bf3499da1c31113720e9e395691730ba
4c936da026b2fb2e6b63d3d4ddbc3d9beb658d17
6c7422a9c15b9c96f542187ad5163d70c87a911d204ee418ea214e063d728f4d
GET /css/bootstrap-theme.min.css HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:46 GMT
Server: Apache
Last-Modified: Fri, 04 Dec 2015 00:59:50 GMT
Accept-Ranges: bytes
Content-Length: 23357
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
barbershopcashflow.com/js/player.js
96.125.164.240200 OK 5.9 kB URL HTTP/1.1 barbershopcashflow.com/js/player.js
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2019)
Hash 9a7b8a9312fccd8b3f34f17cc4830b71
7791e82ca6c041f1afb292d07f90826e2b699a0c
0b0c3e778bf35433037058d1f571287dec737bc19e4cc86571f4c3b0f31249e8
Analyzer Verdict Alert fortinet Phishing
GET /js/player.js HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:46 GMT
Server: Apache
Last-Modified: Thu, 07 Jan 2016 23:52:56 GMT
Accept-Ranges: bytes
Content-Length: 5899
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
barbershopcashflow.com/css/css.php?1663424385
96.125.164.240200 OK 34 kB URL HTTP/1.1 barbershopcashflow.com/css/css.php?1663424385
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF, LF line terminators
Hash 81737702115850a6efd57c7961b08ec5
842f6563b368932a1ee813a3284abdbed77190e9
0fe7d29fad75e2581ceeb0caebd0759609d78e98e9e3bcbe6fed3828769d9426
Analyzer Verdict Alert fortinet Phishing
GET /css/css.php?1663424385 HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:46 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
barbershopcashflow.com/js/jquery.jplayer.min.js
96.125.164.240200 OK 53 kB URL HTTP/1.1 barbershopcashflow.com/js/jquery.jplayer.min.js
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (634)
Hash bcff4f0f0eaaf75435e924eec527616d
fe1e7850635b2a1564e8f7f3195617d2eaba73d7
552825b186d7451e0bf6df23e2b78b333e0ccc81aea2dd19055a8adf4b9fe329
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.jplayer.min.js HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:46 GMT
Server: Apache
Last-Modified: Sat, 08 Mar 2014 23:37:38 GMT
Accept-Ranges: bytes
Content-Length: 52702
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
barbershopcashflow.com/css/bootstrap.min.css
96.125.164.240200 OK 122 kB URL HTTP/1.1 barbershopcashflow.com/css/bootstrap.min.css
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65371)
Size 122 kB (122540 bytes)
Hash 5d5357cb3704e1f43a1f5bfed2aebf42
08df9a96752852f2cbd310c30facd934e348c2c5
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
GET /css/bootstrap.min.css HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:46 GMT
Server: Apache
Last-Modified: Fri, 04 Dec 2015 00:57:24 GMT
Accept-Ranges: bytes
Content-Length: 122540
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9730b7d7d5f0481f65712991a899f4b8
facb4df5e4a4ac98b9bdd126c7dbb531cf0fe1e7
15d7d8acbcd94d9ca8579cc31a9ec621e76408663bc4b047e5e127acb14334a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fbarbershopcashflow.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fbarbershopcashflow.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash aa228863765c3263e12f1d7c71015518
619739a12e0f16eab26a43a913b35779edea57a6
cf9a241903646ee9b88b76da2bb3e11d16f36246f7bbc53bbe2c98466e5ea12a
GET /widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fbarbershopcashflow.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1445794
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Sep 2022 14:19:47 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
www.youtube.com/s/player/a97e97de/www-player.css
172.217.21.174200 OK 49 kB URL HTTP/2 www.youtube.com/s/player/a97e97de/www-player.css
IP 172.217.21.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3a057d9fa48ad6b735e91c1f7fd7909a
e6a67ab82ccccef2ff9c2a9675549db921d86a4d
62ace094defa260545fd5dad61759df34fe0ae1a8dc1f0cf40a70d28a04ea905
GET /s/player/a97e97de/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/rI9fjC_0SKQ?controls=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49363
