denkodrom.de/
301 Moved Permanently 291 B IP
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b4b2a9dd20b37d6cdfae60298b6d5354
b3ab412521cb4cbb70cf2e2d1fd67fb20f4cf2a7
06ad618207b2a3bae75152fa1b27984d089ac7fdd3a7215be9b3731ab35098b5
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 12:10:52 GMT
Server: Apache
Location: https://denkodrom.de/
Content-Length: 291
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13601
Expires: Sun, 18 Sep 2022 15:57:33 GMT
Date: Sun, 18 Sep 2022 12:10:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 11:12:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3GHT3lLiIsMPDqd4Yc4j92ScNG2_wNXuHNoH_vAxgd_i7Ewz2DxZCQ==
Age: 3527
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 03:30:43 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nPfMBlb-7HF6V1NHRJlpGG_bWKCBUB4EWfAfZj2Hpo3-i_i2tpbThQ==
age: 31209
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b1f39e75ea976edd1ad05059af476d26
cfcdf3061d82bd477f9adecab9abd192c51f23fd
533f8feec8547fd3aec3de769de7459dbc1e51727cbfc132e88ce61975a12edf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "533F8FEEC8547FD3AEC3DE769DE7459DBC1E51727CBFC132E88CE61975A12EDF"
Last-Modified: Sun, 18 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 18 Sep 2022 18:10:52 GMT
Date: Sun, 18 Sep 2022 12:10:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 18 Sep 2022 12:03:22 GMT
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 12:40:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vPVTP8iihdMX84pdHnvDlyp9qAE48FbgoyZoCmSzQFL4YguBC5iPlg==
Age: 450
denkodrom.de/
200 OK 44 kB IP
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8491)
Hash 65d1e9dab39153edcbb8fee7dad93b82
d2bd75a2f33970a835b429958a1db4fe9b659c67
35efa8e9dcb02652eab2474c7e99a68bc5bf95bb08f755233a9934210d9d9e9e
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:52 GMT
Server: Apache
Link: <https://denkodrom.de/index.php?rest_route=/>; rel="https://api.w.org/", <https://denkodrom.de/index.php?rest_route=/wp/v2/pages/11>; rel="alternate"; type="application/json", <https://wp.me/P7Y4B1-b>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.4.16, PleskLin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
200 OK 471 B IP
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2702
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Last-Modified: Sun, 18 Sep 2022 11:25:51 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
denkodrom.de/wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/frontend.css?ver=1.0
200 OK 407 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/frontend.css?ver=1.0
IP
ASN #20773 Host Europe GmbH
Hash 96715e73de53052e2da1cb15fe023429
4649ba927ac7afb5e2a70b86c18f7f5b2b484f10
888367a4ed32cf98042f1a24333d148d5903056b6e25862ceb19e68536f58ae8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/frontend.css?ver=1.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sun, 10 Apr 2022 16:37:42 GMT
ETag: "457-5dc4f7255e19c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 407
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-content/plugins/jetpack/modules/theme-tools/compat/twentysixteen.css?ver=11.0
200 OK 3.1 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/modules/theme-tools/compat/twentysixteen.css?ver=11.0
IP
ASN #20773 Host Europe GmbH
Hash 2932679d98fe461e0df0f70f7d3e9c1d
5256a2fdb53d00db4e475bad71c2a50028035d02
1f93012b40a0ce4eb9088b0251cfc73b4b6330e70666d10233085b014bf5fe6f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/modules/theme-tools/compat/twentysixteen.css?ver=11.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "4236-5e128803ea3f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3119
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-content/themes/twentysixteen/style.css?ver=20201208
200 OK 14 kB URL HTTP/1.1 denkodrom.de/wp-content/themes/twentysixteen/style.css?ver=20201208
IP
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (413)
Hash 3cd23c072cbb4b1fc87ad39d7d7ff79b
df201c4be696ffc13509482f77c94d940db44204
b3299bfac8851600960fe8ad8f2be54f3a58937727239cf3ffa189e522d0eca8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentysixteen/style.css?ver=20201208 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:25:58 GMT
ETag: "114a6-5e128a486433d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 13456
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/admin-font.css?ver=3.8.1
200 OK 821 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/admin-font.css?ver=3.8.1
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (653)
Hash c356bd6b1182505cc845b5bd5c48c9aa
9a61f980cb2af5f9f09725431b7821345fc1ce14
e860f1aba9ba3e1c9a7ad4ec44d128ef21bf3cc3bf79039d3764d46213c51724
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/podlove-podcasting-plugin-for-wordpress/css/admin-font.css?ver=3.8.1 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sun, 10 Apr 2022 16:37:42 GMT
ETag: "c86-5dc4f7255e19c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 821
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
200 OK 12 kB URL HTTP/1.1 denkodrom.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Wed, 13 Jul 2022 00:17:06 GMT
ETag: "15b64-5e3a4b48f4b7c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 11681
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
i0.wp.com/denkodrom.de/wp-content/uploads/2022/05/taeterheader.png?resize=1024%2C606&ssl=1
200 OK 307 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2022/05/taeterheader.png?resize=1024%2C606&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 307 kB (306652 bytes)
Hash 4c319783fd744c82ac702f4d77ed139a
44d3d85fd8c9620c1c8aee5f00ffae40bbedcf73
c248d18c0ace349e15d7f13fccefc83879b34dfcd5d7c07070cd7293b375a8f4
GET /denkodrom.de/wp-content/uploads/2022/05/taeterheader.png?resize=1024%2C606&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 306652
last-modified: Tue, 06 Sep 2022 07:17:54 GMT
expires: Thu, 05 Sep 2024 19:17:54 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2022/05/taeterheader.png>; rel="canonical"
x-content-type-options: nosniff
etag: "810c94bce0b0dd89"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/FlyerFestival-XdrUck-e1486836829857-1.jpg?w=836&h=394&ssl=1
200 OK 38 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/FlyerFestival-XdrUck-e1486836829857-1.jpg?w=836&h=394&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 836x394, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8ff8e6a5628d37a17d5a063daa57bba3
a7d06ca0df656819fb716e22ad6fefbb14416413
2e6b09584eaf3ce53b06298361c9dea2efe69a9a2551cf89c0b43ed3114a5648
GET /denkodrom.de/wp-content/uploads/2017/02/FlyerFestival-XdrUck-e1486836829857-1.jpg?w=836&h=394&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 38096
last-modified: Fri, 16 Sep 2022 06:10:47 GMT
expires: Sun, 15 Sep 2024 18:10:47 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/FlyerFestival-XdrUck-e1486836829857-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3df4acd97a054f8c"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/FlyerSHEMAERAweb-1.jpg?w=836&h=302&ssl=1
200 OK 18 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/FlyerSHEMAERAweb-1.jpg?w=836&h=302&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x289, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 545ae77661b8698c0fac24aa4378785c
94f7b3acb45377d9989d5806480268d1ade92a93
abc62e5bf95b9e72448e759e089a6d56fbfacf21b5cb45117c0e6d1fe96eb0b4
GET /denkodrom.de/wp-content/uploads/2017/02/FlyerSHEMAERAweb-1.jpg?w=836&h=302&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 18232
last-modified: Fri, 16 Sep 2022 06:10:47 GMT
expires: Sun, 15 Sep 2024 18:10:47 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/FlyerSHEMAERAweb-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3f96045fad2e3734"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-f%C3%BCr-tk-copy-1.jpg?w=836&h=191&ssl=1
200 OK 15 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-f%C3%BCr-tk-copy-1.jpg?w=836&h=191&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 568x130, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 60f99621382b1c2e0daa9e064943a5d6
3963884cfddef562587f42c2d0c98b809ec4c837
39a35a4fc81207e3970bac83de8bc4b0ca1fd52da5a5b517c67e967c429b2161
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom-f%C3%BCr-tk-copy-1.jpg?w=836&h=191&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 14660
last-modified: Sat, 17 Sep 2022 01:26:26 GMT
expires: Mon, 16 Sep 2024 13:26:26 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom-f%C3%BCr-tk-copy-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "16d0ad98689ab82f"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkotest2016flyerVorn-1.jpg?w=836&h=398&ssl=1
200 OK 25 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkotest2016flyerVorn-1.jpg?w=836&h=398&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 836x398, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 505b31187d42d3b45f2d0d1396f01a8d
679eb3317924070eaf882fcb389497e5a1563598
850db455ce3ce1b6d5fd29b474fa36b181d52a30d70ece367aa295683723ee0e
GET /denkodrom.de/wp-content/uploads/2017/02/denkotest2016flyerVorn-1.jpg?w=836&h=398&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 25152
last-modified: Fri, 16 Sep 2022 06:10:47 GMT
expires: Sun, 15 Sep 2024 18:10:47 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkotest2016flyerVorn-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "04371bc366fa78a3"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen-1.jpg?w=276&h=391&ssl=1
200 OK 14 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen-1.jpg?w=276&h=391&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 276x391, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5afab76f26c76e80d91fda11e0c1396c
ca4c3fb036377fd026ed100c13ac9123f4189a28
5fc03bce0a179aa9c45af1b6a63db34f919439e3de5787be4c7e46d9b9aa37d4
GET /denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen-1.jpg?w=276&h=391&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 14198
