stagefx.neovision.de/
138.201.56.111301 Moved Permanently 162 B IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 06 Oct 2022 01:35:26 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://stagefx.neovision.de/
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9D9jhpLXEdYMuq4lcCh0Co7NBCdxym5Mh0HZ-dhlrbCkUr9oZ44LUw==
Age: 35288
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2349
Expires: Thu, 06 Oct 2022 02:14:35 GMT
Date: Thu, 06 Oct 2022 01:35:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
54.230.111.14200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 54.230.111.14:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fe6KQ9hS4F1L-5gym2dyq9-qXYSOaocIlg06kTpFGT-YH6DEktyAPg==
age: 77574
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b79bee4df302d8525b477be9648affd8
a3e175336649d90986eb68036a77430eacb1b94b
41a2265694b0d17c7b7680e9adce14dfa9daff7ad85bb4482a02e19c2b8cf8d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41A2265694B0D17C7B7680E9ADCE14DFA9DAFF7AD85BB4482A02E19C2B8CF8D4"
Last-Modified: Thu, 06 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Thu, 06 Oct 2022 07:35:11 GMT
Date: Thu, 06 Oct 2022 01:35:27 GMT
Connection: keep-alive
stagefx.neovision.de/
138.201.56.111200 OK 11 kB IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3333), with CRLF, LF line terminators
Hash 6cc48246068ac750367e22e44ba23beb
6da2c92dcf49bb7325088bf502d2c2e777d2b75b
e3cec50c5def7d7de610cebab93bec2d238eb1b9dcf162c0b6deb464932fb81c
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/html; charset=UTF-8
content-length: 11053
link: <https://stagefx.neovision.de/wp-json/>; rel="https://api.w.org/", <https://stagefx.neovision.de/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.2.34, PleskLin
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 01:29:33 GMT
Expires: Thu, 06 Oct 2022 01:42:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VEx8bWui2ootfy4NW7obqWv7SJTpXHoBvI_3U4-wWPLEdSgUv88YoQ==
Age: 354
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stagefx.neovision.de/wp-content/uploads/2018/06/logo-white.png
138.201.56.111200 OK 4.0 kB URL HTTP/2 stagefx.neovision.de/wp-content/uploads/2018/06/logo-white.png
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash f040ef07916d8fc4a4e26d4b17ee2249
dd789f7f3d1e6152e6ef2c7e05235a632ec02fbf
620273664c30035f910a23f764f5aa85e35ad1ead56d16e050aac0d3231d98d9
GET /wp-content/uploads/2018/06/logo-white.png HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: image/png
content-length: 4006
last-modified: Tue, 19 Jun 2018 10:30:32 GMT
etag: "5b28db48-fa6"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/uploads/2018/06/logo-white-mobile.png
138.201.56.111200 OK 3.7 kB URL HTTP/2 stagefx.neovision.de/wp-content/uploads/2018/06/logo-white-mobile.png
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c5e417e61d2092a51ad16b56a565f52
efe20faaed59e2c6a89db81cde8e254766338394
a6abf649217f661b8c804d12542c2d391c16f64fae74fb37ce32a1e4bb9946a4
GET /wp-content/uploads/2018/06/logo-white-mobile.png HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: image/png
content-length: 3694
last-modified: Tue, 19 Jun 2018 10:30:33 GMT
etag: "5b28db49-e6e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-includes/js/wp-embed.min.js?ver=4.9.21
138.201.56.111200 OK 1.1 kB URL HTTP/2 stagefx.neovision.de/wp-includes/js/wp-embed.min.js?ver=4.9.21
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1391), with no line terminators
Hash 88187d6e2b934e9dd3026a0daf96741d
ccb9d6bfd49a8d98030550cc09c1183dd9ecd424
9f04edb968237106fb85662a2e69ded11c386a982cf100e032bd9ebedd8175df
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=4.9.21 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 03:50:07 GMT
etag: W/"6077b7ef-56f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-includes/js/wp-emoji-release.min.js?ver=4.9.21
138.201.56.111200 OK 4.5 kB URL HTTP/2 stagefx.neovision.de/wp-includes/js/wp-emoji-release.min.js?ver=4.9.21
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9063)
Hash 2a17ed8a65d2e4ca407fc6f021e469d2
c38820197400850c2e591c214d507afb233d588c
607d76b1e89ab9ddf7fb40350f1125001260d24df7d94fe841f0f0265b37d48f
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.21 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 03:50:07 GMT
etag: W/"6077b7ef-2ea7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.4
138.201.56.111200 OK 37 kB URL HTTP/2 stagefx.neovision.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.4
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash ed937e4014a868e937a264597d5af362
0b3b8402f91af8b6211cddbaddd4fca74862849d
7e97bcc595754440fea7c742cec3689ec6cbda1002fba2f7986f75d68fb0c241
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.4 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:36 GMT
etag: W/"5b28c238-1afe4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://stagefx.neovision.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 21680
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oGGs8eTql349rN2+V6qrPg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5usKhjt5CyCqVqAfWPTIq1CdKqg=