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 03:04:24 GMT
expires: Sat, 16 Sep 2023 03:04:24 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
content-type: text/css
age: 126923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9730b7d7d5f0481f65712991a899f4b8
facb4df5e4a4ac98b9bdd126c7dbb531cf0fe1e7
15d7d8acbcd94d9ca8579cc31a9ec621e76408663bc4b047e5e127acb14334a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/a97e97de/www-embed-player.vflset/www-embed-player.js
172.217.21.174200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/a97e97de/www-embed-player.vflset/www-embed-player.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (570)
Hash 66779b8011cd9ebfa3cb7a6de301d00d
a85da451fc25564d8b0a7287ea67e644790d1a3e
75228478dd647670e9d3aeae17d741abd5f5a07d739127dfbfeded437927d7fa
GET /s/player/a97e97de/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/rI9fjC_0SKQ?controls=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97939
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 03:04:24 GMT
expires: Sat, 16 Sep 2023 03:04:24 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
content-type: text/javascript
age: 126923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/a97e97de/fetch-polyfill.vflset/fetch-polyfill.js
172.217.21.174200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/a97e97de/fetch-polyfill.vflset/fetch-polyfill.js
IP 172.217.21.174:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/a97e97de/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/rI9fjC_0SKQ?controls=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 03:04:24 GMT
expires: Sat, 16 Sep 2023 03:04:24 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
content-type: text/javascript
age: 126923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/a97e97de/player_ias.vflset/en_US/base.js
172.217.21.174200 OK 590 kB URL HTTP/2 www.youtube.com/s/player/a97e97de/player_ias.vflset/en_US/base.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (554)
Size 590 kB (589794 bytes)
Hash 2cf72d6908c8dfac7e8c8c5debe1bba0
69aef6123882a5df7a9460f8b69e16ef4312d757
b2beac7d81227b7916417f65959a82092770b53ab9f3add4d2603fbcf6838375
GET /s/player/a97e97de/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/rI9fjC_0SKQ?controls=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 589794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 03:14:52 GMT
expires: Sat, 16 Sep 2023 03:14:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
content-type: text/javascript
age: 126295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4ddf21dcf2ee24403b3a356e254fbd5b
9081b74152d75877b0b5ae7c7d13e1f49856681f
1888b6d81d0359d2a829ba9670ab0d9c4825a87009f1470df4c850a7187af83d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5388
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:47 GMT
Last-Modified: Sat, 17 Sep 2022 12:49:59 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
104.18.11.207200 OK 10 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
IP 104.18.11.207:0
File type ASCII text, with very long lines (32034)
Hash a09b5956bfff5b008680285087072aba
83991ef104e8293770a3d84292e1ad8d37e93de8
10889aebe7d06a8aa525efb0c69c96d6fe9b384b5b5eaa9fb8ed69cfc74f072b
GET /bootstrap/3.3.5/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:19:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 718, 718
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:48:47
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 39b7a4107ac99785daf3883d73227d5f
cdn-cache: HIT
cf-cache-status: HIT
age: 11534706
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74c27a8fafd6b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa86a62c870c1ce23fd85f73e99d7964
81af6fd2507bb58c6b040fd5f494de01d22e7102
76bc6fffeb8593064820e909edc5e4991cb4a5c1b609916a6021974665b5286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 17 Sep 2022 14:19:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 362089b1736455ea45e49a07c8901d6a
