von0auf101.com/en/1
81.19.159.55302 Found 214 B IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d46170db011e3ca665df35f41caabe0f
2d6d4a8f6a98023fef35f0b078cc6213cd79bbd8
1533dceb6cf50e3b2654b3a8777643de630047db6b8d92f9073959782e176dc2
Analyzer Verdict Alert fortinet Phishing
GET /en/1 HTTP/1.1
Host: von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 27 Oct 2022 02:44:44 GMT
Server: Apache
Location: http://www.von0auf101.com/en/1
Content-Length: 214
Keep-Alive: timeout=300, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6036
Expires: Thu, 27 Oct 2022 04:25:20 GMT
Date: Thu, 27 Oct 2022 02:44:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5563
Cache-Control: max-age=116341
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:44 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:03:45 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5563
Cache-Control: max-age=116341
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:44 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:03:45 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7512
Expires: Thu, 27 Oct 2022 04:49:56 GMT
Date: Thu, 27 Oct 2022 02:44:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZYiVH1j4NvFmQFz9AlzMsVUQSh4fki9JPNBUrQ4z9el8m1AVWqc+HfbNc+ubWHe3dsTFbnEK73A=
x-amz-request-id: 1AX32ZA4K59BXPQ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 02:39:26 GMT
age: 318
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 02:44:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5828
Cache-Control: max-age=111550
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:45 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:43:55 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.240.140.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.140.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AhnG7eQlyXMe/gnF9l/p8g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dQI1O5nUZOCbeMYgSKMfB3KUTZc=
www.von0auf101.com/en/1
81.19.159.55301 Moved Permanently 0 B IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /en/1 HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 27 Oct 2022 02:44:44 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Keep-Alive: timeout=300, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 407a534d0c46fe28c5c7c8fb491c1715
f80b5d4d065aa905944ca47e9a280a69d5f44951
f531e2a7d609c63b063f89506976e0c23b729c6008260526e04e44cb52bb34aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F531E2A7D609C63B063F89506976E0C23B729C6008260526E04E44CB52BB34AA"
Last-Modified: Wed, 26 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21538
Expires: Thu, 27 Oct 2022 08:43:44 GMT
Date: Thu, 27 Oct 2022 02:44:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7257
Expires: Thu, 27 Oct 2022 04:45:44 GMT
Date: Thu, 27 Oct 2022 02:44:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7257
Expires: Thu, 27 Oct 2022 04:45:44 GMT
Date: Thu, 27 Oct 2022 02:44:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7257
Expires: Thu, 27 Oct 2022 04:45:44 GMT
Date: Thu, 27 Oct 2022 02:44:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7257
Expires: Thu, 27 Oct 2022 04:45:44 GMT
Date: Thu, 27 Oct 2022 02:44:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d71555b55dd7d34a53b9e8252902da1
551ceee96287d4d5fa8c8f286baebd382c8aff67
ff2040a25f467fc41873bdb2c7ed9f28ab508e8096b54152607bd0b40580567f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4670
x-amzn-requestid: bd7ccf26-ed98-4252-82df-a8f17108fc2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocvtEoYoAMFrCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fd-51c97f553b02f4750e78023a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:53 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AANmFqkisteLJO0nLhaNgo6NTfYSkLPEGf5zewefdRtPZbEziAPz3Q==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 22:08:06 GMT
etag: "551ceee96287d4d5fa8c8f286baebd382c8aff67"
content-type: image/jpeg
age: 16601
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05e2d92ca05c08e9598d4128d55b1cba
109364ef1db445ba6c5e8c1178ab56fcce80d346
078e257c6bb8d7d46022c4786b54584c8868eb138e293b37ef164221b519f7bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6619
x-amzn-requestid: 245cd792-64fd-4490-b8f8-5b354fd9b0b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ak4zTELFoAMFyzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63583b48-33a9dfe97f63f43050b4ecdd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 19:38:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bCL523JRD-JUSoK1Hdsk2hLdEp1NXxckJshwO96kQesEZAxdT7YKfg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 10:21:57 GMT
age: 58970
etag: "109364ef1db445ba6c5e8c1178ab56fcce80d346"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd4d7051e9d8525d8ed7d5249b24068d