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/headings.min.css?ver=3.16.24
138.201.56.111200 OK 795 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/headings.min.css?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1255), with no line terminators
Hash 0ef93eb3bc176d1a6f40a2d97d017843
47c1fe68e0a46ec677ca5ef8b2f003015c030308
f5110f022a523c666f7cb2e0d00c65d011e2fca8a3d31d4934d860cef682d56b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/headings.min.css?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-4e7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.24
138.201.56.111200 OK 16 kB URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1430), with no line terminators
Hash ed6ebcef35803085ab238eb802bbed35
c391223619f31f6e36e45f6f09ab5d261b467127
c1144c7cd98d27df471af63825de7307201eed5ebe9451f3cb91246a7879af3d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-596"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://stagefx.neovision.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 21680
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/info-circle.min.js?ver=3.16.24
138.201.56.111200 OK 116 kB URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/info-circle.min.js?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9824), with no line terminators
Size 116 kB (115868 bytes)
Hash 1ebdc39aa927ccf11323b919a1bace05
5b3e6e668a688937247f21bcb5c9cf947c908d73
13fae13ee9f88b98df96e9b7e316a3454515bed09979a5fd518f7785b0a4ba0e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/info-circle.min.js?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-2660"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/advanced-buttons.min.css?ver=3.16.24
138.201.56.111200 OK 3.5 kB URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/advanced-buttons.min.css?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (33489), with no line terminators
Hash 101292d9de7c269c1dd04f33165d5e7a
f76a6690d1b1ac03661d6ac63d026c2b2078ad99
01bc250e37c192d8e673e15701e5823f28231cd94e3d26e3719eacbec85728b5
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/advanced-buttons.min.css?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-82d1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/themes/stagefx/js/atoms/plugins/jquery.mousewheel.min.js
138.201.56.111200 OK 101 kB URL HTTP/2 stagefx.neovision.de/wp-content/themes/stagefx/js/atoms/plugins/jquery.mousewheel.min.js
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2609)
Size 101 kB (101111 bytes)
Hash a78ff744f2d57e737c951d6a4056187d
5633a5083f58cca416c41b260437aad2ec067e75
66039871f65412ebf6c39672c64838ceb093f55f90df0d828441e95a94cfed55
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stagefx/js/atoms/plugins/jquery.mousewheel.min.js HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:28 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:44:22 GMT
etag: W/"5b28c266-ad9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.video.min.js?version=5.4.7
138.201.56.111200 OK 6.9 kB URL HTTP/2 stagefx.neovision.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.video.min.js?version=5.4.7
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (25670), with CRLF line terminators
Hash f90ba82e1e3d2462d22e9572753746b5
e21e52b5b1af21d4e1e299138c2c346f4c855460
b5b89be0f9de024dbde0e2594f7629a3b8be6470cdafe23c8608e32fe8ad9ce5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.video.min.js?version=5.4.7 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:28 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:36 GMT
etag: W/"5b28c238-6540"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.24
138.201.56.111200 OK 9.6 kB URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (1112), with no line terminators
Hash 2d7624bc66ef6ee56c5be1d430dbe36d
4c49e6e8b5eae74fe0627cb3eea22816256b4866
663968719d6266888262a17d7dfd31c858650a2f66bbe0ce3ae6263f45ec13ff
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-458"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 392610
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 00:48:31 GMT
expires: Sat, 30 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 521217
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8395
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 01:35:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8395
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 01:35:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8395
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 01:35:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8395
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 01:35:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8395
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 01:35:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff35d320d-221e-46f6-ac6e-9c5b6e8ac6bc.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff35d320d-221e-46f6-ac6e-9c5b6e8ac6bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23e10c01392e4958e4a4f19573290da9
59ab1c451c388f7b57da52bf518eff15e0c584ff
ece0b872f33166fcc2816595fdf1348664d985131bc943cd4a543524dede0274