last-modified: Fri, 16 Sep 2022 06:10:47 GMT
expires: Sun, 15 Sep 2024 18:10:47 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c74e514b235dffbe"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
denkodrom.de/wp-content/themes/twentysixteen/css/blocks.css?ver=20220524
200 OK 1.9 kB URL HTTP/1.1 denkodrom.de/wp-content/themes/twentysixteen/css/blocks.css?ver=20220524
IP
ASN #20773 Host Europe GmbH
Hash 1643c2c1872b8975dfe9b3216095638a
bf3f2e6d2702b8ddb3a8d662b05f08c9c4503941
d80c11bdc71b5a09d02e315fd1e9d0b506d14e7da982e206f7575ca5d952d1c1
GET /wp-content/themes/twentysixteen/css/blocks.css?ver=20220524 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:25:58 GMT
ETag: "214e-5e128a4862fb4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1892
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
200 OK 2.6 kB URL HTTP/1.1 denkodrom.de/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (11256), with no line terminators
Hash 583529ff412cb2b255fa606024d1133e
8db4b0a0be402cc5e38488528791b73b0c7369d0
6fdf0933a8faf229b277740f401600834c00d0b204f7ed38293cd4abcdb3ea20
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:27:35 GMT
ETag: "2bf8-5b9a638f9e388-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2592
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-content/plugins/jetpack/css/jetpack.css?ver=11.0
200 OK 16 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/css/jetpack.css?ver=11.0
IP
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash b07332d0f1dd3507e39a09c83764f078
bfeeb2b2d8204d8a158d95b431ccafc27211320e
f57839acebd788d72bf4e9f8e76e845e97e10e8fa3451f40629bc04a825fa84b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "14ef8-5e12880433fae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 16431
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
200 OK 1.2 kB URL HTTP/1.1 denkodrom.de/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (4186), with no line terminators
Hash 30d57d7aa11190e44974cce8621f22c7
59f516369877009cce06ca45b1c296944bb674a4
094ae87a3d4cee4a1ddc5cada149c2deacabd4cf2e377b97fe4ca641142258ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Fri, 22 Nov 2019 15:35:18 GMT
ETag: "105a-597f12940691f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1156
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
denkodrom.de/wp-content/plugins/podlove-web-player/web-player/embed.js?ver=5.5.1
200 OK 43 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/podlove-web-player/web-player/embed.js?ver=5.5.1
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65473)
Hash 7c6bd52e10fdddfb5617c797c18b1817
335e27f209a14e45c36677a3eb1f699b5202742f
76ff6133a901f35e703fbd4b10194b06dcd77e167e651343c5c6dd4630456807
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/podlove-web-player/web-player/embed.js?ver=5.5.1 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 07 May 2022 14:56:02 GMT
ETag: "212ed-5de6d2c746a06-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 42952
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
200 OK 16 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (18732)
Hash dd0f53262702f111ddf86f20d1f605d1
a073021fe1aed82f104e7da84fa70bf8815a7d2b
7292e6d1bfe7ed6ee6bb7e9d5cd0483dae1d629955f6efae5c431e928422d1a4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "6e6a-5e1288047faa6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 16441
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen3-1.jpg?w=276&h=391&ssl=1
200 OK 8.7 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen3-1.jpg?w=276&h=391&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 276x391, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be1713dea138ea0f2403a598e5baae53
c7fd493e5d9d0860ccf6840b6df4460535861759
7f0fbc0a6cf5ad2fc4b102f5e50933d6df37d37c4f26b7533ae3232fe2dab364
GET /denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen3-1.jpg?w=276&h=391&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 8724
last-modified: Thu, 01 Sep 2022 17:30:18 GMT
expires: Sun, 01 Sep 2024 05:30:18 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen3-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "df946ebbc6cdb91d"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkotitel-neu-1.gif?w=836&h=208&ssl=1
200 OK 508 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkotitel-neu-1.gif?w=836&h=208&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 508 kB (508316 bytes)
Hash a6d6abcd64bbf3e4a78d6fdc189dd8da
8d1254d01627f9c01bde37b4ec56666b08b02828
c13cf8d7a9894feb98a7f992dc0d7bce96268e8b6d31fce850b15fb6562bd290
GET /denkodrom.de/wp-content/uploads/2017/02/denkotitel-neu-1.gif?w=836&h=208&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 508316
last-modified: Fri, 09 Sep 2022 04:20:55 GMT
expires: Sun, 08 Sep 2024 16:20:55 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkotitel-neu-1.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "282b863ff096e5d6"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen2-1.jpg?w=276&h=391&ssl=1
200 OK 12 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen2-1.jpg?w=276&h=391&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 276x391, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 70a6bcf99f7d9b97c9dfbc5ef46f7f08
af78f5d5f4c2fae413776a7c6e7bf8f9b59cabb2
e6f5f18a6b694f9e5749a15c07a05bee9288445005948f269fc4b8664184ca07
GET /denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen2-1.jpg?w=276&h=391&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 11476
last-modified: Fri, 16 Sep 2022 06:10:47 GMT
expires: Sun, 15 Sep 2024 18:10:47 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen2-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "12ab39389fd9c1c2"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen4-1.jpg?w=416&h=589&ssl=1
200 OK 24 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen4-1.jpg?w=416&h=589&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 416x589, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 659edf65ba106a94daf983035d90caec
0aa57eb0be053e24bab89b35998119f504a32ad5
ff8685960326fde245a0bdc352b6bbf8f35775ee19dd839cf79473727d91f444
GET /denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen4-1.jpg?w=416&h=589&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 23560
last-modified: Thu, 15 Sep 2022 08:19:12 GMT
expires: Sat, 14 Sep 2024 20:19:12 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen4-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "01c44ef296e34970"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen5-1.jpg?w=416&h=589&ssl=1
200 OK 16 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen5-1.jpg?w=416&h=589&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 416x589, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d69a042c2608bf760584451238f117e4
1649017bd5d2867fc8c309e4fdb21dbb36f9a876
89ae9c0f6ee8cd25c3a7a6a1423d5c4f6254e52b9e2f825fb65328e44b4f6a3f
GET /denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen5-1.jpg?w=416&h=589&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 16238
last-modified: Thu, 01 Sep 2022 17:30:18 GMT
expires: Sun, 01 Sep 2024 05:30:18 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/09/denkodrom-stadtmachen5-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5d71c89fd70886d1"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom_im_bau-1.jpg?w=564&h=376&ssl=1
200 OK 12 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom_im_bau-1.jpg?w=564&h=376&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 564x376, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4e66a1e3ec2081599353c2f6cccbda01
63ced2e8dd2ca8043d517530bacaebb4c9003359
91087934cfef139fa07f31dc7c255ea094cc954e22317e55e7b3346c69728821
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom_im_bau-1.jpg?w=564&h=376&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 11764
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom_im_bau-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "509480e7ac6609af"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
denkodrom.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.2 kB URL HTTP/1.1 denkodrom.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:27:35 GMT
ETag: "2bd8-5b9a638f8baa7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4169
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-flyer-1.jpg?w=663&h=238&ssl=1
200 OK 7.0 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-flyer-1.jpg?w=663&h=238&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 663x238, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 304318eace838fb7c00123ec4764c0e7
7ffa66ccf8f5472e34b42d9c56dc40de0e604c79
ddd695df6675c5bb9574d72eacc0bdde59bf320a1f59677311546e8e9dc2abe1
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom-flyer-1.jpg?w=663&h=238&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 6998
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom-flyer-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "32eef8306d2a3504"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
denkodrom.de/wp-content/plugins/podlove-web-player/js/cache.js?ver=5.5.1
200 OK 787 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/podlove-web-player/js/cache.js?ver=5.5.1
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (1837), with no line terminators
Hash de26d99b84a45a22c32211a3a421e261
0e8abef53a2256c3876d9cf452492979130dd4aa
4eb4eb5c67c6647697ab570ddeafc33f6176451c170c2fd20ba486f874c65dfb
GET /wp-content/plugins/podlove-web-player/js/cache.js?ver=5.5.1 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 07 May 2022 14:56:02 GMT
ETag: "72d-5de6d2c750a2e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 787
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
200 OK 369 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (685), with no line terminators
Hash accd80b294f42169b1e447e68bacfffe
40847092d82d78897a8219b270b22838fcc0bb95
35e8294d38f054cd6fbcdef72076443685888546d93b41a596e981a5e9a61552