cbad9147991b1a1b27088f90fe7078d1056a9633
4701cc21f58c8ac8b8ad78a34973b3ade538255868afbf59be40e7f1365bcc20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7542
x-amzn-requestid: 95e8df21-80b6-400a-bcd5-41efdab9cc57
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwLH0lIAMFT2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a800-3300914f11c46b9902b30fe4;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:56 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Yfx_KpfPPFKISGbuSM0g1eg1VVnevA0t39NFemmMxeTSiiimsMlDkA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:57:10 GMT
age: 17257
etag: "cbad9147991b1a1b27088f90fe7078d1056a9633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8240214ef7bc82b09de023cde217beb9
0f432e521fc4392f528042c711139dc0becc5598
2d5f1a426441536086c8278651808dc6e3e819ec18b48048520a4dedbc8a08ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6806
x-amzn-requestid: bdf4f489-b474-4143-881f-521ad5dee74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwUGb9oAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a801-2a1e822f6b1dd3304c8f0527;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oxLrpXYZuUBO5qEKrFYAkh3lx2ZE7Jph8tcq0b4dWIHxUODXP3FDDQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:52:49 GMT
etag: "0f432e521fc4392f528042c711139dc0becc5598"
content-type: image/jpeg
age: 17518
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:52 GMT
age: 17635
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3185609c8bfba0bf8d54812276331c42
4a14cc85d23798bd3476516b49a3c3ff7bcd0d98
e57871dad12531fccf75d0bc4930c18c3c95c706b2bfd89e620b1e097b40a08e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6493
x-amzn-requestid: f5ca8ddd-d103-43e2-b3b7-ece16e1312a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ainrUE-pIAMF9rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63575315-5f7287ea785008c44b0ff490;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 03:08:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dX0n6VtMbBkS-oDk44faC1KFmBlh51Vh27fb8CsWuiAbazazrDrbKw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 03:41:38 GMT
age: 82989
etag: "4a14cc85d23798bd3476516b49a3c3ff7bcd0d98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.von0auf101.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.12
81.19.159.55200 OK 54 kB URL HTTP/2 www.von0auf101.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.12
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type ASCII text, with very long lines (28088)
Hash 7d2051e6c59f3598b17877bf41637ec4
e3fbc1265f4cd1eacf83c045e4f21d5f9b92bf8d
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.12 HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Thu, 30 Apr 2020 00:04:40 GMT
etag: "d159-5a476cf9fb600"
accept-ranges: bytes
content-length: 53593
content-type: text/css
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=3.2.1
81.19.159.55200 OK 19 kB URL HTTP/2 www.von0auf101.com/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=3.2.1
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
Hash c2f4377d09eb261c6e8090a56df140b7
4a916b0dd1e5a209af36610f88ddf8a7c9adadb4
9124a6fd00e218d97037cdcbc7ea4c40c73d95bd19da2a6a477789f1daa0bf7f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oxygen/component-framework/oxygen.css?ver=3.2.1 HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Tue, 28 Apr 2020 12:11:29 GMT
etag: "498b-5a458bb3d7e40"
accept-ranges: bytes
content-length: 18827
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.von0auf101.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
81.19.159.55200 OK 97 kB URL HTTP/2 www.von0auf101.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type ASCII text, with very long lines (31997)
Hash 49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Tue, 28 Apr 2020 12:11:29 GMT
etag: "17a69-5a458bb3d7e40"
accept-ranges: bytes
content-length: 96873
content-type: application/javascript
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/uploads/oxygen/css/blog-14190.css?cache=1594375456&ver=5.4.12
81.19.159.55200 OK 4.1 kB URL HTTP/2 www.von0auf101.com/wp-content/uploads/oxygen/css/blog-14190.css?cache=1594375456&ver=5.4.12
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type ASCII text, with very long lines (4086), with no line terminators
Hash 636d6be86fdd4b5beb0a1122dc746166
f74d558db88189cb399c386cb9d27e11e87e3370
b01709798109766249e71bf15bdb2ffe8e699a6cecdff538299cfd622a24d574
GET /wp-content/uploads/oxygen/css/blog-14190.css?cache=1594375456&ver=5.4.12 HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Fri, 10 Jul 2020 10:04:16 GMT
etag: "ff6-5aa1376b18800"
accept-ranges: bytes
content-length: 4086
content-type: text/css