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff35d320d-221e-46f6-ac6e-9c5b6e8ac6bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12752
x-amzn-requestid: 3c32a029-08d0-4f98-a0e0-48a7e05242b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6sHXXIAMF-PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-176be5177b67ddc068060b19;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: nMQQhuMBlGVUc4XeG1S-BJ2_6QQQkcfjctV4xTXW8VENcNE0sVQ1rA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 14303
etag: "59ab1c451c388f7b57da52bf518eff15e0c584ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 12993
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877f8cf1-1428-4315-8cf8-10c90a79df32.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877f8cf1-1428-4315-8cf8-10c90a79df32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0d55d3d36f59877d647b4f4e64c2ec9
e38abfb56e6b2e0802d4cc67af5b2c9d565fe53f
61a477698f080f6113b13a3773f9d7c47564ecbd1868efd1d024f52d7b2088ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877f8cf1-1428-4315-8cf8-10c90a79df32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8336
x-amzn-requestid: bd8e5a7e-1c0b-416c-864d-29ccfa294ab4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zgt2aGqXoAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cf68f-5062aaf6466bb55238e9c9a5;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 03:14:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5G1Xv1-YEygfd_4Sd3R5H9tbUJ40L0-ULzaKGaxUm9Xf-TQZmuqZjA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 09:37:13 GMT
age: 57496
etag: "e38abfb56e6b2e0802d4cc67af5b2c9d565fe53f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 77360
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a508ac9cd743bec987b2a24454418265
8c7ecefe6908387e2128dc849a6ba857991ba0ab
afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
content-type: image/jpeg
age: 13310
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 05:04:15 GMT
age: 73874
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f24f49dce99bf22d6f1834c2f702f1f4
5c683d0f6be8cd1a60d95a0cb892007f4363005a
3b3e804ba36f52b1aaad872cd62a8b1f67d59a41c62a68c96d13605103329ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 01:27:37 GMT
expires: Thu, 06 Oct 2022 01:42:37 GMT
cache-control: public, max-age=900
age: 472
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 06 Oct 2022 01:35:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 06 Oct 2022 01:35:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a426c543700ee4c941ebdcdafcf2a14e
fcd602c171f717edcdfdd09d36c2f79bb0c41109
1bd80ac28f36defe348482d99e90edefe1b7d798f69d0f49ea7ae63bf19cda79
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 06 Oct 2022 01:35:29 GMT
server: ESF
cache-control: private
content-length: 30964
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f24f49dce99bf22d6f1834c2f702f1f4
5c683d0f6be8cd1a60d95a0cb892007f4363005a
3b3e804ba36f52b1aaad872cd62a8b1f67d59a41c62a68c96d13605103329ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 130ee302a2d581b152c8beccdc64866e
41fba8278d61fd6638376868fbe50c752f858b44
5345486b353cd67707512700d28f5937d9ad53f23b590e82cb624f1e509c1943
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id?slf_rd=1
142.250.74.130200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 142.250.74.130:0
Hash 1877f6fe19ab677676aa7b08845d4ceb
954991c867ade09fbe705624caabc690c7065fea
f2620cb3673602b7f645386abd40f0ee7582c6d0b4aa01939a053a1ea96c3825
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Thu, 06 Oct 2022 01:35:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/qs_eGd-h9f3_frMeplByuCjrJjGTr5iyl3j-JE2Mo0s.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/qs_eGd-h9f3_frMeplByuCjrJjGTr5iyl3j-JE2Mo0s.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36351)
Hash fca4c84446cae474dbf63fcf44f061ca
399275019a515b324eb48ac6f2042f30dd15cd18
86a4021c55d56c050bc7e8de79f895d7555279bccbc8777f975f0945a5a2a4f2
GET /js/th/qs_eGd-h9f3_frMeplByuCjrJjGTr5iyl3j-JE2Mo0s.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14350
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 16:28:36 GMT
expires: Thu, 05 Oct 2023 16:28:36 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 27 Sep 2022 17:00:00 GMT
content-type: text/javascript
age: 32813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/HvwpOH6f-LU/maxresdefault.webp
142.250.74.22200 OK 50 kB URL HTTP/2 i.ytimg.com/vi_webp/HvwpOH6f-LU/maxresdefault.webp
IP 142.250.74.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d09ce8d9b1967b27584365c8a306c46
f0537ac51756b014062150dbd9f2eb74f65e7914
72e94acbdf5c5b4b83d511ce496e2adb74e0e1ca80a2effb5475ee40a065262a
GET /vi_webp/HvwpOH6f-LU/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49946
date: Thu, 06 Oct 2022 01:35:29 GMT
expires: Thu, 06 Oct 2022 03:35:29 GMT
cache-control: public, max-age=7200
etag: "1624435749"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu9zWwaI5egjBmiAuulNFDUAu0J_YwrtxbgsufBb_Q=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.3 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9zWwaI5egjBmiAuulNFDUAu0J_YwrtxbgsufBb_Q=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 267edede077d7528c6253bdefd3f968a