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "2ad-5e128804a0231-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 369
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Ruhe-sanft-Bittergedanke-1.jpg?w=179&h=126&ssl=1
200 OK 2.9 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Ruhe-sanft-Bittergedanke-1.jpg?w=179&h=126&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 179x126, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 513cf69274b9e1e9d40f7a97e117fd69
867d39af15c11cdc89410f0d242ecc53ba7cb799
44e1d773ca3dcb22dca650824742512647febb3e408d042b85b5a9e4e5c1ca2c
GET /denkodrom.de/wp-content/uploads/2017/02/Ruhe-sanft-Bittergedanke-1.jpg?w=179&h=126&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 2870
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/Ruhe-sanft-Bittergedanke-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c56328341ad44b06"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEBDenkodrom2016FirouziVornFLYER-1.jpg?w=373&h=324&ssl=1
200 OK 3.2 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEBDenkodrom2016FirouziVornFLYER-1.jpg?w=373&h=324&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 373x323, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 76ff77c9ed4814fb87d278a436c14cf6
2383f6e9eb83c158a80a813d5eb24f9c1278fb8a
eece5b5c1e9b2a83d7d8c44f46cf47d294c708b2bc8f0486e987dc557b8b2ab2
GET /denkodrom.de/wp-content/uploads/2017/02/WEBDenkodrom2016FirouziVornFLYER-1.jpg?w=373&h=324&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 3152
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/WEBDenkodrom2016FirouziVornFLYER-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4e96d11fcdac19f9"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/roxxychaosundderangsthaseFRONTFLYERNEU-724x1024-e1486836859124-1.jpg?w=459&h=324&ssl=1
200 OK 5.1 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/roxxychaosundderangsthaseFRONTFLYERNEU-724x1024-e1486836859124-1.jpg?w=459&h=324&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 458x324, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81ecf0b2f5cf9e1ccadf72b07877b45d
fa23d248ba1e348ccecdfb7581040e77ab1a37b8
4987ae4188a19d0b1065e0f9392b97a056e846952fa8708d321a7280fd456ac3
GET /denkodrom.de/wp-content/uploads/2017/02/roxxychaosundderangsthaseFRONTFLYERNEU-724x1024-e1486836859124-1.jpg?w=459&h=324&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 5072
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/roxxychaosundderangsthaseFRONTFLYERNEU-724x1024-e1486836859124-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e8a001c42786a9ac"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-logoNEU-1.jpg?w=653&h=126&ssl=1
200 OK 3.8 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-logoNEU-1.jpg?w=653&h=126&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 653x126, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad029949152d32546764481b07e47e07
e78a8b46a0b87f404faeb5ebfd7dbe7523a743b1
1fe644bdafe677359ff20376399fafac0b4979b189af5f61607371c5fd6cbe4b
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom-logoNEU-1.jpg?w=653&h=126&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 3844
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom-logoNEU-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ebd700f945ef4f91"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/stempeldenkodromCENTER-1.jpg?w=267&h=263&ssl=1
200 OK 16 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/stempeldenkodromCENTER-1.jpg?w=267&h=263&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 267x263, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 677b9e8ff90b2f7dd84febbf45ae16ea
94f265878f718c8ca79dfd7c4a322f1932fd07fb
213b3fd7e78d939e0dfe64ff9f3030766bd6240768cfd3c28b89f8a620771f94
GET /denkodrom.de/wp-content/uploads/2016/10/stempeldenkodromCENTER-1.jpg?w=267&h=263&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 15562
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2016/10/stempeldenkodromCENTER-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f49c82e3a165a258"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
denkodrom.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
200 OK 5.0 kB URL HTTP/1.1 denkodrom.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:13:34 GMT
ETag: "48b9-5e1287831097d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5009
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/plugins/scroll-to-anchor/js/scroll-to-anchor.min.js?ver=6.0.2
200 OK 425 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/scroll-to-anchor/js/scroll-to-anchor.min.js?ver=6.0.2
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (758), with no line terminators
Hash 1f4f6fb19bb5fe725ff003c00776d9f3
f18859fb57e00675a86bd82ab4a40568eefd64cd
28ab9fb7681b46c212aee56eab3166a5d50152a59c3dcea50895a1a686069e9f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/scroll-to-anchor/js/scroll-to-anchor.min.js?ver=6.0.2 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Fri, 16 Nov 2018 17:25:07 GMT
ETag: "2f6-57acb72da95c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 425
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-ALLEIN-e1486836875441-1.jpg?w=527&h=269&ssl=1
200 OK 8.7 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-ALLEIN-e1486836875441-1.jpg?w=527&h=269&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 527x268, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3a74818899dbcc91d923e717b1330335
ac2f5bc80ce0ca1b37d329b54f040487ae71de2e
4f945982390f38994183057b0e3b491b19d98ba9e5fe35082af529294caec7d5
GET /denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-ALLEIN-e1486836875441-1.jpg?w=527&h=269&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 8714
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-ALLEIN-e1486836875441-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "19b18c3351db5acb"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom_2013_festival_flyer_hinten_copy-1.jpg?w=416&h=583&ssl=1
200 OK 20 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom_2013_festival_flyer_hinten_copy-1.jpg?w=416&h=583&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 416x583, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 91af9e80543b51c1f8cfac9f886d1040
490e931e3f1eb6dabec36dcfaffe8f5e39139382
8ddd9cc037c20ad3c8aa890ecaae45b2925b6e0c33e37f2fb2a31613d30954fe
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom_2013_festival_flyer_hinten_copy-1.jpg?w=416&h=583&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 20416
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom_2013_festival_flyer_hinten_copy-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "150a67ea10b9b2fb"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEB-FLYER-DENKODROM-091211-SCHICKEN-HINTEN-1.jpg?w=222&h=311&ssl=1
200 OK 27 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEB-FLYER-DENKODROM-091211-SCHICKEN-HINTEN-1.jpg?w=222&h=311&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 222x311, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf25d8e21e1c22e52ce2132b41e4417a
32e4ea42a55d843a937159f685f2a41253b0cdfb
d22bfde038be8a6b6c7079efc3a2054a459ee5b5ab842507302b975a0f690960
GET /denkodrom.de/wp-content/uploads/2017/02/WEB-FLYER-DENKODROM-091211-SCHICKEN-HINTEN-1.jpg?w=222&h=311&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 26668
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/WEB-FLYER-DENKODROM-091211-SCHICKEN-HINTEN-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "936d40e7fe8537be"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
denkodrom.de/wp-content/themes/twentysixteen/js/functions.js?ver=20181217
200 OK 2.1 kB URL HTTP/1.1 denkodrom.de/wp-content/themes/twentysixteen/js/functions.js?ver=20181217
IP
ASN #20773 Host Europe GmbH
Hash d03942453ec530effaadcfffcd4bada9
49e6b8c586d6919d60fd0d94849cc9060b7efcd6
48a2e867393371e38135d2087c0c7f6e1a3170661e66cb042b24b989faf6a428
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentysixteen/js/functions.js?ver=20181217 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:25:58 GMT
ETag: "1ca1-5e128a4864b0d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2084
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
200 OK 588 B URL HTTP/1.1 denkodrom.de/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
IP
ASN #20773 Host Europe GmbH
Hash 6209669d9298e364d532dac780c3b015
a00a7286154427c580f0b5fd65ffab6148662104
7f119c8a8a132ff8c30088b18d4a4479c2d4fc1c65c275f49348db4de92fc58f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:25:58 GMT
ETag: "423-5e128a4864b0d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 588
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522
200 OK 669 B URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (1604), with no line terminators
Hash 96910fa5e877382dca1d53961c945dfc
6d8a48dc7873d601d1836904a73c63a2187627d8
5f4fc85b7b1e489bffa35e361248937db954246932e0188efa9f0bee621b9b89
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "644-5e128804a96a2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 669
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer11-1.jpg?w=209&h=294&ssl=1
200 OK 9.5 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer11-1.jpg?w=209&h=294&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 209x292, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2883a994ef36f632cc1bdb92497b47d0
a3f1be554acc0006367b2b362351352296b82c49
1ccef9e5d243fdbcfdf704916f0e1b49a1a6e504ef32fe8956fa1ddb0f1aa86a
GET /denkodrom.de/wp-content/uploads/2017/02/flyer11-1.jpg?w=209&h=294&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 9456
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/flyer11-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7e5f417562526411"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEB-DENKODROM-FLYER-091211-SCHICKEN-1.jpg?w=416&h=583&ssl=1