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/uploads/oxygen/css/sidebar-85.css?cache=1637416184&ver=5.4.12
81.19.159.55200 OK 7.1 kB URL HTTP/2 www.von0auf101.com/wp-content/uploads/oxygen/css/sidebar-85.css?cache=1637416184&ver=5.4.12
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type ASCII text, with very long lines (7062), with no line terminators
Hash 4a0c44ff2d06489d28bb7846f79bf81c
c20b0ef845ccdc8d7bbde187b25a9f3c138e9687
db4581841ad9932bba22e2a3518991b15fa2574d68d6c812f4c67dc510f743fa
GET /wp-content/uploads/oxygen/css/sidebar-85.css?cache=1637416184&ver=5.4.12 HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Sat, 20 Nov 2021 13:49:44 GMT
etag: "1b96-5d138aa0498bf"
accept-ranges: bytes
content-length: 7062
content-type: text/css
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/uploads/oxygen/css/universal.css?cache=1637416184&ver=5.4.12
81.19.159.55200 OK 18 kB URL HTTP/2 www.von0auf101.com/wp-content/uploads/oxygen/css/universal.css?cache=1637416184&ver=5.4.12
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type ASCII text, with very long lines (665), with CRLF, LF line terminators
Hash 07686e1e9e9be7f0f74a2b3811849e44
b7baba4383418c7fa02b01803e160fa3f8bd98d7
1ccba8ebe043c10913ba1888db7a2609265dbb7d2084daf83303b47c10258bdf
GET /wp-content/uploads/oxygen/css/universal.css?cache=1637416184&ver=5.4.12 HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Sat, 20 Nov 2021 13:49:44 GMT
etag: "460d-5d138aa041bbe"
accept-ranges: bytes
content-length: 17933
content-type: text/css
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/uploads/oxygen/css/main-13.css?cache=1637415382&ver=5.4.12
81.19.159.55200 OK 19 kB URL HTTP/2 www.von0auf101.com/wp-content/uploads/oxygen/css/main-13.css?cache=1637415382&ver=5.4.12
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type ASCII text, with very long lines (18566), with no line terminators
Hash 2733c85001adfdfb6fc556960d57648e
f97d94878f4727c425970bc033573aedd71912e1
ab744d78edf41e54e7ce5f3ba805ea422c9a579dcde19241493d484aeb450db6
GET /wp-content/uploads/oxygen/css/main-13.css?cache=1637415382&ver=5.4.12 HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Sat, 20 Nov 2021 13:36:22 GMT
etag: "4886-5d1387a40acfc"
accept-ranges: bytes
content-length: 18566
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.von0auf101.com/blog/10-abschluss-der-reha/
81.19.159.55200 OK 93 kB URL HTTP/2 www.von0auf101.com/blog/10-abschluss-der-reha/
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6681), with CRLF, LF line terminators
Hash a9cefdf4b13d7d23a91c93977ae0f2a2
408de1e8bcb1ada67b3103de58be8a1ba049ae43
273b94045702f4cadc102962eafe923bfb06fc957b01889aa25feacc8b745a0c
Analyzer Verdict Alert fortinet Phishing
GET /blog/10-abschluss-der-reha/ HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:46 GMT
server: Apache
link: <https://www.von0auf101.com/wp-json/>; rel="https://api.w.org/", <https://www.von0auf101.com/?p=7751>; rel=shortlink
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.js?ver=1
81.19.159.55200 OK 14 kB URL HTTP/2 www.von0auf101.com/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.js?ver=1
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type ASCII text, with very long lines (14243), with no line terminators
Hash a01f9089e8301e9eacfb9d029dc0ca5c
165152546121aaaf96c19418908cffe3630a2336
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/oxygen/component-framework/vendor/aos/aos.js?ver=1 HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Tue, 28 Apr 2020 12:11:29 GMT
etag: "37a3-5a458bb3d7e40"
accept-ranges: bytes
content-length: 14243
content-type: application/javascript
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.css?ver=5.4.12
81.19.159.55200 OK 26 kB URL HTTP/2 www.von0auf101.com/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.css?ver=5.4.12
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type ASCII text, with very long lines (26053), with no line terminators
Hash 847da8fca8060ca1a70f976aab1210b9
0557d37454b67f42f2cb101e57e5070fb1193570
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
GET /wp-content/plugins/oxygen/component-framework/vendor/aos/aos.css?ver=5.4.12 HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Tue, 28 Apr 2020 12:11:29 GMT
etag: "65c5-5a458bb3d7e40"
accept-ranges: bytes
content-length: 26053
content-type: text/css
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/uploads/2020/04/logoFinal3.png
81.19.159.55200 OK 216 kB URL HTTP/2 www.von0auf101.com/wp-content/uploads/2020/04/logoFinal3.png
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type PNG image data, 3219 x 1013, 8-bit/color RGBA, non-interlaced\012- data
Size 216 kB (215882 bytes)
Hash e1940f5c1be426f208a032500cb2de88
09f41f15f8fb2e29b3d65a9fd9454e5dbae0ab40