43a8bd5413ec595b873f959b69bade5aab25f6d3
b9eeb4bfc11976f62f9d53fd686c3ad4d699fdf7d14fad6d4916febcf60a3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa86a62c870c1ce23fd85f73e99d7964
81af6fd2507bb58c6b040fd5f494de01d22e7102
76bc6fffeb8593064820e909edc5e4991cb4a5c1b609916a6021974665b5286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 14:14:23 GMT
expires: Sat, 17 Sep 2022 14:29:23 GMT
cache-control: public, max-age=900
age: 325
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 17 Sep 2022 14:19:48 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 362089b1736455ea45e49a07c8901d6a
43a8bd5413ec595b873f959b69bade5aab25f6d3
b9eeb4bfc11976f62f9d53fd686c3ad4d699fdf7d14fad6d4916febcf60a3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f8ded9485d3b0c052c45804070d34e98
7821ad07a3296af12bf6e169c71ef9d77cb209f3
00e93e7b10c04c4b5d88b857766eb3ff928c6e46aca5187ef6b479ca132afbe0
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 17 Sep 2022 14:19:48 GMT
server: ESF
cache-control: private
content-length: 31028
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b4a24f9aebdfdb06d10cd53e92a70bb8
c4532479dbd9636d8f5206faa085c520651eb5f2
1d330af2b423e351355f710f14cb771fa9918e8b6638c5076aba7bcda6c30936
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b430c292ae7f0e9b4462e645251d824
52dcac4cc5df39002209f35b64677b2d154017a3
0122901c3a3238b36177e2659bea7586d8341041aeedbfad022ba493582dcfac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
barbershopcashflow.com/images/uploads/facebookcover_web.png
96.125.164.240200 OK 491 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/facebookcover_web.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 495 x 758, 8-bit/color RGBA, non-interlaced\012- data
Size 491 kB (490986 bytes)
Hash 39a586368a60ad786d8d4cd1c5fca576
cf1c4da7e6fdde038d1f3372603ca3c969fcb177
ca33618d5080775d31cc41064b25841645368c92c2a99bd067ae5457a9d9fb5c
GET /images/uploads/facebookcover_web.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:47 GMT
Server: Apache
Last-Modified: Sat, 10 Mar 2018 02:59:27 GMT
Accept-Ranges: bytes
Content-Length: 490986
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.google.com/js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35918)
Hash b600177efe473664fb627ad35ffbc4db
b85f65be40c923277d1455e64a33966ee9fa0838
ec20323b3d03a9e3cb135ab17c27cee75eab248b40f3ebed5062d80ef18f961f
GET /js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:03:05 GMT
expires: Thu, 14 Sep 2023 05:03:05 GMT
cache-control: public, max-age=31536000
age: 292603
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/rI9fjC_0SKQ/maxresdefault.webp
142.250.74.150200 OK 128 kB URL HTTP/2 i.ytimg.com/vi_webp/rI9fjC_0SKQ/maxresdefault.webp
IP 142.250.74.150:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 128 kB (128428 bytes)
Hash 9e0d4c06eb30d35e5eac70b7976943e5
7880508c28b518e4e8d8567ec8493672cee063b8
96627b08eb8c52e3f5d24b51a67a3744170da8e47c9ba60196c2caacb6f22fb7
GET /vi_webp/rI9fjC_0SKQ/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 128428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 14:19:48 GMT
expires: Sat, 17 Sep 2022 16:19:48 GMT
cache-control: public, max-age=7200
etag: "1551333404"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1ed5276ce78dd7ec3e5d5612db66d478
b76defb0ef2cb1a47f7b7064b7ed7008eb219cbb
d7a41bc16c6193d184e995f54247002cfe75a74ff174810f18a4dc5384df3578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b430c292ae7f0e9b4462e645251d824
52dcac4cc5df39002209f35b64677b2d154017a3
0122901c3a3238b36177e2659bea7586d8341041aeedbfad022ba493582dcfac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu_t_QgxtBFO9PkHyGI3ANk7tDK4UTLqxkAtC6So=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_t_QgxtBFO9PkHyGI3ANk7tDK4UTLqxkAtC6So=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 1bf2c9df227a395c4399f893261661a4
e5a7dcf75f5f12ea667b59844df6428c05bd63ca