200 OK 74 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/WEB-DENKODROM-FLYER-091211-SCHICKEN-1.jpg?w=416&h=583&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 416x583, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6626483085500ba4de43a9e8dff5eddc
7659e053e9f0953f5c9fca76470dbbf20e2aaa78
579a1f4d18037941c749b4ac3e8e612e55c41e57f0fc4fd0d785a6249ed5be65
GET /denkodrom.de/wp-content/uploads/2017/02/WEB-DENKODROM-FLYER-091211-SCHICKEN-1.jpg?w=416&h=583&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 73770
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/WEB-DENKODROM-FLYER-091211-SCHICKEN-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7cbb770338bd9035"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
denkodrom.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 31 kB URL HTTP/1.1 denkodrom.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Mon, 06 Sep 2021 21:18:22 GMT
ETag: "15db1-5cb5a30604c8f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 30908
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=11.0
200 OK 7.4 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=11.0
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (24247), with no line terminators
Hash cfeb5cda9604ac407a38e2e38c550686
3a590af7eb2c38f99cf4046f4e1d19f1f2d685a0
9f45f4938861e2eb25fb613b2f5b080a2bc91d29758b3e7c34fe78a3277d0ea9
GET /wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=11.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "5eb7-5e128804a7762-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7408
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
denkodrom.de/wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?ver=11.0
200 OK 1.1 kB URL HTTP/1.1 denkodrom.de/wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?ver=11.0
IP
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (3156), with no line terminators
Hash 83b62b43597cbf6234809db22be8a07d
d9213019e87b6ea47ab3e21ab7517333e5c6a569
c0ec22e47b171f212b70022432369149ab57d0a1640edb9c68db7395d7691af1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?ver=11.0 HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Sat, 11 Jun 2022 09:15:50 GMT
ETag: "c54-5e128804a8702-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1115
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/WEBdenkodrom-bataille-aufkleber-1.jpg?w=619&h=442&ssl=1
200 OK 62 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/WEBdenkodrom-bataille-aufkleber-1.jpg?w=619&h=442&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 619x441, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e03c97fc46c9a1c7aab554f168bcc18
c994b2b3fdb1bb4e2ad2edc7d849ab55cc29951e
809a5a86b193e29b5d8a1eba5a31cdbf49f9588eab5d41d723aa7c9172d5d924
GET /denkodrom.de/wp-content/uploads/2016/10/WEBdenkodrom-bataille-aufkleber-1.jpg?w=619&h=442&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 61574
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2016/10/WEBdenkodrom-bataille-aufkleber-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4cc9c9a6cb4fa7ea"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodromtransgression-1.jpg?w=565&h=403&ssl=1
200 OK 6.8 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodromtransgression-1.jpg?w=565&h=403&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 565x403, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4a759d2dba7e108cc76b03878b17920
450f87b4107dff4fbf1473a562d7a0ef28b82390
ec59ede280e4f2d0735924d4620e92bcb63681846d060e4416c856c82b44aee8
GET /denkodrom.de/wp-content/uploads/2017/02/denkodromtransgression-1.jpg?w=565&h=403&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 6770
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodromtransgression-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "133944709aa7ec11"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/DENKODROM-FESTIVAL-15122012-FLYER-1.jpg?w=268&h=376&ssl=1
200 OK 22 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/DENKODROM-FESTIVAL-15122012-FLYER-1.jpg?w=268&h=376&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 268x376, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 837105fcdf6ecdcfa7ab65c156b88e8f
eb0701fcfe6e439ffed4a476fa481fb973ec1b83
a941939e56cf6bd6dfee0832a756ed73207bfe651332a04ac57f21be451e8712
GET /denkodrom.de/wp-content/uploads/2017/02/DENKODROM-FESTIVAL-15122012-FLYER-1.jpg?w=268&h=376&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 22128
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/DENKODROM-FESTIVAL-15122012-FLYER-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "15839d85860c3703"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-bunt-logo-fun-1.jpg?w=267&h=136&ssl=1
200 OK 9.5 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-bunt-logo-fun-1.jpg?w=267&h=136&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 267x135, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3a234baabf0481e97fd463381c60d15a
67ba13bec5663e6593ebe3bb0f98340e9d4fdf2a
92b537c92018822ea7391112f0777f7d567ab46ae949da6d21c29608c55cf98b
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom-bunt-logo-fun-1.jpg?w=267&h=136&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 9546
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom-bunt-logo-fun-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9c0db3577f269dac"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Tag-Im-Park-Logo-mit-Schrift-1.jpg?w=213&h=442&ssl=1
200 OK 9.3 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Tag-Im-Park-Logo-mit-Schrift-1.jpg?w=213&h=442&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 213x442, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b768259464e8af59942fc77ab256a7bb
e169a1b01ead68a93617b7acd3a3e821ae057dc6
444488a28417c705a7f03988f69ad14803435166380313ce81974c58dd15fc06
GET /denkodrom.de/wp-content/uploads/2017/02/Tag-Im-Park-Logo-mit-Schrift-1.jpg?w=213&h=442&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 9328
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/Tag-Im-Park-Logo-mit-Schrift-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1ea4fbb75fd22553"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-COLOUR-1.jpg?w=623&h=294&ssl=1
200 OK 23 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-COLOUR-1.jpg?w=623&h=294&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 623x293, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dfd5ecd1332fd1a4a1668ef75d231cbf
1d7eb0d3277690b50b0048791638cea762932ca2
249ff16c3e1f1730e28d9a174d4fa344fd3a2b135cd0e263eecd72d6e1540d93
GET /denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-COLOUR-1.jpg?w=623&h=294&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 22982
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/flyer-denkodrom-2015-2te-HJ-COLOUR-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3fa67aa65ea28fc8"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Tagimpark_16_Flyer_RZ_vorne-2-1.jpg?w=305&h=646&ssl=1
200 OK 29 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/Tagimpark_16_Flyer_RZ_vorne-2-1.jpg?w=305&h=646&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 305x646, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3f4223b9d261f539865c3bd45c824c77
0f5b49ba621b8edb9cd8e5f8e499f3e07f23bec7
92e7ea4708702ace63c58e8540b5865444abbf1cf76a53e458f46883d217b46e
GET /denkodrom.de/wp-content/uploads/2017/02/Tagimpark_16_Flyer_RZ_vorne-2-1.jpg?w=305&h=646&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 28636
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/Tagimpark_16_Flyer_RZ_vorne-2-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7f7866944ccb3754"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-452012-denkovorn-1.jpg?w=527&h=373&ssl=1
200 OK 15 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyer-452012-denkovorn-1.jpg?w=527&h=373&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 527x372, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d191be34588657774aea477580265c2
0c8ce9f78f36d9714139a258046066cb8aeabc92
e325df1b6b85ab45ce908c161939831a875bc9a827852718f6a7feee680e941a
GET /denkodrom.de/wp-content/uploads/2017/02/flyer-452012-denkovorn-1.jpg?w=527&h=373&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 15030
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/flyer-452012-denkovorn-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "cedf1610d0c1c9c7"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/cropped-cropped-stempeldenkodromSMALL-1-2.png?w=1200&ssl=1
200 OK 267 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2016/10/cropped-cropped-stempeldenkodromSMALL-1-2.png?w=1200&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 267 kB (267230 bytes)
Hash 2f78c6ece059f19b0b2b58f3b265d7f2
b9cc8c8c6925549c1a6a4451018b0bc1bb377b88
0bf6635adea54616336ef022d4f6a5247cf394ca4d749a5654dde43299ce0149
GET /denkodrom.de/wp-content/uploads/2016/10/cropped-cropped-stempeldenkodromSMALL-1-2.png?w=1200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 267230
last-modified: Fri, 16 Sep 2022 06:10:47 GMT
expires: Sun, 15 Sep 2024 18:10:47 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2016/10/cropped-cropped-stempeldenkodromSMALL-1-2.png>; rel="canonical"
x-content-type-options: nosniff
etag: "037a8c6a3f87919d"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyerSENDvorn-denkodrom-2016vornSEND-1.jpg?w=610&h=311&ssl=1
200 OK 32 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/flyerSENDvorn-denkodrom-2016vornSEND-1.jpg?w=610&h=311&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 610x310, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af5df8ef8bfc5cbf0ab0492986a434c7
3e9d04089d22b8d484c7a4e50f8004e9fbe2351e
8ecf7073f60f23839abe83f20baff2c83f8a356955d68b6c97f74eb93d1200c9
GET /denkodrom.de/wp-content/uploads/2017/02/flyerSENDvorn-denkodrom-2016vornSEND-1.jpg?w=610&h=311&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 31938
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/flyerSENDvorn-denkodrom-2016vornSEND-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "16c6cd318a72182f"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/roxxyangsthase-flyer-bochumessen-1.jpg?w=169&h=238&ssl=1