6d1c1d7a2a9fe25923a54b74ee04e6abb888fd48ef69e2cddc3bde575bd7d394
GET /wp-content/uploads/2020/04/logoFinal3.png HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Tue, 28 Apr 2020 13:41:01 GMT
etag: "34b4a-5a459fb6fb540"
accept-ranges: bytes
content-length: 215882
content-type: image/png
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/uploads/2022/10/IMG_20221022_150046-scaled.jpg
81.19.159.55200 OK 408 kB URL HTTP/2 www.von0auf101.com/wp-content/uploads/2022/10/IMG_20221022_150046-scaled.jpg
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 2560x2074, components 3\012- data
Size 408 kB (407710 bytes)
Hash 2a65a6649826700a5117456b71bd0109
9ba4b7cf8d4c10f231e97a91c0664a72665697d2
c487a406b0947a59b14eb6ca50f00554922e0656b5793dea32f44c9670b6175f
GET /wp-content/uploads/2022/10/IMG_20221022_150046-scaled.jpg HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Sun, 23 Oct 2022 05:59:23 GMT
etag: "6389e-5ebad6072ffbb"
accept-ranges: bytes
content-length: 407710
content-type: image/jpeg
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/uploads/2017/06/DSC_8214-1.jpg
81.19.159.55200 OK 493 kB URL HTTP/2 www.von0auf101.com/wp-content/uploads/2017/06/DSC_8214-1.jpg
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, manufacturer=Sony, model=LT25i, orientation=upper-left, xresolution=146, yresolution=154, resolutionunit=2, software=GIMP 2.8.22, datetime=2019:11:19 12:22:05], progressive, precision 8, 2000x1124, components 3\012- data
Size 493 kB (492908 bytes)
Hash 8c687b29c4496674ea83285fa8a5b4fb
33e9f2ed0b0865518d0ff2ce120fac2c10e5a66a
f8d65850ea98097f26727e346012ec9f98c6bb714c895cdb969a7e879fcf3e26
GET /wp-content/uploads/2017/06/DSC_8214-1.jpg HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Sun, 03 May 2020 16:46:15 GMT
etag: "7856c-5a4c12716c3c0"
accept-ranges: bytes
content-length: 492908
content-type: image/jpeg
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/uploads/2017/06/DSC_6926-169x300.jpg
81.19.159.55200 OK 7.9 kB URL HTTP/1.1 www.von0auf101.com/wp-content/uploads/2017/06/DSC_6926-169x300.jpg
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 169x300, components 3\012- data
Hash 6b1421ceec0469196ac879dfd0e69684
67df7a1169198356d170b39eff08497bb1a64cfd
a98919b676bf9e6a8ef070e9fda62d05b67c615adcb6d9169e369ec1fff2de1b
GET /wp-content/uploads/2017/06/DSC_6926-169x300.jpg HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:44:49 GMT
Server: Apache
Last-Modified: Tue, 28 Apr 2020 13:21:07 GMT
ETag: "1ee2-5a459b444b6c0"
Accept-Ranges: bytes
Content-Length: 7906
Keep-Alive: timeout=300, max=500
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.von0auf101.com/wp-content/uploads/2017/06/colours-2163526_640-min-300x225.jpg
81.19.159.55200 OK 23 kB URL HTTP/1.1 www.von0auf101.com/wp-content/uploads/2017/06/colours-2163526_640-min-300x225.jpg
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x225, components 3\012- data
Hash 680832cabb1bcc8075135a605183e2c8
feeeb04854eff22b1d4e79b5c17fbcc850337b10
4c1dc01da3aa6651111927af35a0a035fb85f3f2627c34a09e952468991fb105
GET /wp-content/uploads/2017/06/colours-2163526_640-min-300x225.jpg HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:44:49 GMT
Server: Apache
Last-Modified: Tue, 28 Apr 2020 13:21:02 GMT
ETag: "5846-5a459b3f86b80"
Accept-Ranges: bytes
Content-Length: 22598
Keep-Alive: timeout=300, max=500
Connection: Keep-Alive
Content-Type: image/jpeg
www.von0auf101.com/wp-content/uploads/2017/06/physical-therapy-1698817_1920-min-min-199x300.jpg
81.19.159.55200 OK 16 kB URL HTTP/1.1 www.von0auf101.com/wp-content/uploads/2017/06/physical-therapy-1698817_1920-min-min-199x300.jpg
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 199x300, components 3\012- data
Hash dab65d6fab789857751ff3a5700c0fc0
c3a4165da856aa60d46fc6481f5340639da2eadb
22c90cb4b91cd9f7563431387956d2ca24bcd4064b92dedf5f17e835fa5a5ac2
GET /wp-content/uploads/2017/06/physical-therapy-1698817_1920-min-min-199x300.jpg HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:44:49 GMT
Server: Apache
Last-Modified: Tue, 28 Apr 2020 13:21:34 GMT
ETag: "3c94-5a459b5e0b380"
Accept-Ranges: bytes
Content-Length: 15508
Keep-Alive: timeout=300, max=500
Connection: Keep-Alive
Content-Type: image/jpeg
www.von0auf101.com/wp-content/uploads/2017/06/DSC_8061-169x300.jpg
81.19.159.55200 OK 18 kB URL HTTP/1.1 www.von0auf101.com/wp-content/uploads/2017/06/DSC_8061-169x300.jpg
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 169x300, components 3\012- data
Hash 3a68108d4d633536c2801c05e2fbdae5
7aa1788eac23088beba3f5cf8ac5feedf2e4661e
10e5baa75c69240bd442a20ebc768392128fe3ae9432e470b89a17020b2d9616
GET /wp-content/uploads/2017/06/DSC_8061-169x300.jpg HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:44:49 GMT
Server: Apache