3955ca3c2032208960a7f5cfbef2078e4ec30e426daef3852415a2e1417ddf52
GET /ytc/AMLnZu_t_QgxtBFO9PkHyGI3ANk7tDK4UTLqxkAtC6So=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4054
x-xss-protection: 0
date: Sat, 17 Sep 2022 14:19:48 GMT
expires: Tue, 13 Sep 2022 22:01:19 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1f"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1ed5276ce78dd7ec3e5d5612db66d478
b76defb0ef2cb1a47f7b7064b7ed7008eb219cbb
d7a41bc16c6193d184e995f54247002cfe75a74ff174810f18a4dc5384df3578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
barbershopcashflow.com/images/uploads/
96.125.164.240200 OK 0 B URL HTTP/1.1 barbershopcashflow.com/images/uploads/
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /images/uploads/ HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/css/css.php?1663424385
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:48 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
barbershopcashflow.com/images/uploads/dvdopeninsert_2.png
96.125.164.240200 OK 788 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/dvdopeninsert_2.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 681 x 617, 8-bit/color RGBA, non-interlaced\012- data
Size 788 kB (788010 bytes)
Hash 50bd9465db05610b7f153fa8904f562a
e27cca8a97b6f4e7084af0807293c0c93f473740
c25043d600f777fe3da1f0ca9b24019222e9055e21f2630149bf234003034b53
GET /images/uploads/dvdopeninsert_2.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:47 GMT
Server: Apache
Last-Modified: Mon, 09 Jan 2017 12:52:55 GMT
Accept-Ranges: bytes
Content-Length: 788010
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/disc_todd.png
96.125.164.240200 OK 677 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/disc_todd.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced\012- data
Size 677 kB (677296 bytes)
Hash 17dd6438b2ad9e2c1c108156a649e987
9ae82d5df51d67cb15fae8f7b7bbfa1db7f6aa6c
3b7b55da220bb8ac06bfc9de849ef983608f57c9dd1eaeab1efb3cd625d2dc7f
GET /images/uploads/disc_todd.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:47 GMT
Server: Apache
Last-Modified: Mon, 09 Jan 2017 08:27:53 GMT
Accept-Ranges: bytes
Content-Length: 677296
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 17 Sep 2022 14:19:48 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7e3724ebe76739793685008e49c0e184
59855931779ccc932254dc200e7ad14e7ed85da4
f8e0438d61c08cd2ffa39149727bc44fe74fe85ad9a2d504531d1a3919b87201
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1195
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 17 Sep 2022 14:19:48 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
barbershopcashflow.com/images/uploads/Start-barber-shop-cash-flow-membership(1).png
96.125.164.240200 OK 154 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/Start-barber-shop-cash-flow-membership(1).png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 500, 8-bit/color RGB, non-interlaced\012- data
Size 154 kB (153956 bytes)
Hash 487a3fafe0269619824c063aa7e24070
ba2dee3acf8d3f0d987259d239ba7df5757bafe8
f580b7a88a8aa2e7f508f4acbbcad45b9f4126a6a7a510ae5d1fbd516cb0d80d
GET /images/uploads/Start-barber-shop-cash-flow-membership(1).png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:48 GMT
Server: Apache
Last-Modified: Mon, 09 Jan 2017 12:43:18 GMT
Accept-Ranges: bytes
Content-Length: 153956
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/disc_marley.png
96.125.164.240200 OK 540 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/disc_marley.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced\012- data
Size 540 kB (540445 bytes)
Hash 81e04c70c0966a4ad0de2e63cadc9b42
393e6ab1941365fe87f8096d35410492a8d4f602
cf964281909bca8c89ed6dab41b71ac2ad82e9a8948a0f051504ea6fb9efaac9
GET /images/uploads/disc_marley.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:47 GMT
Server: Apache
Last-Modified: Mon, 09 Jan 2017 09:35:55 GMT
Accept-Ranges: bytes
Content-Length: 540445
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/video-production-web.png