1e0bd48d78deb3ed87c27f10c81e508a9df4a815
c594825bc05146237cf540476e353e5d658128c30675821a2c7d521312bd9b62
GET /ytc/AMLnZu9zWwaI5egjBmiAuulNFDUAu0J_YwrtxbgsufBb_Q=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1307
x-xss-protection: 0
date: Thu, 06 Oct 2022 01:35:29 GMT
expires: Mon, 01 Aug 2022 07:14:13 GMT
cache-control: public, max-age=86400, no-transform
etag: "v117"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 130ee302a2d581b152c8beccdc64866e
41fba8278d61fd6638376868fbe50c752f858b44
5345486b353cd67707512700d28f5937d9ad53f23b590e82cb624f1e509c1943
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5aefa5825a9953cc0f3a2f2b7f98326c
b44b32cfff75db2d57787521b71de22f1b78112f
fb292e1206bc5e97d040fa36bbb007a80d31a2df08e67dff72f2bb750b2f9b59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5aefa5825a9953cc0f3a2f2b7f98326c
b44b32cfff75db2d57787521b71de22f1b78112f
fb292e1206bc5e97d040fa36bbb007a80d31a2df08e67dff72f2bb750b2f9b59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=250&source=youtube&requiressl=yes&mh=4T&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1027500&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=audio%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=32276&dur=70.521&lmt=1505643896746934&mt=1665019743&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUMqaE5-3zOtqmqIXxqFX_cGF84b0jk2xLJa7YNWIEdICIEnBSk6D8k378lPvVxp5Lg0LqEQEvAqn3H_tUWfpDhUp&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgf8mHeZK5Z3y2wFVtOnUTc4XkjoxzkrP6x5_u1zWLJEkCIQDmQksXS8Yo-FrvtbHBH5ytS3LKdvsZN2zp6mzdlrVfiA%3D%3D&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&range=0-32275&rn=2&rbuf=0
91.90.45.173200 OK 995 B URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=250&source=youtube&requiressl=yes&mh=4T&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1027500&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=audio%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=32276&dur=70.521&lmt=1505643896746934&mt=1665019743&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUMqaE5-3zOtqmqIXxqFX_cGF84b0jk2xLJa7YNWIEdICIEnBSk6D8k378lPvVxp5Lg0LqEQEvAqn3H_tUWfpDhUp&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgf8mHeZK5Z3y2wFVtOnUTc4XkjoxzkrP6x5_u1zWLJEkCIQDmQksXS8Yo-FrvtbHBH5ytS3LKdvsZN2zp6mzdlrVfiA%3D%3D&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&range=0-32275&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (995), with no line terminators
Hash a59a8130debcf28eedd29ca39eb727d8
8437e5449433e068cf4a33e098d9e83ba359b262
018325ef519da8aaac75b0bb81e29b58b60c24e87398ee480691515fc98503ef
GET /videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=250&source=youtube&requiressl=yes&mh=4T&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1027500&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=audio%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=32276&dur=70.521&lmt=1505643896746934&mt=1665019743&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUMqaE5-3zOtqmqIXxqFX_cGF84b0jk2xLJa7YNWIEdICIEnBSk6D8k378lPvVxp5Lg0LqEQEvAqn3H_tUWfpDhUp&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgf8mHeZK5Z3y2wFVtOnUTc4XkjoxzkrP6x5_u1zWLJEkCIQDmQksXS8Yo-FrvtbHBH5ytS3LKdvsZN2zp6mzdlrVfiA%3D%3D&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&range=0-32275&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 06 Oct 2022 01:35:30 GMT
Expires: Thu, 06 Oct 2022 01:35:30 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 995
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=4T&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1027500&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=video%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=4026151&dur=70.480&lmt=1505644177261631&mt=1665019743&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJFKGLQcRYWW-czz2fPTK1lrKDtP6gynDsitTV-DYMBuAiBwaDwsbXgDIVxG76pBORGwOkZoIH5Bsb93cY0VVlFs7A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgf8mHeZK5Z3y2wFVtOnUTc4XkjoxzkrP6x5_u1zWLJEkCIQDmQksXS8Yo-FrvtbHBH5ytS3LKdvsZN2zp6mzdlrVfiA%3D%3D&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&range=0-220282&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=4T&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1027500&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=video%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=4026151&dur=70.480&lmt=1505644177261631&mt=1665019743&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJFKGLQcRYWW-czz2fPTK1lrKDtP6gynDsitTV-DYMBuAiBwaDwsbXgDIVxG76pBORGwOkZoIH5Bsb93cY0VVlFs7A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgf8mHeZK5Z3y2wFVtOnUTc4XkjoxzkrP6x5_u1zWLJEkCIQDmQksXS8Yo-FrvtbHBH5ytS3LKdvsZN2zp6mzdlrVfiA%3D%3D&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&range=0-220282&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1085), with no line terminators
Hash 996a287138c8a58c7cc30f7c624d84ba
6ebd495e45faa67f31c7ff411c6c9f4d138c82ba
854dddd207ae623176d98693e3e7e24560e1b462f4a3eb4b09c5fcf3144a9b9f