Last-Modified: Tue, 28 Apr 2020 13:21:10 GMT
ETag: "4462-5a459b4727d80"
Accept-Ranges: bytes
Content-Length: 17506
Keep-Alive: timeout=300, max=500
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.von0auf101.com/wp-content/uploads/2017/06/directory-1273088_1920-min-1-1024x275.jpg
81.19.159.55200 OK 57 kB URL HTTP/1.1 www.von0auf101.com/wp-content/uploads/2017/06/directory-1273088_1920-min-1-1024x275.jpg
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1024x275, components 3\012- data
Hash 87d806abf5feef078822ed1d2c83d1ab
7519d32ec05be199631f87e24215850f8aa7b6c6
4482351b44ddc26e4ba62642c5e2a1a1bd1dcb93d057efc158780e71e10d59e2
GET /wp-content/uploads/2017/06/directory-1273088_1920-min-1-1024x275.jpg HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:44:49 GMT
Server: Apache
Last-Modified: Tue, 28 Apr 2020 13:21:04 GMT
ETag: "df44-5a459b416f000"
Accept-Ranges: bytes
Content-Length: 57156
Keep-Alive: timeout=300, max=500
Connection: Keep-Alive
Content-Type: image/jpeg
www.von0auf101.com/wp-content/uploads/2017/06/success-413093_640-min-225x300.jpg
81.19.159.55200 OK 34 kB URL HTTP/1.1 www.von0auf101.com/wp-content/uploads/2017/06/success-413093_640-min-225x300.jpg
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 225x300, components 3\012- data
Hash a60f98d06c9e1184c1207b3c01343318
927ac1b0f38b1812a18e7bb2cdb3b0f506aab9b3
fda7e95d11eb44d677bc781be2f9771c1a52636f5a4e8d59748de3a4243348ae
GET /wp-content/uploads/2017/06/success-413093_640-min-225x300.jpg HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:44:49 GMT
Server: Apache
Last-Modified: Tue, 28 Apr 2020 13:21:41 GMT
ETag: "86d3-5a459b64b8340"
Accept-Ranges: bytes
Content-Length: 34515
Keep-Alive: timeout=300, max=499
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.von0auf101.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 05:42:51 GMT
expires: Fri, 20 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 594118
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/uploads/2017/06/Hand-min-300x200.jpg
81.19.159.55200 OK 15 kB URL HTTP/1.1 www.von0auf101.com/wp-content/uploads/2017/06/Hand-min-300x200.jpg
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x200, components 3\012- data
Hash 08b544eacd91ea174985a5ea74c4ecde
430a487545531486310146e6c873fc5090a2423c
580ba8d3770f387f0d373b1d5af4161f478fb031a173d2e8cfa8cc132f086ca2
GET /wp-content/uploads/2017/06/Hand-min-300x200.jpg HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:44:49 GMT
Server: Apache
Last-Modified: Tue, 28 Apr 2020 13:21:25 GMT
ETag: "3a32-5a459b5575f40"
Accept-Ranges: bytes
Content-Length: 14898
Keep-Alive: timeout=300, max=499
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/cardo/v19/wlpygwjKBV1pqhND-ZQW-WM.woff2
216.58.207.195200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/cardo/v19/wlpygwjKBV1pqhND-ZQW-WM.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 18852, version 1.0\012- data
Hash d9e893c50be9ed3984ff4db3855a55d2
266ef42ca77fc0863bfd1ee1f0a5e553a57383ca
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
GET /s/cardo/v19/wlpygwjKBV1pqhND-ZQW-WM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.von0auf101.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 20:46:00 GMT
expires: Fri, 20 Oct 2023 20:46:00 GMT
cache-control: public, max-age=31536000
age: 539929
last-modified: Thu, 21 Apr 2022 17:09:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/vibur/v23/DPEiYwmEzw0QRgTuJDs.woff2
216.58.207.195200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/vibur/v23/DPEiYwmEzw0QRgTuJDs.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 41796, version 1.0\012- data
Hash b3c2b8244f28d28c22d42d74164af152
72731f9ca4a62a05055dad52c5538ce11af8290c
1814368c02677e1ec19884730dfd855afa1d960c120eabbdcaa59f93b7a009db
GET /s/vibur/v23/DPEiYwmEzw0QRgTuJDs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.von0auf101.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 41796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 07:03:58 GMT
expires: Fri, 20 Oct 2023 07:03:58 GMT
cache-control: public, max-age=31536000
age: 589251
last-modified: Wed, 27 Apr 2022 16:15:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
216.58.207.195200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 32900, version 1.0\012- data
Hash fda3323314d895ae39de612559f6fad9
644dbb14f599920fdc8f8260b6e67bd1f8770e89
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.von0auf101.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 19:45:18 GMT
expires: Thu, 26 Oct 2023 19:45:18 GMT
cache-control: public, max-age=31536000
age: 25171
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.von0auf101.com/wp-content/uploads/2017/06/DSC_8158-min-1024x575.jpg