96.125.164.240200 OK 712 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/video-production-web.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 600 x 919, 8-bit/color RGBA, non-interlaced\012- data
Size 712 kB (712157 bytes)
Hash 891c8ab37e279ea3d0ee43d73db417e5
cc4c521ea95f07218aa086cdd577dc8849b0673f
716aed35f28d37efbfe12806a8233f1299a49fe69a5c0dc3d3ee8eaea45b6e0a
GET /images/uploads/video-production-web.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:47 GMT
Server: Apache
Last-Modified: Tue, 13 Mar 2018 00:23:43 GMT
Accept-Ranges: bytes
Content-Length: 712157
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/start-barber-shop-business-panel.png
96.125.164.240200 OK 642 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/start-barber-shop-business-panel.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 960 x 500, 8-bit/color RGB, non-interlaced\012- data
Size 642 kB (641884 bytes)
Hash d394d0c5cd357f59c6a53b46f11f35b9
e869cea4ee919e11c81ab08ba7b65d611834406a
14965cfae13e3113e31854d012b2205963c632ed60abd67b6ef77914a5adc81f
GET /images/uploads/start-barber-shop-business-panel.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:48 GMT
Server: Apache
Last-Modified: Fri, 01 Feb 2019 03:56:49 GMT
Accept-Ranges: bytes
Content-Length: 641884
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/disc_rob.png
96.125.164.240200 OK 698 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/disc_rob.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced\012- data
Size 698 kB (697755 bytes)
Hash 75b8144e8abf9bb023f818a315cecdbd
3ca355e63c277b36371627cc296174f084794444
821f5bebe11db9bc9aca24380cf4f49e03de62204a16036548203185e96add30
GET /images/uploads/disc_rob.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:47 GMT
Server: Apache
Last-Modified: Mon, 09 Jan 2017 09:34:10 GMT
Accept-Ranges: bytes
Content-Length: 697755
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/364395how-start-your-own-barbershop-business-training.png
96.125.164.240200 OK 1.4 MB URL HTTP/1.1 barbershopcashflow.com/images/uploads/364395how-start-your-own-barbershop-business-training.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 600, 8-bit/color RGB, non-interlaced\012- data
Size 1.4 MB (1359973 bytes)
Hash 1067c09555a4f5036def65061a02ce5a
88b99ab26ef997c706cbcf5864965162f15ebe94
bd70d60b20396a1fbe187e1560fdcb87f839ec2c3f22a3aab22e1f75821d9682
GET /images/uploads/364395how-start-your-own-barbershop-business-training.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:48 GMT
Server: Apache
Last-Modified: Sun, 29 Mar 2020 22:37:10 GMT
Accept-Ranges: bytes
Content-Length: 1359973
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/allen-pic=small.png
96.125.164.240200 OK 474 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/allen-pic=small.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 501 x 605, 8-bit/color RGBA, non-interlaced\012- data
Size 474 kB (474177 bytes)
Hash 952981352576f3c43c759f82a310c6c7
430c0ee6d82d95fdafb50f76b0770a8aa1efdb82
8b3db3d1a662ecbb2661d0f6d02e4f487fcc0764d71c9bc65966dfb0fa9d35b3
GET /images/uploads/allen-pic=small.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:48 GMT
Server: Apache
Last-Modified: Sat, 02 Feb 2019 04:18:31 GMT
Accept-Ranges: bytes
Content-Length: 474177
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/booth-agreement-for-web.png
96.125.164.240200 OK 35 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/booth-agreement-for-web.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 450 x 350, 8-bit/color RGBA, non-interlaced\012- data
Hash d3a1f54a8ce9643a6c61238bf2240cd7
92f19c5ee02037e2a75421786df2cda505965af0
16281045bd68fe6f5011a9cb3296aaa61d96414579eeb503da83ba1b465aec37
GET /images/uploads/booth-agreement-for-web.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:49 GMT
Server: Apache
Last-Modified: Sat, 10 Mar 2018 03:29:52 GMT
Accept-Ranges: bytes
Content-Length: 35219