GET /videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=4T&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1027500&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=video%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=4026151&dur=70.480&lmt=1505644177261631&mt=1665019743&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJFKGLQcRYWW-czz2fPTK1lrKDtP6gynDsitTV-DYMBuAiBwaDwsbXgDIVxG76pBORGwOkZoIH5Bsb93cY0VVlFs7A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgf8mHeZK5Z3y2wFVtOnUTc4XkjoxzkrP6x5_u1zWLJEkCIQDmQksXS8Yo-FrvtbHBH5ytS3LKdvsZN2zp6mzdlrVfiA%3D%3D&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&range=0-220282&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 06 Oct 2022 01:35:30 GMT
Expires: Thu, 06 Oct 2022 01:35:30 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1085
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5aefa5825a9953cc0f3a2f2b7f98326c
b44b32cfff75db2d57787521b71de22f1b78112f
fb292e1206bc5e97d040fa36bbb007a80d31a2df08e67dff72f2bb750b2f9b59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a7b0171100e64adfbc2c025e52d695f1
8eeeabf4b27c6f1dadc4bfb9dbcea9c453c45b38
ce4a99f292100b06ebd1ddc18806e8622de2c4ead0963b0cb89c8e0a1735cfe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 06 Oct 2022 01:35:30 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a7b0171100e64adfbc2c025e52d695f1
8eeeabf4b27c6f1dadc4bfb9dbcea9c453c45b38
ce4a99f292100b06ebd1ddc18806e8622de2c4ead0963b0cb89c8e0a1735cfe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=250&source=youtube&requiressl=yes&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=audio%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=32276&dur=70.521&lmt=1505643896746934&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUMqaE5-3zOtqmqIXxqFX_cGF84b0jk2xLJa7YNWIEdICIEnBSk6D8k378lPvVxp5Lg0LqEQEvAqn3H_tUWfpDhUp&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&mh=4T&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1665019745&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgTa3bpoDOoyIVfqjR84Uf6v2_6B9QZKOVutZy-0ruoiUCIEacDv4Xs_LsQCAmYCiG72z1kOVWL283v2VrJ5wuVy83&range=0-32275&rn=3&rbuf=0
74.125.111.40200 OK 32 kB URL HTTP/1.1 rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=250&source=youtube&requiressl=yes&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=audio%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=32276&dur=70.521&lmt=1505643896746934&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUMqaE5-3zOtqmqIXxqFX_cGF84b0jk2xLJa7YNWIEdICIEnBSk6D8k378lPvVxp5Lg0LqEQEvAqn3H_tUWfpDhUp&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&mh=4T&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1665019745&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgTa3bpoDOoyIVfqjR84Uf6v2_6B9QZKOVutZy-0ruoiUCIEacDv4Xs_LsQCAmYCiG72z1kOVWL283v2VrJ5wuVy83&range=0-32275&rn=3&rbuf=0
IP 74.125.111.40:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 30177fbb10113770677d118e0344516a
c53db19cd8b221a5fdc2ec4a6d6b1a79c3e0ac6a
7e9d6acfd448b7f20720d2d6a5e63f87948f5ccca4057229d8d4bbe6b032f727
GET /videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=250&source=youtube&requiressl=yes&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=audio%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=32276&dur=70.521&lmt=1505643896746934&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUMqaE5-3zOtqmqIXxqFX_cGF84b0jk2xLJa7YNWIEdICIEnBSk6D8k378lPvVxp5Lg0LqEQEvAqn3H_tUWfpDhUp&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&mh=4T&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1665019745&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgTa3bpoDOoyIVfqjR84Uf6v2_6B9QZKOVutZy-0ruoiUCIEacDv4Xs_LsQCAmYCiG72z1kOVWL283v2VrJ5wuVy83&range=0-32275&rn=3&rbuf=0 HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 17 Sep 2017 10:24:56 GMT
Content-Type: audio/webm
Date: Thu, 06 Oct 2022 01:35:30 GMT
Expires: Thu, 06 Oct 2022 01:35:30 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 32276
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c8629860a6f83a3750927213d0034079
f35945ec67a5d869950d283ebe8ef14d9f764427
088019b4d7d30d1fa68c7f2bebdf8ec5d3c57ea75ac89af4726512510c4e754a
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 999
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 06 Oct 2022 01:35:30 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 287573c1b5fbeec2f992f3dd18511641
81b1cbe815505543d67f8e9ae7fbdb129dbd5c37
a089e9115f2f8881515fff3a9472690882fbe3fc9fb622a5639905101a3a2a2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:35:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=video%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=4026151&dur=70.480&lmt=1505644177261631&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJFKGLQcRYWW-czz2fPTK1lrKDtP6gynDsitTV-DYMBuAiBwaDwsbXgDIVxG76pBORGwOkZoIH5Bsb93cY0VVlFs7A%3D%3D&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&mh=4T&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1665019745&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgFYAtYt4E7MwIGeh6YmwuY3avGqZD6a0KzWh4sy1dDMECIHDWjYY4znnJwb_-a__mPi_LElyj3GFRGqm4_O7nwoZR&range=0-220282&rn=4&rbuf=0