81.19.159.55200 OK 232 kB URL HTTP/1.1 www.von0auf101.com/wp-content/uploads/2017/06/DSC_8158-min-1024x575.jpg
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1024x575, components 3\012- data
Size 232 kB (232219 bytes)
Hash 4b367bb2207b38272e82c6d96e45d418
a164d5f9a1dcfcd2a2d5efbe3552e70a5d126fb2
6f50db4d051aa39236e2d63ac96850b806d8a2b2733a342a847843992466dccb
GET /wp-content/uploads/2017/06/DSC_8158-min-1024x575.jpg HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:44:49 GMT
Server: Apache
Last-Modified: Tue, 28 Apr 2020 13:21:14 GMT
ETag: "38b1b-5a459b4af8680"
Accept-Ranges: bytes
Content-Length: 232219
Keep-Alive: timeout=300, max=500
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9a39ad487bd0d39512386defd164596
ee08c559f0a846f99c9d7d946a039a9da0e53626
1e6c6259a5d89c381cd32cf405a00e293632841310980300aed1c504764e864a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E6C6259A5D89C381CD32CF405A00E293632841310980300AED1C504764E864A"
Last-Modified: Tue, 25 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21394
Expires: Thu, 27 Oct 2022 08:41:23 GMT
Date: Thu, 27 Oct 2022 02:44:49 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 12:31:58 GMT
expires: Sun, 22 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 396771
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube-nocookie.com/s/player/64588dad/www-player.css
142.250.74.14200 OK 50 kB URL HTTP/2 www.youtube-nocookie.com/s/player/64588dad/www-player.css
IP 142.250.74.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9099eb6003e106307d09bc72c4d1a0b6
8a8a058b2a1a22392be9de07dbabed8245b11dcd
008cee71d0ff3b0e784c7bf9729fda79fd194bed3ac10bf0f490f81a98ea0da1
GET /s/player/64588dad/www-player.css HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/RBjL6J7-8cw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49873
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 14:51:44 GMT
expires: Thu, 26 Oct 2023 14:51:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 26 Oct 2022 00:18:12 GMT
content-type: text/css
age: 42785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e14b08bca1a4c61e267dc18b1858ef09
dbb4d2093ad54a14a4880197ea465b8406b1f46f
c513a460a5aa50b67b76769e55082e4e774a69f861db92ebb49dd00e2c08c325
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C513A460A5AA50B67B76769E55082E4E774A69F861DB92EBB49DD00E2C08C325"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11322
Expires: Thu, 27 Oct 2022 05:53:31 GMT
Date: Thu, 27 Oct 2022 02:44:49 GMT
Connection: keep-alive
www.youtube-nocookie.com/s/player/64588dad/www-embed-player.vflset/www-embed-player.js
142.250.74.14200 OK 98 kB URL HTTP/2 www.youtube-nocookie.com/s/player/64588dad/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (572)
Hash 58aa6e69429405c5f843ef18d80fc92c
fbd753ecad56c1ff53999c68825c63db48b61fd8
50ffddb8f11b7b695cc398c3b8304e4f9350035e4a49884252f6ed82308a8f8c
GET /s/player/64588dad/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/RBjL6J7-8cw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97474
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 14:51:44 GMT
expires: Thu, 26 Oct 2023 14:51:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 26 Oct 2022 00:18:12 GMT
content-type: text/javascript
age: 42785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 00:48:31 GMT
expires: Sat, 21 Oct 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 525378
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube-nocookie.com/s/player/64588dad/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.14200 OK 2.8 kB URL HTTP/2 www.youtube-nocookie.com/s/player/64588dad/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.14:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/64588dad/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/embed/RBjL6J7-8cw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 14:51:44 GMT
expires: Thu, 26 Oct 2023 14:51:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 26 Oct 2022 00:18:12 GMT
content-type: text/javascript
age: 42785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.noahkrasser.com/matomo.js
78.46.175.218200 OK 62 kB URL HTTP/2 analytics.noahkrasser.com/matomo.js
IP 78.46.175.218:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1398)
Hash 4728ffb26ff270ab998a7acc5369ba92
08591fcf110dd66c0ec0735fcac7b795b2666a7a
382843b96a3a0f2c2b38c583563caad12733ae44b4b5f1b97abe948fc461596f
GET /matomo.js HTTP/1.1
Host: analytics.noahkrasser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 24 Jan 2021 19:08:49 GMT
etag: "f21c-5b9aa26c37664"
accept-ranges: bytes
content-length: 61980
content-type: application/javascript
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/uploads/2020/04/favicon.png
81.19.159.55200 OK 18 kB URL HTTP/2 www.von0auf101.com/wp-content/uploads/2020/04/favicon.png