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/location-small%20copy.png
96.125.164.240200 OK 37 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/location-small%20copy.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 450 x 350, 8-bit/color RGBA, non-interlaced\012- data
Hash eb5185bc74827d5820d8ab819b1fef04
ec4e7516c2aab590c7c6b76744c359bb7a5dba67
8f677d2cf082d6545bf1251392a33646f9dbf33f98db119332b35c214c0fb1dc
GET /images/uploads/location-small%20copy.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:49 GMT
Server: Apache
Last-Modified: Mon, 09 Jan 2017 09:45:57 GMT
Accept-Ranges: bytes
Content-Length: 36802
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/How-to-start-barbershop-500px.png
96.125.164.240200 OK 552 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/How-to-start-barbershop-500px.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 500 x 766, 8-bit/color RGBA, non-interlaced\012- data
Size 552 kB (551786 bytes)
Hash c204dd014bf703374169c06b55e33cba
996df411a6ad2c4c485af9432fd54432c05d939b
a0383aea63e0de4efa03536e266079d2157a7e0715b772a8bd222cb8fad91511
GET /images/uploads/How-to-start-barbershop-500px.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:48 GMT
Server: Apache
Last-Modified: Sat, 02 Feb 2019 02:48:29 GMT
Accept-Ranges: bytes
Content-Length: 551786
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/disc_876x876(1).png
96.125.164.240200 OK 535 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/disc_876x876(1).png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 876 x 876, 8-bit/color RGBA, non-interlaced\012- data
Size 535 kB (535394 bytes)
Hash eba95ade52c553ede5501a99529892b3
21125d4878049ed80d5ff1672f89250fe0256723
a8552325813d5aa2c1561a822e0eed12135c1c2436a18555d38e333c394da86e
GET /images/uploads/disc_876x876(1).png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:48 GMT
Server: Apache
Last-Modified: Mon, 09 Jan 2017 13:15:29 GMT
Accept-Ranges: bytes
Content-Length: 535394
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/30-tips-for-barbers.png
96.125.164.240200 OK 777 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/30-tips-for-barbers.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 700 x 1072, 8-bit/color RGBA, non-interlaced\012- data
Size 777 kB (776672 bytes)
Hash c4e961a9c8e0bb440db7d3646ff9278b
cbb65f0ecdf5a7044275e440edb734fc885635c6
5f0faeed14426474b26ea6b99754ee1cdb0cbfb2e12df64f811355537596e4c6
GET /images/uploads/30-tips-for-barbers.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:49 GMT
Server: Apache
Last-Modified: Tue, 06 Mar 2018 05:57:12 GMT
Accept-Ranges: bytes
Content-Length: 776672
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/success-barber-shop-business-30-day-money%20copy.png
96.125.164.240200 OK 594 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/success-barber-shop-business-30-day-money%20copy.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1000 x 500, 8-bit/color RGB, non-interlaced\012- data
Size 594 kB (593793 bytes)
Hash d0795a166381539f73dc62ea8c08f487
571d16d0f5b951e8bbfa8d47adc9ef10e83e57f0
d4e080962e698dd8eb09e137429f073e7fa0aad7c93015c429e42e62128b3c48
GET /images/uploads/success-barber-shop-business-30-day-money%20copy.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:49 GMT
Server: Apache
Last-Modified: Tue, 06 Mar 2018 05:49:16 GMT
Accept-Ranges: bytes
Content-Length: 593793
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
barbershopcashflow.com/images/uploads/paypal.png
96.125.164.240200 OK 204 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/paypal.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 850 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 204 kB (204060 bytes)
Hash 4e244070dcf347b532b929f580ad8840
75d1370bed2167b166f236e794538787aecb4b54
57a254c5d94b1e8a14492afb643bf640d2255a7b5071185cf2ae58c87ce19d94
GET /images/uploads/paypal.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:49 GMT
Server: Apache