74.125.111.40200 OK 220 kB URL HTTP/1.1 rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=video%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=4026151&dur=70.480&lmt=1505644177261631&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJFKGLQcRYWW-czz2fPTK1lrKDtP6gynDsitTV-DYMBuAiBwaDwsbXgDIVxG76pBORGwOkZoIH5Bsb93cY0VVlFs7A%3D%3D&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&mh=4T&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1665019745&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgFYAtYt4E7MwIGeh6YmwuY3avGqZD6a0KzWh4sy1dDMECIHDWjYY4znnJwb_-a__mPi_LElyj3GFRGqm4_O7nwoZR&range=0-220282&rn=4&rbuf=0
IP 74.125.111.40:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 220 kB (220283 bytes)
Hash 28d5f1f4a8dbded100ed2fa58df72ad3
fd21d9f5063ec88e5a4f45b04b34f593e7ca2f17
150902fef4b70a3b63fe19aa8f664b8a6faa8b6b6b1a5618d4092b41455a1511
GET /videoplayback?expire=1665041730&ei=4TA-Y7KSOZuC0u8P0uKuyAI&ip=91.90.42.154&id=o-AG1diiWwcI4IXTaHopx03uvFhINKjKCtLFTIEL-mtSSE&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp1mp1eIA7CSb3jA5Cz3KjOfZCrM&vprv=1&mime=video%2Fwebm&ns=3MetjsXJPLZEvVJxYcwxMHAI&gir=yes&clen=4026151&dur=70.480&lmt=1505644177261631&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=mdFMMrktcKVUYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJFKGLQcRYWW-czz2fPTK1lrKDtP6gynDsitTV-DYMBuAiBwaDwsbXgDIVxG76pBORGwOkZoIH5Bsb93cY0VVlFs7A%3D%3D&alr=yes&cpn=wQJ9Qb7SXuXXx20W&cver=1.20221004.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&mh=4T&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1665019745&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgFYAtYt4E7MwIGeh6YmwuY3avGqZD6a0KzWh4sy1dDMECIHDWjYY4znnJwb_-a__mPi_LElyj3GFRGqm4_O7nwoZR&range=0-220282&rn=4&rbuf=0 HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 17 Sep 2017 10:29:37 GMT
Content-Type: video/webm
Date: Thu, 06 Oct 2022 01:35:30 GMT
Expires: Thu, 06 Oct 2022 01:35:30 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 220283
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221004&foc_id=26pNzmME_AOAJBf16vn7aw&label=followon_view&ptype=no_rmkt&random=347808783&cv_attributed=0
142.250.74.130204 No Content 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221004&foc_id=26pNzmME_AOAJBf16vn7aw&label=followon_view&ptype=no_rmkt&random=347808783&cv_attributed=0
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20221004&foc_id=26pNzmME_AOAJBf16vn7aw&label=followon_view&ptype=no_rmkt&random=347808783&cv_attributed=0 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-goog-visitor-id,x-youtube-ad-signals,x-youtube-client-name,x-youtube-client-version,x-youtube-time-zone,x-youtube-utc-offset
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: x-goog-visitor-id,x-youtube-ad-signals,x-youtube-client-name,x-youtube-client-version,x-youtube-time-zone,x-youtube-utc-offset
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 01:35:31 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/themes/stagefx/fonts/FontAwesome/back-compat.min.css?ver=6.6.1
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/themes/stagefx/fonts/FontAwesome/back-compat.min.css?ver=6.6.1
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stagefx/fonts/FontAwesome/back-compat.min.css?ver=6.6.1 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:44:22 GMT
etag: W/"5b28c266-70c9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/uploads/smile_fonts/icomoon-feather-24x24/icomoon-feather-24x24.css?ver=4.9.21
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/uploads/smile_fonts/icomoon-feather-24x24/icomoon-feather-24x24.css?ver=4.9.21
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/smile_fonts/icomoon-feather-24x24/icomoon-feather-24x24.css?ver=4.9.21 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Thu, 19 Apr 2018 11:43:58 GMT
etag: W/"5ad880fe-1fb3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-includes/js/jquery/jquery.js?ver=1.12.4
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Thu, 05 Sep 2019 03:49:22 GMT
etag: W/"5d7085c2-17a6a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/formcraft3/dist/form.css?ver=3.5.3
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/formcraft3/dist/form.css?ver=3.5.3
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/formcraft3/dist/form.css?ver=3.5.3 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Thu, 19 Apr 2018 11:13:36 GMT
etag: W/"5ad879e0-ef07"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/fancytext.min.css?ver=3.16.24
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/fancytext.min.css?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/fancytext.min.css?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-707"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/themes/stagefx/js/main.min.js?ver=6.6.1
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/themes/stagefx/js/main.min.js?ver=6.6.1
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stagefx/js/main.min.js?ver=6.6.1 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:44:22 GMT