200 OK 6.6 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/roxxyangsthase-flyer-bochumessen-1.jpg?w=169&h=238&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 169x238, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45218e7ae2e9ae2ad0ca793d86202eb3
ec2a66f5d5255a1435ec86a4fb1fdf4a2734184c
07753536ba0628cb88edcb9e3a54f801df4d7ebac5025030d05ff7f2f2609468
GET /denkodrom.de/wp-content/uploads/2017/02/roxxyangsthase-flyer-bochumessen-1.jpg?w=169&h=238&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 6624
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/roxxyangsthase-flyer-bochumessen-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "14e9143b876bf39a"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/denkodrom.de/wp-content/uploads/2019/05/60208005_1011136579082985_1746620700858253312_n.jpg?w=480
200 OK 33 kB URL HTTP/2 i1.wp.com/denkodrom.de/wp-content/uploads/2019/05/60208005_1011136579082985_1746620700858253312_n.jpg?w=480
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 480x262, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed7e622df019333d5b1b02e14436b34e
51397230768ec1a010cdfe87c09160ce2a28aa89
98a7254f6f45fadf9b2f6729f12fe86855407de1e1538b67a5d7e8f689e3d56e
GET /denkodrom.de/wp-content/uploads/2019/05/60208005_1011136579082985_1746620700858253312_n.jpg?w=480 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 32982
last-modified: Fri, 16 Sep 2022 06:10:47 GMT
expires: Sun, 15 Sep 2024 18:10:47 GMT
cache-control: public, max-age=63115200
link: <http://denkodrom.de/wp-content/uploads/2019/05/60208005_1011136579082985_1746620700858253312_n.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "61952e3548290db5"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b417168037cd02cb414797a2fe8a898f
504f56151849a7bfcd36d7e72b39ead79a69bfe8
39238b70192886874fc0362dbf5e2b017f71760665c5d1025d75e4a304ded1f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cCFes4izqcVUO4bGG4SM/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4zmDBpp5rg+1GtgMY7lRM6T14g0=
denkodrom.de/wp-content/uploads/2016/10/denkobackjpg2-1.jpg
200 OK 17 kB URL HTTP/1.1 denkodrom.de/wp-content/uploads/2016/10/denkobackjpg2-1.jpg
IP
ASN #20773 Host Europe GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x671, components 3\012- data
Hash 08d2b87e4125702bb5fcd9335ba2b982
43e7a7cfc75bad3ee10be249df53aff2bace5a29
8faa01bf08a525321a53124d8d3ab96de802e7e2f98dea7f8212bc099a2695b5
GET /wp-content/uploads/2016/10/denkobackjpg2-1.jpg HTTP/1.1
Host: denkodrom.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 12:10:53 GMT
Server: Apache
Last-Modified: Thu, 11 Jan 2018 16:37:36 GMT
ETag: "41bc-56282c3ee5400"
Accept-Ranges: bytes
Content-Length: 16828
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
pixel.wp.com/g.gif?v=ext&j=1%3A11.0&blog=117751703&post=11&tz=0&srv=denkodrom.de&host=denkodrom.de&ref=&fcp=0&rand=0.27831811902308756
200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.0&blog=117751703&post=11&tz=0&srv=denkodrom.de&host=denkodrom.de&ref=&fcp=0&rand=0.27831811902308756
IP
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.0&blog=117751703&post=11&tz=0&srv=denkodrom.de&host=denkodrom.de&ref=&fcp=0&rand=0.27831811902308756 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 1676347d939ffb3f9fbc756634868886
19f1e3aa1b38d90b4339306e2ed8363495bd3cc2
a5590094ba5f8bb5b0ea041f8836ee06c653085b4df6ecd27fac8bebfb030318
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5904
Cache-Control: max-age=97082
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Etag: "6325cbf7-1d7"
Expires: Mon, 19 Sep 2022 15:08:55 GMT
Last-Modified: Sat, 17 Sep 2022 13:30:31 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-b%C3%BChnenbild-1.jpg?w=836&h=470&ssl=1
200 OK 374 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/02/denkodrom-b%C3%BChnenbild-1.jpg?w=836&h=470&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 374 kB (374316 bytes)
Hash 7aa6de322ee6244bed21f36cb91c9d42
daab9193a0824c876f9fa15085b4064558d69d9d
6639baac2349a3f690267776138b788331b1656df64ed6cdce1e47774945c707
GET /denkodrom.de/wp-content/uploads/2017/02/denkodrom-b%C3%BChnenbild-1.jpg?w=836&h=470&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 374316
last-modified: Sun, 18 Sep 2022 12:10:53 GMT
expires: Wed, 18 Sep 2024 00:10:53 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/02/denkodrom-b%C3%BChnenbild-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "eec4d0daddd787c9"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19780, version 1.0\012- data
Hash 03717344e4dbb2de44988b281bb7430b
0cd3f7724bd0a5bf2460e1a85e35ccfbd5e85c05
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
GET /s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://denkodrom.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:37:09 GMT
expires: Wed, 13 Sep 2023 17:37:09 GMT
cache-control: public, max-age=31536000
age: 412424
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Hash 101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://denkodrom.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:14:55 GMT
expires: Wed, 13 Sep 2023 17:14:55 GMT
cache-control: public, max-age=31536000
age: 413758
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.wp.com/e-202237.js
200 OK 34 kB IP
File type ASCII text, with very long lines (2690)
Hash 8325493643158c7aad90b3c2bb1581cc
14aab14ada7e8bd3275e518f9d354b06a287c761
168a080582a88a4000b19f379118b27eeeb2f655cb21663b44430e17f6f36092
GET /e-202237.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Sun, 03 Sep 2023 22:56:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
i0.wp.com/denkodrom.de/wp-content/uploads/2022/01/iofestivalsharepic.png?w=600&ssl=1
200 OK 128 kB URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2022/01/iofestivalsharepic.png?w=600&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 128 kB (128518 bytes)
Hash a166375aa2322bde7122a41d357579c4
32fdf43294aa05d56a3181195b8e1a73bb6e5150
d5a3bb3094b17ba2ea95c8a5f3eb9b656c19d94fd9fce44a172957aeef68af9d
GET /denkodrom.de/wp-content/uploads/2022/01/iofestivalsharepic.png?w=600&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 128518
last-modified: Fri, 09 Sep 2022 04:20:54 GMT
expires: Sun, 08 Sep 2024 16:20:54 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2022/01/iofestivalsharepic.png>; rel="canonical"
x-content-type-options: nosniff
etag: "781e8ea9fed84b4e"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback
IP
Hash b2dc4bf89532f311a158302cfa218e7b
7c9d227ee7bc4eb0e6b4a1ee820d30aa2f84de88
f3afbe8dc0958356f00215ca8f885bb48c85ff71ed598fd1ccda81f8437d1b14
GET /css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=fallback HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 12:10:53 GMT
date: Sun, 18 Sep 2022 12:10:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19900, version 1.0\012- data
Hash bac4e4fc860f0a92beb62a776048f7c0
26eb7089b1050997d371be35946a12ae0cc7218f
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
GET /s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://denkodrom.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:58:37 GMT
expires: Wed, 13 Sep 2023 17:58:37 GMT
cache-control: public, max-age=31536000
age: 411136
last-modified: Tue, 26 Apr 2022 15:46:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20028, version 1.0\012- data
Hash 2bfde17b9a1384ce64af78db1b87a82f
8effd23e482511e249c3f8e91cdc503729b93598
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://denkodrom.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:16:50 GMT
expires: Wed, 13 Sep 2023 17:16:50 GMT
cache-control: public, max-age=31536000
age: 413643
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inconsolata/v31/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/inconsolata/v31/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16244, version 1.0\012- data
Hash 8e34cbcc4dfe30cc0f1afc341388aad8
feb205d0a09ad06d4fb1c62d2b61fb91c8015cef
4f9f98d74dc5dea24db279aedd49367424c72cba9fb67341cbef8bcd2f0ad002
GET /s/inconsolata/v31/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://denkodrom.de
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 22:52:07 GMT
expires: Sun, 17 Sep 2023 22:52:07 GMT
cache-control: public, max-age=31536000
age: 47926
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/DEROcJF1-NM?rel=0&controls=0
200 OK 35 kB URL HTTP/2 www.youtube.com/embed/DEROcJF1-NM?rel=0&controls=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60307)
Hash ff3ddcd94ebeb1a18a1f8cbffd63c144
e9aacb2404edb8a81bec46dcd346736a6488eb1e
be7b1ca8982fbd7c79e96df8b74ae8e2888317c15707b4d2e4470ae454ea684b
GET /embed/DEROcJF1-NM?rel=0&controls=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 18 Sep 2022 12:10:53 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=D5QH-6wocjk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=y8LhHY7gdIo; Domain=.youtube.com; Expires=Fri, 17-Mar-2023 12:10:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+378; expires=Tue, 17-Sep-2024 12:10:53 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg?fit=32%2C32&ssl=1
200 OK 548 B URL HTTP/2 i0.wp.com/denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg?fit=32%2C32&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 203b1c998a993b8933ebff28a0f20006
345b755b2b13f812520aa0fa4299b47d031d73c3
fe6272f811111aedc53f01ec009b6c3d58e12ee788aae9341543fe5464a257c9
GET /denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 12:10:53 GMT
content-type: image/webp
content-length: 548
last-modified: Fri, 16 Sep 2022 06:10:48 GMT
expires: Sun, 15 Sep 2024 18:10:48 GMT
cache-control: public, max-age=63115200
link: <https://denkodrom.de/wp-content/uploads/2017/04/cropped-cropped-cropped-stempeldenkodromCENTER-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "2a37dc05f6267af3"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
www.youtube.com/embed/CaR-3UWI4vw?rel=0&controls=0