Last-Modified: Thu, 09 Apr 2020 07:23:34 GMT
Accept-Ranges: bytes
Content-Length: 204060
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 924cca70f1f5ba02eb6af21a65e0bdd1
3baa75b1ea32068f96cfd5060e4e1eda71c61da8
e55036d990bb7071b7e51e739b8650538ce67d821cc966b0baa99ff40220973b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6149
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:50 GMT
Last-Modified: Sat, 17 Sep 2022 12:37:21 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash af062d3e4abe5072121ccf77e0b5dd34
dd23abaa86f6afefcf3ca3fbcc2b9be6e976746f
e7f2ce0a74e22cf030456f3008acfc25fe06e3d2bae953952dcdc2c43929f704
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 44b64279558f1d66a947aa371ee8c14c
etag: "ab4ffe52c72ef5f9427685f5144ee9eb"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 17 Sep 2022 14:36:18 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: rwYtPkq+UHISHM934LXdNA==
x-fb-debug: hjoOCHemgbA9dvbBJ/ozgMovvsuMeBLwqOo7lSmuskcKWAP2XBmE2g6kBHuX881r/TB8MVohQk/TzIbJa7moTg==
priority: u=3,i
content-length: 1688
x-fb-trip-id: 1904183273
date: Sat, 17 Sep 2022 14:19:50 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
172.217.21.168200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 172.217.21.168:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sat, 17 Sep 2022 14:17:11 GMT
expires: Sat, 17 Sep 2022 16:17:11 GMT
cache-control: public, max-age=7200
age: 159
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 924cca70f1f5ba02eb6af21a65e0bdd1
3baa75b1ea32068f96cfd5060e4e1eda71c61da8
e55036d990bb7071b7e51e739b8650538ce67d821cc966b0baa99ff40220973b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6149
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:50 GMT
Last-Modified: Sat, 17 Sep 2022 12:37:21 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js?hash=8c5a594b6918c9691703841163aacb94
31.13.72.12200 OK 89 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=8c5a594b6918c9691703841163aacb94
IP 31.13.72.12:0
File type ASCII text, with very long lines (18602)
Hash bf9452e75128227ecf890e133d1110f0
07b7a731bea5c6b8afb249d65d55eb0ee5558227
629b8a395fbabe7772d8d0c8836e481bc6855faeb6eddc052b686b2aed632a23
GET /en_US/sdk.js?hash=8c5a594b6918c9691703841163aacb94 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://barbershopcashflow.com
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 1daac04ea1fd4084bb440f404c7007c2
etag: "66ad71208fed19445d515def14b10c7b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 17 Sep 2023 13:37:00 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: v5RS51EoIn7PiQ4TPREQ8A==
x-fb-debug: y81/3pG0BhKKbPfYC02LATHWgkVDX3fxD5o6TxdUmW1XmtfNhBzvNnBKEdXJauLRHnJ48gPHx3Pw96FEFgOxXw==
content-length: 88689
x-fb-trip-id: 1904183273
date: Sat, 17 Sep 2022 14:19:50 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
barbershopcashflow.com/images/uploads/web-barber-taxes-cover.png
96.125.164.240200 OK 998 kB URL HTTP/1.1 barbershopcashflow.com/images/uploads/web-barber-taxes-cover.png
IP 96.125.164.240:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 707 x 1083, 8-bit/color RGBA, non-interlaced\012- data
Size 998 kB (997638 bytes)
Hash f0ddc3e91d78a96efb10fdba2ded43ee
1f3b8aca8190731c8c2806944d8c39b9e2d5d0b4
b28ad7e5ecd02ff9a1d1ba4d5931e2183af166d28a54b0de500daa8cc0543d2f
GET /images/uploads/web-barber-taxes-cover.png HTTP/1.1
Host: barbershopcashflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/index.php?cmd=login_submit&idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA
Cookie: PHPSESSID=q59asenljpccvf0q4ip76gn8j0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 14:19:49 GMT
Server: Apache
Last-Modified: Tue, 06 Mar 2018 05:57:50 GMT
Accept-Ranges: bytes
Content-Length: 997638
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77aee3f-a7fb-4d87-92a7-6b33dd4ebf28.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77aee3f-a7fb-4d87-92a7-6b33dd4ebf28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1b42bfa9fc6593b0444391dc260329a