etag: W/"5b28c266-50628"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.4.7
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.4.7
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.4.7 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Thu, 19 Apr 2018 11:42:50 GMT
etag: W/"5ad880ba-4d45"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/themes/stagefx/fonts/FontAwesome/css/fontawesome-all.min.css?ver=6.6.1
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/themes/stagefx/fonts/FontAwesome/css/fontawesome-all.min.css?ver=6.6.1
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/themes/stagefx/fonts/FontAwesome/css/fontawesome-all.min.css?ver=6.6.1 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:44:22 GMT
etag: W/"5b28c266-8ef7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/themes/stagefx/style.css?ver=6.6.1
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/themes/stagefx/style.css?ver=6.6.1
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/themes/stagefx/style.css?ver=6.6.1 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:44:22 GMT
etag: W/"5b28c266-53e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/themes/stagefx/js/above-the-fold.min.js?ver=6.6.1
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/themes/stagefx/js/above-the-fold.min.js?ver=6.6.1
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/themes/stagefx/js/above-the-fold.min.js?ver=6.6.1 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:44:22 GMT
etag: W/"5b28c266-2463"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.16.24
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-2460"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=4.9.21
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=4.9.21
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=4.9.21 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-b20e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/vhparallax.min.js?ver=4.9.21
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/vhparallax.min.js?ver=4.9.21
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/vhparallax.min.js?ver=4.9.21 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-d6b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/formcraft3/dist/formcraft-common.css?ver=3.5.3
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/formcraft3/dist/formcraft-common.css?ver=3.5.3
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/formcraft3/dist/formcraft-common.css?ver=3.5.3 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Thu, 19 Apr 2018 11:13:36 GMT
etag: W/"5ad879e0-6ea2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/themes/stagefx/css/post-type.css?ver=6.6.1
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/themes/stagefx/css/post-type.css?ver=6.6.1
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stagefx/css/post-type.css?ver=6.6.1 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:44:22 GMT
etag: W/"5b28c266-1386f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=4.9.21
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=4.9.21
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=4.9.21 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Thu, 19 Apr 2018 11:43:51 GMT
etag: W/"5ad880f7-6bf7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/uploads/smile_fonts/icomoon-free-social-contact-16x16/icomoon-free-social-contact-16x16.css?ver=4.9.21
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/uploads/smile_fonts/icomoon-free-social-contact-16x16/icomoon-free-social-contact-16x16.css?ver=4.9.21
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/smile_fonts/icomoon-free-social-contact-16x16/icomoon-free-social-contact-16x16.css?ver=4.9.21 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Thu, 19 Apr 2018 11:43:58 GMT
etag: W/"5ad880fe-214b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Thu, 19 Apr 2018 11:01:39 GMT
etag: W/"5ad87713-2748"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.16.24
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-3432"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C600%2C700&ver=4.9.21
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C600%2C700&ver=4.9.21
IP 142.250.74.10:0
GET /css?family=Roboto%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C600%2C700&ver=4.9.21 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 01:35:27 GMT
date: Thu, 06 Oct 2022 01:35:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/custom.min.js?ver=3.16.24
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/custom.min.js?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/custom.min.js?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-5323"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.7
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.7
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.7 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:28 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:36 GMT
etag: W/"5b28c238-72db"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/headings.min.js?ver=3.16.24