200 OK 76 kB URL HTTP/2 www.youtube.com/embed/CaR-3UWI4vw?rel=0&controls=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60311)
Hash f00fb0d17a07525b4e3bb709d77315e4
395da3bb06f7ec7c11742bd8926561c02752c792
d1d964456d49b1bba0c04561569d5397b40c114da0ee11fb4b9713fd45b0132d
GET /embed/CaR-3UWI4vw?rel=0&controls=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 18 Sep 2022 12:10:53 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=iWp6cl1X8ac; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=C3QMA-YIg5o; Domain=.youtube.com; Expires=Fri, 17-Mar-2023 12:10:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+618; expires=Tue, 17-Sep-2024 12:10:53 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/nt7QAL3KNkQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
200 OK 30 kB URL HTTP/2 www.youtube.com/embed/nt7QAL3KNkQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60311)
Hash 8bb32e3bd90195842d1528cf95deb207
734ed79254ac11763c8166070b94d473a350a87d
ee4fff833055a92aa3a8e9869c4cf5d0bae75aee0ee6132bef6e79698dbe28cd
GET /embed/nt7QAL3KNkQ?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 18 Sep 2022 12:10:53 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=mpfj4J3bIRw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=5ziWRTbnC2g; Domain=.youtube.com; Expires=Fri, 17-Mar-2023 12:10:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+516; expires=Tue, 17-Sep-2024 12:10:53 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/iUZTEdo21L8
200 OK 616 kB URL HTTP/2 www.youtube.com/embed/iUZTEdo21L8
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60307)
Size 616 kB (616500 bytes)
Hash 1ce5918cd9b0b0a5c897a1fa9c605066
8b24d70130058e2dc0fd208f65ff00189b0742f2
bffecd24b26be3de7a98fbad1abe673594f58ca3d19287f1a17c729c04eb697d
GET /embed/iUZTEdo21L8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 18 Sep 2022 12:10:53 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=C8IIpgo8B4w; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=owL5ZsrYmVU; Domain=.youtube.com; Expires=Fri, 17-Mar-2023 12:10:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+125; expires=Tue, 17-Sep-2024 12:10:53 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 85135
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 1676347d939ffb3f9fbc756634868886
19f1e3aa1b38d90b4339306e2ed8363495bd3cc2
a5590094ba5f8bb5b0ea041f8836ee06c653085b4df6ecd27fac8bebfb030318
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5905
Cache-Control: max-age=97082
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:54 GMT
Etag: "6325cbf7-1d7"
Expires: Mon, 19 Sep 2022 15:08:56 GMT
Last-Modified: Sat, 17 Sep 2022 13:30:31 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15857
Expires: Sun, 18 Sep 2022 16:35:11 GMT
Date: Sun, 18 Sep 2022 12:10:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15857
Expires: Sun, 18 Sep 2022 16:35:11 GMT
Date: Sun, 18 Sep 2022 12:10:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15857
Expires: Sun, 18 Sep 2022 16:35:11 GMT
Date: Sun, 18 Sep 2022 12:10:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15857
Expires: Sun, 18 Sep 2022 16:35:11 GMT
Date: Sun, 18 Sep 2022 12:10:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15857
Expires: Sun, 18 Sep 2022 16:35:11 GMT
Date: Sun, 18 Sep 2022 12:10:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q6pjncaouCXUu0Pz7v6xF_8ClxxVypUSeggW23Z-UTsPamKCTgwjmA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:00:17 GMT
age: 51037
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7334a6bdb209350f41e4640960c9ce2a
0b00e1a594dc88c8fb05044a69cc0ba1eafc4946
bf946afeb52d95f27e2a271486accf87a0c169e5e78f6d57cace80564e2ed668
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10554
x-amzn-requestid: 07497447-33e7-4f60-a3ff-974f581c5704
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlG_7IAMFaIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-1964dc6548cb5f7c09f65b78;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4c7A4n-fW5-zEG1OjjUo8zWdY80KTpzwJdfKuDT0OjW5NpkZxxWB-A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:35 GMT
age: 51679
etag: "0b00e1a594dc88c8fb05044a69cc0ba1eafc4946"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e7c2440-8c3c-44a6-abd6-84e4cf4a71b4.png
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e7c2440-8c3c-44a6-abd6-84e4cf4a71b4.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7bee8e76cdd23db16e3fac4eddc5ca9f
646170abc26654bb4b44731906b090f2617b383d
2f0febf704be09d9b9fbfed0fc0c60692667ea984e09a681a00fd9661f32b389
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e7c2440-8c3c-44a6-abd6-84e4cf4a71b4.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11788
x-amzn-requestid: dfe137b0-12d6-42f7-911c-4714bbb68f9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn64EGDbIAMFnFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e99-6540bae27aec883036de23cd;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: UPPrDP8Ncq4fgSaiQL85Nbnv958N9ckMiNchQImRTwLaSemEUdDpeA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:39:38 GMT
age: 52276
etag: "646170abc26654bb4b44731906b090f2617b383d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c956a4-db39-47fc-87b0-5c576f15441b.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c956a4-db39-47fc-87b0-5c576f15441b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97d0fb7f2e5c544eb87b803a153d8763
a247157989727bf0d4598679f7f0cc9646299cbd
cfff9f9aaad7b3dc4949c917df6096ee65a3392d8a8dceddf94261af5480ac56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c956a4-db39-47fc-87b0-5c576f15441b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: cb45074f-f130-41a6-b253-6bc6654e8ebb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6KXH3gIAMFwnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d75-32ffacde1e1eb46117c61fe9;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:45 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P60MPAXw-2lxWTjCtqk9Cd1oga6yuq6lcApDeSIWfIAehDHdXsCFIw==
via: 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:52:10 GMT
age: 51524
etag: "a247157989727bf0d4598679f7f0cc9646299cbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec46eb11-30ba-49b6-9fa9-7b2aa2a6753b.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec46eb11-30ba-49b6-9fa9-7b2aa2a6753b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7aee46b7814b9faad9e1e961d2d08953
b024a3286d0349f92d555acb3caec116c25a305f
a5dd4f4504202cf4183b53619300e16b0653344cc3e3870c30599137e177059f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec46eb11-30ba-49b6-9fa9-7b2aa2a6753b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6997
x-amzn-requestid: fdb2e9d7-d3c0-4536-b9e6-d09972fb1f84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tmElsoAMFe2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-11ff4c9f1e38f4102e558f03;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DCRdz8tLPQE4s5m_h4rSZbigL2Wepeg5QzSVpFm0xHh0yYiP0SsNqQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:47:52 GMT
age: 51782
etag: "b024a3286d0349f92d555acb3caec116c25a305f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9a9211e94d6aa2429e9663ef317707e
ac0d1af96508d026f9a1252d358660bd5671f9bd
36663b67119ae58b665e43d86b73045472cf23d73bf2c981754f479989690791
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5448
x-amzn-requestid: 3b63d209-af92-4d64-866a-d8f677aa62a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn659H9DIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea5-30e7f8a32603ba70671addec;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CqzHFWav9sDzwBhF58p314oyYPwfcbmlplVt2oF9QxSBIi5ktgpS7w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:54 GMT
age: 51660
etag: "ac0d1af96508d026f9a1252d358660bd5671f9bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 921e8a0262005f8ee573fb2b42c1986c
5c75e821cce7f52205386b7264feb86f23eae952
203db2e39e95498c9336df6b8e2814d67a6228aa8531d8b53d3d781878e3d3b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 11:59:23 GMT
expires: Sun, 18 Sep 2022 12:14:23 GMT
cache-control: public, max-age=900
age: 691
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 18 Sep 2022 12:10:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 921e8a0262005f8ee573fb2b42c1986c
5c75e821cce7f52205386b7264feb86f23eae952
203db2e39e95498c9336df6b8e2814d67a6228aa8531d8b53d3d781878e3d3b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
200 OK 265 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (993)
Hash e0e78328c7d39527b50d23be97ec21cd
cb983ba70e6d934d7f973fce0741dd6f395f4356
f556751ac7feea7f563ae2b7f13227fedc78aebc85e572ca7d8522cc891110b1
GET /rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 10 Sep 2023 04:11:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 4OeDKMfTlSe1DSO+l+whzQ==
x-fb-debug: SznFhizF0uCHr+pqpFiAEsFkVeDXJa5xzOcxR+E61H5fsD7j61sJxn3GIAhOH6q4B+bXiA/HX49QVtKLo/k7Pw==
content-length: 265
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yC/r/-5fHtiTYR5u.js?_nc_x=Ij3Wp8lg5Kz
200 OK 6.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yC/r/-5fHtiTYR5u.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (4556)
Hash 5aac7d694bd45ab155902ff79e87e637
1271d8f090737e7d002a6ed4e8d81fd1a06517d7
e313d52bed1f2df05efa92bd279120961851172ad01468eb875c4f0c55780442
GET /rsrc.php/v3/yC/r/-5fHtiTYR5u.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 14:40:18 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Wqx9aUvUWrFVkC/3nofmNw==
x-fb-debug: InYzzYwwYTCBJfZF4e4wp09tZxQBHX3SwZa/feZiQ9Moggc5brklB3BrQUVDBRg6KvTO9an5LqZxFZBXn1KFwQ==
content-length: 6669
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/y-/l/en_US/FcvJBB0C3rJ.js?_nc_x=Ij3Wp8lg5Kz
200 OK 8.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/y-/l/en_US/FcvJBB0C3rJ.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (2973)
Hash ffe7b79ce7ca26f6f708ddd1d38ee3e7
6380b17543d221a6934c145232fc385aa965fa1d
9c68febd9ec67b45b9142a70128f1ab52fe3ec35b1d5749d15387ea514c8743a