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced\012- data
Hash f8d3c75c1ebbe05ec6fa7a716eaf3c36
6b294cc920629b14d810c7235164d2f76f45b7ec
5cd7fc52ce6de19fbd5f8ab0ac85e9012199b453537a12ec055671619659e5ea
GET /wp-content/uploads/2020/04/favicon.png HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Tue, 28 Apr 2020 13:40:46 GMT
etag: "45a5-5a459fa8ad380"
accept-ranges: bytes
content-length: 17829
content-type: image/png
X-Firefox-Spdy: h2
www.von0auf101.com/wp-content/uploads/2020/04/favicon-150x150.png
81.19.159.55200 OK 16 kB URL HTTP/2 www.von0auf101.com/wp-content/uploads/2020/04/favicon-150x150.png
IP 81.19.159.55:0
ASN #38955 World4You Internet Services GmbH
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 34a96c6d44fd21f7daefd96aff453e3e
29d3a9370c7a9b9657917d9bfd73fffe37c87f91
dfd3408fbfc765e2ddd8afcd010692a5394c5b5477f28ba0387fcad34af7d836
GET /wp-content/uploads/2020/04/favicon-150x150.png HTTP/1.1
Host: www.von0auf101.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/blog/10-abschluss-der-reha/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
last-modified: Tue, 28 Apr 2020 13:40:45 GMT
etag: "4002-5a459fa7b9140"
accept-ranges: bytes
content-length: 16386
content-type: image/png
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 27 Oct 2022 02:44:50 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash af7e99c0c64043f05b67650ac47a5ed9
e31b39ad3fd246a55814bc9cc53a563585ff6f5d
fc57d36c489269653f274dd71a5d58d5293f8b0a76a67e175c914d1318caf4fa
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 27 Oct 2022 02:44:50 GMT
server: ESF
cache-control: private
content-length: 30689
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d72765bf757c452c379ac5227cb2f26e
42ae86d1dafebdc240872bc147cf5bac1132a5a8
467a95869b7d64abef4237f35456f7800f6709b944987f8ff53606877ae13246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/RBjL6J7-8cw/default.webp
216.58.207.246200 OK 2.9 kB URL HTTP/2 i.ytimg.com/vi_webp/RBjL6J7-8cw/default.webp
IP 216.58.207.246:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash de5d4c007b1bc272646be7f45b38e75c
f128918292112671995d8ea775f87512cacefc7d
ea8f261dc02a5ab81619d315bbac1f1a5d560d2bf4a4babf0c746e33a534339e
GET /vi_webp/RBjL6J7-8cw/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2884
date: Thu, 27 Oct 2022 02:44:50 GMT
expires: Thu, 27 Oct 2022 04:44:50 GMT
cache-control: public, max-age=7200
etag: "1525968855"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 25cced1b374aedcad759b791c0c7bb6e
16c8d58c320ef0c6a582a96d0444927d76e0fe85
e104a8f558d5d831acda57855b219084a87ad32926dc1ad55080dcb640b735ec
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 27 Oct 2022 02:44:50 GMT
server: ESF
cache-control: private
content-length: 30896
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 548adf48ccc53ecd7c0ac1dfb27d13a3
6271706fe6ef27e23ca62a3e02782731a1d52295
fdabb8de87f72c6f3262946250085f022ace8db0339ad9bfb413c6659f8ae493
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a63ea2903767bb46326d85331e42e34e
b113b248df6025ed117551b7baa1960316122415
4ba54e12a06237d2c396d93e1cf9513b066074df9993ee408ee2bfb365c5f3c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d72765bf757c452c379ac5227cb2f26e
42ae86d1dafebdc240872bc147cf5bac1132a5a8
467a95869b7d64abef4237f35456f7800f6709b944987f8ff53606877ae13246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/2jr0eHp02ItFWQ5x-XHzcF5Qh6GPPdrMF7WL5Xw4nSU.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/2jr0eHp02ItFWQ5x-XHzcF5Qh6GPPdrMF7WL5Xw4nSU.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36070)
Hash 85eb372ce1c6d357145554bf8b589b3f
bae5908cb8ecce54c0e5d14bc1273a441cc6f8ee
a19bdf18007e7ba4cca54cc36a5eb0b64d091c4f6e39b370d50e9fd34325c6a4
GET /js/th/2jr0eHp02ItFWQ5x-XHzcF5Qh6GPPdrMF7WL5Xw4nSU.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14247
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 10:11:46 GMT
expires: Sat, 21 Oct 2023 10:11:46 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 11 Oct 2022 09:30:00 GMT
content-type: text/javascript
age: 491584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu8vJ1hRHauWWRivr4gVQw04B3djSCP45hE_nvUSXf8=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.5 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8vJ1hRHauWWRivr4gVQw04B3djSCP45hE_nvUSXf8=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 6bf1a8ba11ca5e5c970533b38dfa0cda
6e0772d5a99b5cddcdc819e6ebef34cb00c079c6
8f4e3790349dab0ec3f94bb4a1f42eb44796b9d60892a2123b17644328d89014
GET /ytc/AMLnZu8vJ1hRHauWWRivr4gVQw04B3djSCP45hE_nvUSXf8=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3522
x-xss-protection: 0
date: Thu, 27 Oct 2022 02:44:50 GMT
expires: Thu, 20 Oct 2022 14:26:55 GMT
cache-control: public, max-age=86400, no-transform