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/headings.min.js?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/headings.min.js?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-aa8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-ui.min.js?ver=3.16.24
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-ui.min.js?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-ui.min.js?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-163a0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.4
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.4
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.4 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:43:36 GMT
etag: W/"5b28c238-9bd7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/themes/stagefx/fonts/fontello/css/fontello.min.css?ver=6.6.1
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/themes/stagefx/fonts/fontello/css/fontello.min.css?ver=6.6.1
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stagefx/fonts/fontello/css/fontello.min.css?ver=6.6.1 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:44:22 GMT
etag: W/"5b28c266-5c40"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/uploads/the7-css/media.css?ver=6353b6f19665
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/uploads/the7-css/media.css?ver=6353b6f19665
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/the7-css/media.css?ver=6353b6f19665 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 10:36:48 GMT
etag: W/"5b28dcc0-1315b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/uploads/the7-css/post-type-dynamic.css?ver=6353b6f19665
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/uploads/the7-css/post-type-dynamic.css?ver=6353b6f19665
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/the7-css/post-type-dynamic.css?ver=6353b6f19665 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 10:36:48 GMT
etag: W/"5b28dcc0-1d25"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed|
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed|
IP 142.250.74.10:0
GET /css?family=Roboto+Condensed| HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 01:35:27 GMT
date: Thu, 06 Oct 2022 01:35:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.16.24
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-11237"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/info-circle.min.css?ver=3.16.24
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/info-circle.min.css?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/info-circle.min.css?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-1f9d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/themes/stagefx/js/post-type.js?ver=6.6.1
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/themes/stagefx/js/post-type.js?ver=6.6.1
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/themes/stagefx/js/post-type.js?ver=6.6.1 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:44:22 GMT
etag: W/"5b28c266-d1da"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/uploads/js_composer/js_composer_front_custom.css?ver=5.4.7
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/uploads/js_composer/js_composer_front_custom.css?ver=5.4.7
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/uploads/js_composer/js_composer_front_custom.css?ver=5.4.7 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Thu, 19 Apr 2018 11:49:24 GMT
etag: W/"5ad88244-87862"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/uploads/the7-css/custom.css?ver=6353b6f19665
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/uploads/the7-css/custom.css?ver=6353b6f19665
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/uploads/the7-css/custom.css?ver=6353b6f19665 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 10:36:48 GMT
etag: W/"5b28dcc0-53172"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.4
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.4
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.4 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:36 GMT
etag: W/"5b28c238-fdcb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/typed.min.js?ver=3.16.24
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/typed.min.js?ver=3.16.24
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/typed.min.js?ver=3.16.24 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: application/javascript
last-modified: Tue, 19 Jun 2018 08:43:38 GMT
etag: W/"5b28c23a-f54"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
stagefx.neovision.de/wp-content/themes/stagefx/css/main.min.css?ver=6.6.1
138.201.56.111200 OK 0 B URL HTTP/2 stagefx.neovision.de/wp-content/themes/stagefx/css/main.min.css?ver=6.6.1
IP 138.201.56.111:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/stagefx/css/main.min.css?ver=6.6.1 HTTP/1.1
Host: stagefx.neovision.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stagefx.neovision.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:35:27 GMT
content-type: text/css
last-modified: Tue, 19 Jun 2018 08:44:22 GMT
etag: W/"5b28c266-7198c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2