GET /rsrc.php/v3iLl54/y-/l/en_US/FcvJBB0C3rJ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 01:03:39 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: /+e3nOfKJvb3CN3R047j5w==
x-fb-debug: jglKcZZWPiPBYelS7L1o+pI0cKm51cHFoCx0zt2o0cZ7T5BaQaOgSAL6UF4vWraxH9evluUpqXV+83ymRr2UNg==
content-length: 8455
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 11 Sep 2023 03:40:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: yvcHQcHgQfrcN31QwueWw7eqsNpNbWtAvIIpRMNbc1EWD9EWLcTQ586PSUdvC7roJbEBWK8NJm/xMHyMmQTyNw==
content-length: 338
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz
200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (2052)
Hash 883efc20b86990fd486fab545ffc08f4
da322dda14a98744e03655dcf0da9482b4b1e1d0
e207751970ef4bf6e0a64da5e9480ab3b1ee86408a7904796e2f6e225f8ee612
GET /rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Sep 2023 23:21:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: iD78ILhpkP1Ib6tUX/wI9A==
x-fb-debug: fhsLl0YjqSJqoV13JDQuIhdo/OX0Rs1cu8RUFdHOyPNKeiRXL+6eELxvTCu8eNpLboXkpb1VNLUfW2D1iOJqLg==
priority: u=3,i
content-length: 1689
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yC/r/5RJiTHn6lGN.js?_nc_x=Ij3Wp8lg5Kz
200 OK 9.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yC/r/5RJiTHn6lGN.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (9954)
Hash be64cd173090e3a98e38a422d5930c56
5c196fb94edb4d634bad160a99f3918260d23be3
0ffe4a73f2d08fa7dae5286e54d9e1f779422452cedfb44422a90ed24d409617
GET /rsrc.php/v3/yC/r/5RJiTHn6lGN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 06:17:35 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: vmTNFzCQ46mOOKQi1ZMMVg==
x-fb-debug: nX71BXzODflTafzyxBwlTMlGwb5Yft4tVtq1VvvI3GQmNcUB/DqhZHERZO2OIZMvWt6SbixfiM2uKWOpZ/Dkvg==
content-length: 9071
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yb/r/DVU7dWqvHXN.js?_nc_x=Ij3Wp8lg5Kz
200 OK 5.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yb/r/DVU7dWqvHXN.js?_nc_x=Ij3Wp8lg5Kz
IP
File type C source, ASCII text, with very long lines (4719)
Hash 2945746953ed7f2aadd91bc0b2b1ccfe
3639a712bb93ae69c53b001ad51d193cbeece74a
2c84d5c120c9f219e31da05011207463d935bbeface344f9cb09879c3b8ba9ce
GET /rsrc.php/v3/yb/r/DVU7dWqvHXN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 00:48:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KUV0aVPtfyqt2RvAsrHM/g==
x-fb-debug: mLSHx0G8+tdqBh8zwREOQbMzNhSH1Ir8NVkqGesTIU0IYP4DL3Zr37U3+Y+RDCGmk3QNG6zCZx2toUL5xkeQqw==
priority: u=3,i
content-length: 5550
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 18 Sep 2022 12:10:55 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEBX4/yV/l/en_US/CBpXBwkeiMb.js?_nc_x=Ij3Wp8lg5Kz
200 OK 8.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEBX4/yV/l/en_US/CBpXBwkeiMb.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (6030)
Hash 8eec5b8222e4e20ae7fde9e9ec03fa5b
0d86a7995567e84f483559569f6dff454ece6c24
af75b48fdd20abff68ab1328c1ac768b379ca856e881928999b2d53ee0de519a
GET /rsrc.php/v3iEBX4/yV/l/en_US/CBpXBwkeiMb.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 01:03:39 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: juxbgiLk4grn/enp7AP6Ww==
x-fb-debug: PnDfOi9Drfd+AJks/Oulqgv6T86C9WC+/N2WA8Nl44jI6lGLO7HQaL4cLyPUDkTB2ASfYmeCGPPmj18PKiFUCg==
content-length: 8502
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ntijSEq_uQT.js?_nc_x=Ij3Wp8lg5Kz
200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yd/r/ntijSEq_uQT.js?_nc_x=Ij3Wp8lg5Kz
IP
File type C source, ASCII text, with very long lines (7367)
Hash 2e6b8fb5c99f65f0290910a108d70b59
259614e8da07b8bb8f9f97145960c80d5a3a8301
d78f36b2062bcb9f609e318cb082657e04ad0d1c89b090d7a88b44d1b390fcd1
GET /rsrc.php/v3/yd/r/ntijSEq_uQT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 00:46:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: LmuPtcmfZfApCRChCNcLWQ==
x-fb-debug: 9owb03MW9I/ZkncVxY7WZhzknWlcHGbXgioprIQ0Y2lZDEq9c/HobO4WC2y6W+P7oFKZlZL4RVOeNlcooWTFlw==
priority: u=3,i
content-length: 15970
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y4/l/en_US/aToexfaV0S1.js?_nc_x=Ij3Wp8lg5Kz
200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/y4/l/en_US/aToexfaV0S1.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (42045)
Hash 58dbeeb1a23bb44fabf2c50e0884a170
c3c6a7b58d90c4b7b135758d99911465794dd9a2
b49ba6b6ba373668ac5d82d37a0aa689d913579384477b5a7b8be059c2c2bd96
GET /rsrc.php/v3iEpO4/y4/l/en_US/aToexfaV0S1.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 01:01:42 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: WNvusaI7tE+r8sUOCIShcA==
x-fb-debug: G3G9I1N7v0+MnO8ZaGROLlJ4BJXEJs8aySuTTaOYpQUswrzKddHXJObEqIfLVFsNMi1mThGS/3psNQa0murhzA==
priority: u=3,i
content-length: 23388
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/kl5QvbCz5Lo.js?_nc_x=Ij3Wp8lg5Kz
200 OK 7.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/kl5QvbCz5Lo.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (4129)
Hash 7614efba617e235ae864911e15a63a27
5eb6ee4e1d2db3866ebcbc35b76352c719c36255
3c2783c57f48e1b749c1065ddcdf2f5184582a2bc799b1ee832fdf79c62b9557
GET /rsrc.php/v3/yx/r/kl5QvbCz5Lo.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 00:46:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dhTvumF+I1roZJEeFaY6Jw==
x-fb-debug: ACIjnQUklLiphY/PQOgVXMywcjp59nEc+QWUd1Wf0Xx+xP1XZ+TgRMny22uPybRcaFri2Z9BXc/4AQUApCsyxg==
priority: u=3,i
content-length: 7311
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/OnlkVBHmhU5.js?_nc_x=Ij3Wp8lg5Kz
200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/OnlkVBHmhU5.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (15853)
Hash 23b8fd6c3f4a5154a33f3c1e35dcb90f
4423853ce11522c7524269013e7753c7f6213c8c
835037446a5392ff50b01617d33122a078a8ad886e9d07dbabeb91f02b4c9999
GET /rsrc.php/v3/yx/r/OnlkVBHmhU5.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 00:48:18 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: I7j9bD9KUVSjPzweNdy5Dw==
x-fb-debug: rB57OAmWa6J1SZyEVPyZ1P2afuE3nH6zsfQjO3ctzA78MIPj/a/5XVajeq2yQWmUWcqFL2LKuzxch0eBh+2A5g==
content-length: 16371
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Sep 2023 06:48:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: BWoKeSty6egwJE1HqSdlEHxWsT8EIfiJaW04/EzvcfYdU5s/Q9jvLxzG++a+AE3+hdDZup53g3KTnC0sS9hV6w==
content-length: 827
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/BlAD2xX4neg.css?_nc_x=Ij3Wp8lg5Kz
200 OK 5.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/BlAD2xX4neg.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (4093)
Hash f596f619466ec99a85212287f00130b1
09689a8f7b0a131d9890e64572c8f13397535211
3c500d0c1adcd6f3ccd49f34c45d5364f68ba9d2563478cbd54bf477fa1b1e9c
GET /rsrc.php/v3/yx/l/0,cross/BlAD2xX4neg.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 14:48:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 9Zb2GUZuyZqFISKH8AEwsQ==
x-fb-debug: 9o9fBzBD4bMOpd5eaQeFoaY7vg7dznAn33onYO1ZgJNWGgSRNWsnt5XSHAdZJ9hf/Le0YQ49XoNWQzf2b3jqMg==
priority: u=3,i
content-length: 5196
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/I_DGZeWwnml.css?_nc_x=Ij3Wp8lg5Kz
200 OK 4.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/I_DGZeWwnml.css?_nc_x=Ij3Wp8lg5Kz
IP
File type assembler source, ASCII text, with very long lines (2642)
Hash 6ff0affb93acb3e210d68b50d67dd43c
932473e9c54275389c9ffd6bb3d088800e4f154a
064e887f9f9c30f3d45ce79a8d344a7cf6f83164ee979105f0d03088fe3626d2
GET /rsrc.php/v3/yF/l/0,cross/I_DGZeWwnml.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 02:50:57 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: b/Cv+5Oss+IQ1otQ1n3UPA==
x-fb-debug: ICu9+J7pol4/I7KFtPnp2EOKG+R5G3rwziJ1CzQv/SqOSAoKDtFM+ImT//JLTO7h8gFqe5yZZe8bBXZGfDYhGg==
content-length: 4606
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 75adf84368491247837bc9ed2fa1ac09
8d549f91bbd31bcbb758fd47c41046a873c87a55
53b1d400fcb9f409b2c139fba67ffeb9892d4ce4202bd28ee0d8230302ffd7cd
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:55 GMT
server: ESF
cache-control: private
content-length: 30764
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yI/r/p7aKdtolv_W.js?_nc_x=Ij3Wp8lg5Kz
200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yI/r/p7aKdtolv_W.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (5329)
Hash adcd01b197549ab05ed54746a81151f8
edb56528c008d8a431e350179ff6df1aa40c2ae6
e6456b195e1064b44db169404417d1c68777133c14d6188bd9ffdfc60e70393c
GET /rsrc.php/v3/yI/r/p7aKdtolv_W.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 00:46:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: rc0BsZdUmrBe1UdGqBFR+A==
x-fb-debug: C07wPTKkFnDbXPQ8vUNI3lcu/5k/bTda27QKkFJ9VZyjj7xORU1WFpcBwCcD6MzV+uZmh6QVmeBURIlfIWfoiw==
content-length: 12252
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ab15a3557f2ae57a7f109decc7bf7f21
0c33ca1edabbf1d48fa57a8960756726970f0cd0
fdd5583dbe7e847871bc54e06cf850a0895719371ba087ba7f108aa380c12142
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
IP
File type ASCII text, with very long lines (35963)
Hash 0a10e1669fa5f54a96c02562d935783f
fb9c033841ed0848caeede748301a5c91de6c800
25215608c929fe6c434b08bdb327df9b9ca11355840c6408602b8612073f99f5
GET /js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14185
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:03:42 GMT
expires: Thu, 14 Sep 2023 05:03:42 GMT
cache-control: public, max-age=31536000
age: 371233
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f0c8dfea4257edc7c92ffeb7344a9f72
75ab887415fa419d4e9f46f932d4f726987edfe7
14fdf84bd59b072e9081b32d741667b614e61839f52e22dd4e7e16b67c79b0a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash be2418b1c907ea5c5c118ea04110c05c
bfccdff59bf12183d944919222a3a5cc06bb55d0
94d47fc76a001b3e76effab981170a0557e39318ef44e44c9a8969feaa29f29f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5e12f3556b12a1c67248c4b8f09b002d
63fcc33cfba6e00b9178ad85f7372e425b70bf6f
66fefc307d11237f7c390a8e1619ee42e1e55a1d09e6e94b9f6ee571d1b5c448
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:55 GMT
server: ESF
cache-control: private
content-length: 31130