etag: "v14a85"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/4lXWhTVQGrg/default.webp
216.58.207.246200 OK 4.2 kB URL HTTP/2 i.ytimg.com/vi_webp/4lXWhTVQGrg/default.webp
IP 216.58.207.246:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f16202ac9e865bf34cbc5587b9ae56ca
b7d730ff134cef2a4b4efce21896382371412162
12dad9be0ab63e062ba510a3704ce74e8a8d40da06a769cb9d6ac8fedb12d1b9
GET /vi_webp/4lXWhTVQGrg/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 4222
date: Thu, 27 Oct 2022 02:44:50 GMT
expires: Thu, 27 Oct 2022 04:44:50 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 548adf48ccc53ecd7c0ac1dfb27d13a3
6271706fe6ef27e23ca62a3e02782731a1d52295
fdabb8de87f72c6f3262946250085f022ace8db0339ad9bfb413c6659f8ae493
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:44:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5109ae5-81e3-49db-bbdc-eb160eef1dfd.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5109ae5-81e3-49db-bbdc-eb160eef1dfd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33e31f3d27d3068624029f7a917ac24d
d28a39cffb1d8a7a1a7bbfa3f95f98b790c6a673
31ead0fb893666b5c533ab6cb51e85b2646aa1ef46ef67ad80d2e7c911e0fdde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5109ae5-81e3-49db-bbdc-eb160eef1dfd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9686
x-amzn-requestid: c9a788b9-1367-4050-9590-30ef6d9a4fa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocugHsUoAMFjnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-444afe996c8df73779f78a53;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3otUfQziZmocFHGSOWSKJtXpgCOPfhxY3TOkbrBT6pdNi5B2Xrf67A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:51 GMT
age: 17642
etag: "d28a39cffb1d8a7a1a7bbfa3f95f98b790c6a673"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Vibur&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Vibur&display=swap
IP 142.250.74.10:0
GET /css2?family=Vibur&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Oct 2022 02:44:49 GMT
date: Thu, 27 Oct 2022 02:44:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube-nocookie.com/embed/RBjL6J7-8cw
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube-nocookie.com/embed/RBjL6J7-8cw
IP 142.250.74.14:0
GET /embed/RBjL6J7-8cw HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 02:44:49 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+328; expires=Sat, 26-Oct-2024 02:44:49 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:100,200,300,400,500,600,700,800,900|Open+Sans:100,200,300,400,500,600,700,800,900|Cardo:100,200,300,400,500,600,700,800,900|Open+Sans:100,200,300,400,500,600,700,800,900|PT+Serif:100,200,300,400,500,600,700,800,900
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:100,200,300,400,500,600,700,800,900|Open+Sans:100,200,300,400,500,600,700,800,900|Cardo:100,200,300,400,500,600,700,800,900|Open+Sans:100,200,300,400,500,600,700,800,900|PT+Serif:100,200,300,400,500,600,700,800,900
IP 142.250.74.10:0
GET /css?family=Open+Sans:100,200,300,400,500,600,700,800,900|Open+Sans:100,200,300,400,500,600,700,800,900|Cardo:100,200,300,400,500,600,700,800,900|Open+Sans:100,200,300,400,500,600,700,800,900|PT+Serif:100,200,300,400,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Oct 2022 02:44:49 GMT
date: Thu, 27 Oct 2022 02:44:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogheim.at/ranking?key=KyumZb&typ=13
185.51.8.119200 OK 0 B URL HTTP/2 www.blogheim.at/ranking?key=KyumZb&typ=13
IP 185.51.8.119:0
GET /ranking?key=KyumZb&typ=13 HTTP/1.1
Host: www.blogheim.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 02:44:49 GMT
server: Apache
cache-control: no-cache, must-revalidate, max-age=2592000, public
pragma: no-cache
expires: Sat, 26 Nov 2022 02:44:49 GMT
content-type: image/png
age: 0
accept-ranges: bytes
strict-transport-security: max-age=15768000
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
www.youtube-nocookie.com/embed/4lXWhTVQGrg
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube-nocookie.com/embed/4lXWhTVQGrg
IP 142.250.74.14:0
GET /embed/4lXWhTVQGrg HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 02:44:49 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+993; expires=Sat, 26-Oct-2024 02:44:49 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bloggerei.de/bgpublicon.jpg
85.214.218.186200 OK 0 B URL HTTP/2 www.bloggerei.de/bgpublicon.jpg
IP 85.214.218.186:0
GET /bgpublicon.jpg HTTP/1.1
Host: www.bloggerei.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.von0auf101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 02:44:49 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache
pragma: no-cache
set-cookie: PHPSESSID=vsv0dqit1ndjvbcirkppugmfor; path=/
x-powered-by: PHP/8.0.24, PleskLin
X-Firefox-Spdy: h2