b9c4cd422b818c859ac6ca928bc9e932a578ce30
89eee7200bf7a8bf100f64aee2208d7852265a85feb133fc87846b15cd96e842
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77aee3f-a7fb-4d87-92a7-6b33dd4ebf28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5983
x-amzn-requestid: ba84a9a2-3ebe-4dc9-9604-98d5cccb4f2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUqFxpoAMFrpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-55cd6d0a6e39357c226dd21d;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J2fbb_t40ioxBvoRAT28rW4ujQw-qpPX3mMN97GBdEK_D8_oDz2g4g==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:51:07 GMT
age: 59326
etag: "b9c4cd422b818c859ac6ca928bc9e932a578ce30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
secure.statcounter.com/counter/counter.js
104.20.228.67200 OK 0 B URL HTTP/2 secure.statcounter.com/counter/counter.js
IP 104.20.228.67:0
GET /counter/counter.js HTTP/1.1
Host: secure.statcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:19:47 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 16 Sep 2022 13:17:32 GMT
etag: W/"6324776c-aa70"
expires: Sat, 17 Sep 2022 16:03:39 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 36968
server: cloudflare
cf-ray: 74c27a973dd61c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
c.statcounter.com/t.php?sc_project=11209757&u1=56627122657F4F09A2F89D91018A8FB6&java=1&security=1ba1328a&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//barbershopcashflow.com/index.php%3Fcmd%3Dlogin_submit%26idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA&t=Barber%20Shop%20Cash%20Flow%20-%20How%20To%20Start%20a%20Barber%20Shop%20Business&invisible=1&sc_rum_e_s=3702&sc_rum_e_e=3711&sc_rum_f_s=0&sc_rum_f_e=3681&get_config=true
104.20.228.67200 OK 0 B URL HTTP/2 c.statcounter.com/t.php?sc_project=11209757&u1=56627122657F4F09A2F89D91018A8FB6&java=1&security=1ba1328a&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//barbershopcashflow.com/index.php%3Fcmd%3Dlogin_submit%26idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA&t=Barber%20Shop%20Cash%20Flow%20-%20How%20To%20Start%20a%20Barber%20Shop%20Business&invisible=1&sc_rum_e_s=3702&sc_rum_e_e=3711&sc_rum_f_s=0&sc_rum_f_e=3681&get_config=true
IP 104.20.228.67:0
GET /t.php?sc_project=11209757&u1=56627122657F4F09A2F89D91018A8FB6&java=1&security=1ba1328a&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//barbershopcashflow.com/index.php%3Fcmd%3Dlogin_submit%26idO5VuTGfMbWqxDK7YXJyL4jQ65Uzuwy2kDXPxD5jP1JmFutDrccdhw3oBXX5uw7Pa5FHIK1xLKTrfn4HA&t=Barber%20Shop%20Cash%20Flow%20-%20How%20To%20Start%20a%20Barber%20Shop%20Business&invisible=1&sc_rum_e_s=3702&sc_rum_e_e=3711&sc_rum_f_s=0&sc_rum_f_e=3681&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://barbershopcashflow.com
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:19:50 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc11209757.1663424390.0; SameSite=None; Secure; Expires=Thursday, 16-Sep-2027 14:19:50 UTC; Path=/; Domain=.statcounter.com
is_visitor_unique=1663424390131806706; SameSite=None; Secure; Expires=Monday, 16-Sep-2024 14:19:50 UTC; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://barbershopcashflow.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74c27aa70e571c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.youtube.com/embed/rI9fjC_0SKQ?controls=0
172.217.21.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/rI9fjC_0SKQ?controls=0
IP 172.217.21.174:0
GET /embed/rI9fjC_0SKQ?controls=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbershopcashflow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 17 Sep 2022 14:19:47 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=BDFESlp1AUU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=-FQVNCojCX4; Domain=.youtube.com; Expires=Thu, 16-Mar-2023 14:19:47 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+357; expires=Mon, 16-Sep-2024 14:19:47 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2