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js
IP
File type ASCII text, with very long lines (36304)
Hash 2290550297e63b48200422c4b7e1462a
f700e2d274f776ea92bff1c6d8cd82a1c6f4725f
668a21ecefaab47ae57fdaa6de19661bcba38c4e2d444cde44d4c47b78132c89
GET /js/th/SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14354
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:09:07 GMT
expires: Thu, 14 Sep 2023 05:09:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
age: 370908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/Ox7ik5Xb-pc/sddefault.jpg
200 OK 32 kB URL HTTP/2 i.ytimg.com/vi/Ox7ik5Xb-pc/sddefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 6da614736254d3ec4e38c16fbbbe8a0f
74266495ff2d3585108fd747fcbb001aed572569
88541fcfee921eb72b78479ec585a22bb9fa227aa606d503f8478641e88072e7
GET /vi/Ox7ik5Xb-pc/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 31988
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 12:10:55 GMT
expires: Sun, 18 Sep 2022 14:10:55 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu_aw9MXQc5C_1EpRKZ7UcxJzXgsy-M2MWh-_K3S=s68-c-k-c0x00ffffff-no-rj
200 OK 2.5 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_aw9MXQc5C_1EpRKZ7UcxJzXgsy-M2MWh-_K3S=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash fcb155793cabb63420fd14317463f613
00df053827c2923d23ae0329d1d7c96be4134469
49837245eaee16c633f8c71903f30c2469d8ea0bce53159f330a5d2a65316b95
GET /ytc/AMLnZu_aw9MXQc5C_1EpRKZ7UcxJzXgsy-M2MWh-_K3S=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2456
x-xss-protection: 0
date: Sun, 18 Sep 2022 12:10:55 GMT
expires: Mon, 12 Sep 2022 07:10:43 GMT
cache-control: public, max-age=86400, no-transform
etag: "v43"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f0c8dfea4257edc7c92ffeb7344a9f72
75ab887415fa419d4e9f46f932d4f726987edfe7
14fdf84bd59b072e9081b32d741667b614e61839f52e22dd4e7e16b67c79b0a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash be2418b1c907ea5c5c118ea04110c05c
bfccdff59bf12183d944919222a3a5cc06bb55d0
94d47fc76a001b3e76effab981170a0557e39318ef44e44c9a8969feaa29f29f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 12:10:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash cfe1fb052528cf58c2e1b6ef1be831e5
4d63e92ff36d09bce6afa8e0839a6dfc4bc9c661
bc1c6ea1514d9d0fdae88ae0cd0c9811525d12160a7159ea22002eaed07cfae8
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:55 GMT
server: ESF
cache-control: private
content-length: 30768
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 3ed8cfb12f2daa4e17a7fab79b128e7a
baee8b02e089b6903c72c4ac5d9ff692249508b2
20d1e6b3b2da2d300e26563f90e6bc96a2c486d76c2eef0741acfd375278de9b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:55 GMT
server: ESF
cache-control: private
content-length: 31040
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 4ce544d86a190a2a6158d41525555023
7300ee93482aafc008a896e4486806f03564938d
2eccaa660bf9b871dc62efa47caa35b94e84da0758a622482900c7ceefa8f0f7
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:55 GMT
server: ESF
cache-control: private
content-length: 30891
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
200 OK 522 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/r/T1oMBrgJQCd.png
IP
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash b4fb567dfdf0df35a097f6e9ecfefd34
f9aa0cbb0dcb1442c15f39e84279c8568ac86beb
87790b81d9cc99d100bc5996e0f70701a922877b1f7f9afc3146d4b17522b510
GET /rsrc.php/v3/ys/r/T1oMBrgJQCd.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: tPtWff3w3zWgl/bp7P79NA==
expires: Sun, 10 Sep 2023 05:05:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: JVx9GUSccaDScJzgAJ78tkp0A8IQ8cR+zZsAgZNShEh9jYJEOc38Hje13im6MWqRSNkYIaolDWW4SrOY7M4fXw==
content-length: 522
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
200 OK 2.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
IP
File type PNG image data, 25 x 203, 8-bit colormap, non-interlaced\012- data
Hash 0937c5875d6c88a3d404feb575ed0562
557a61d6bda988878f1e28070aac3d901389e63f
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
GET /rsrc.php/v3/yx/r/L0hsXTmQDMQ.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/PU4XElb3dEc.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: CTfFh11siKPUBP61de0FYg==
expires: Thu, 14 Sep 2023 21:36:13 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: tQLyhgt/u1Yclgj6uBcPEgCIaifJBC2wTon/2TKEVFZMiOPnfPZCH2L2h799KtmyMaZbrR1Bbs34ekbOFwDPww==
priority: u=3,i
content-length: 2023
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yw/r/MeE8sDF5lep.js?_nc_x=Ij3Wp8lg5Kz
200 OK 46 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yw/r/MeE8sDF5lep.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (65436)
Hash 5f788b85ec71a493de3871b32b7152ac
8dcf856cee52b7cd5fc3799a907e1c848b509a76
d34e0260c2c77bac6f54d25b6c5509c734059c09002e0025f80b7a95314cf959
GET /rsrc.php/v3/yw/r/MeE8sDF5lep.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 00:46:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: X3iLhexxpJPeOHGzK3FSrA==
x-fb-debug: rxGxEb2PVpqHqRzDE6aJVshOqvwTcDwoJ3/pSJR8zOHTjTer5kqhLO77Fylz/1Gs3t5dlzhRcxAfNTwjTMRtaA==
priority: u=3,i
content-length: 46028
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 214fa6c250af3aa4e5afb45e2f14bd61
fea118d352202cc375fdbab8cd39caa5e771e07e
db0c2eee65a48a957ae4e239ed7714d2d6d7f1e7208989fbca0b8d87c8f22164
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:55 GMT
server: ESF
cache-control: private
content-length: 30773
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 18 Sep 2022 12:10:57 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 18 Sep 2022 12:10:57 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 18 Sep 2022 12:10:57 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 244265becaea86bbf271ba3cde3c84c9
ef9843187d301063821d98414cf4f49df88b01a6
f83f16264ddcc03d93c5ceaef1a89c715658ac96b788343390c13869457f6bb4
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 846
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:57 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 96ccc7a8f0097e505e697daf3273ec2e
9217244da9703133bddd4494eacac6ecf2c6349f
14c34f6145ec30e7eb2187d4b42bd7477ac590a611fdb5e7f329012072e75099
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1095
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:57 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 325ef14863bfc879681dc832a1c0b7ec
f6305caab7099f910fb30f17ea1fc12a2ba61404
8f1915ed28ce95a66de445f3a9c2272104a5796f04b6c4e5d0e65f430d2beebc
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 863
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:57 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 42b15081b18f32289ecbbbca82039087
8ac5194764d700cf43f53cf869d65da8b513ce62
923db3f17233db0868ddabf95613fd2957cfae02102796f29f8bf6a6c3031ce6
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 874
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:57 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 110166e3f57838248fedb50a0cb656cc
0d15c06e788c8bec2746e98e71739c86dfec3104
1bebd1d07e217da4bcd1a57afbcade6a5042c2e6f2bc5990d50ea32a59f2be6a
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1076
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:57 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ddb543307a5e4803668e433ba6560187
ae77039e6a7df588acbd3190c4f50fdf51ffa5f4
74aeea42c8f159a870167bacd3356c0964248d999a2d225a56d0b3d2edf2f4ae
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 930
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 12:10:57 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/sIYDkHEBquA?rel=0&controls=0
200 OK 0 B URL HTTP/2 www.youtube.com/embed/sIYDkHEBquA?rel=0&controls=0
IP
GET /embed/sIYDkHEBquA?rel=0&controls=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 18 Sep 2022 12:10:53 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=dg0oD5elzgY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=gS7o2L0gCKw; Domain=.youtube.com; Expires=Fri, 17-Mar-2023 12:10:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+457; expires=Tue, 17-Sep-2024 12:10:53 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yM/r/a3eZamQ9G_u.js?_nc_x=Ij3Wp8lg5Kz
200 OK 0 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yM/r/a3eZamQ9G_u.js?_nc_x=Ij3Wp8lg5Kz
IP
GET /rsrc.php/v3/yM/r/a3eZamQ9G_u.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Sep 2023 01:17:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: RJohu9F/SyjiCbYqUg8owA==
x-fb-debug: SpCKyf0hxwoKDboMo/WS2TVpQK41qjZdcDO1BNpnEeo+f00X0ticZLKtI8WfmdDgHCpm/p3QR8bwwikVhiBOcA==
content-length: 91358
x-fb-trip-id: 1679558926
date: Sun, 18 Sep 2022 12:10:55 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/s/player/a97e97de/www-embed-player.vflset/www-embed-player.js
200 OK 0 B URL HTTP/2 www.youtube.com/s/player/a97e97de/www-embed-player.vflset/www-embed-player.js
IP
GET /s/player/a97e97de/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ox7ik5Xb-pc?rel=0&controls=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97939
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 03:04:35 GMT
expires: Sat, 16 Sep 2023 03:04:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
content-type: text/javascript
age: 205578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/Ox7ik5Xb-pc?rel=0&controls=0&showinfo=0
200 OK 0 B URL HTTP/2 www.youtube.com/embed/Ox7ik5Xb-pc?rel=0&controls=0&showinfo=0
IP
GET /embed/Ox7ik5Xb-pc?rel=0&controls=0&showinfo=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://denkodrom.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 18 Sep 2022 12:10:53 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=xFYZpD2mja4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=9NgAo8PRv_Y; Domain=.youtube.com; Expires=Fri, 17-Mar-2023 12:10:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+675; expires=Tue, 17-Sep-2024 12:10:53 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
83.169.35.10
143.204.55.49
23.36.76.226
93.184.220.29
157.240.200.14
0.0.0.0