Overview

URLspark.adobe.comhttps:///page/6jbm7H4Ma8KZr/
IP52.85.89.105
ASNUnknown
Location United States
Report completed2017-03-21 02:52:45 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com No alerts detected
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 52.85.89.105

Date UQ / IDS / BL URL IP
2017-03-20 23:10:520 - 0 - 0spark.adobe.comhttps:///page/psflVERSKaIym/52.85.89.105
2017-03-20 22:54:000 - 0 - 0spark.adobe.comhttps:///page/MKU8nZdp1gozX/52.85.89.105
2017-03-20 22:51:350 - 0 - 0spark.adobe.comhttps:///page/Ap3E5uRHjSuKF/52.85.89.105
2017-03-10 05:03:060 - 0 - 1containers.placemytag.com/52.85.89.105
2017-03-08 12:44:290 - 0 - 0we.tlhttps:///34TOLifPsn52.85.89.105
2017-02-15 14:53:210 - 0 - 0www.cybersecuritytrainingcourses.comhttps:///52.85.89.105

Last 6 reports on ASN: Unknown

Date UQ / IDS / BL URL IP
2017-03-30 04:42:330 - 0 - 0catch-bysimonis.nl/app/uploads/sites/2/formidable/12/FOX-TV-Nadal-vs-Sock-Live-Stream-Miami-ope (...)37.60.242.120
2017-03-30 04:40:470 - 0 - 0l.yimg.com/rq/darla/3-0-1/html/r-sf.html87.248.118.22
2017-03-30 04:39:170 - 0 - 0catch-bysimonis.nl/app/uploads/sites/2/formidable/12/FOX-TV-Nadal-vs-Sock-Live-Stream-Miami-ope (...)37.60.242.120
2017-03-30 04:38:480 - 0 - 0triberr.com/EmpireofAngelsLunarPhantom34.207.25.163
2017-03-30 04:38:481 - 0 - 2airbnb.com-booking-request-bank-to-bank-transfer-fkge563234df423d32.591user.md/37/1.php185.165.243.64
2017-03-30 04:38:470 - 0 - 0591user.md/airbnb.com-booking-request-bank-to-bank-transfer-fkge563234df423d32/222/185.165.243.64

Last 6 reports on domain: spark.adobe.com

Date UQ / IDS / BL URL IP
2017-03-27 19:48:150 - 0 - 0spark.adobe.comhttps:///page/n03e3FkqX5Cko/54.192.147.118
2017-03-27 19:17:480 - 0 - 0spark.adobe.comhttps:///page/hOq43pu3g78wi/52.84.239.221
2017-03-27 14:43:160 - 0 - 0spark.adobe.comhttps:///page/IWT35Mwt0oDjh/52.84.239.221
2017-03-27 14:28:510 - 0 - 0spark.adobe.comhttps:///page/YO5GgaIFfIRkn/52.84.239.14
2017-03-25 03:17:390 - 0 - 0spark.adobe.comhttps:///page/4MJOejxHls1RD/54.192.147.181
2017-03-21 16:06:060 - 0 - 0spark.adobe.comhttps:///page/p7Fe3bQPQDKT6/54.192.192.73



JavaScript

Executed Scripts (14)


Executed Evals (0)


Executed Writes (4)

#1 JavaScript::Write (size: 0, repeated: 1)

#2 JavaScript::Write (size: 52, repeated: 1)

<script src="//use.typekit.net/onz5gap.js"></script>

#3 JavaScript::Write (size: 52, repeated: 1)

<script src="//use.typekit.net/rbi5aua.js"></script>

#4 JavaScript::Write (size: 47, repeated: 1)

<script>try{Typekit.load();}catch(e){}</script>


HTTP Transactions (24)


Request Response
POST / HTTP/1.1

Host: ocsp.digicert.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Tue, 21 Mar 2017 01:51:49 GMT
Etag: &quot;58cff978-1d7&quot;
Expires: Mon, 27 Mar 2017 13:51:49 GMT
Last-Modified: Mon, 20 Mar 2017 15:47:04 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471
POST / HTTP/1.1

Host: ocsp.digicert.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: public, max-age=172800
Date: Tue, 21 Mar 2017 01:51:49 GMT
Etag: &quot;58d01e8d-1d7&quot;
Expires: Mon, 27 Mar 2017 13:51:49 GMT
Last-Modified: Mon, 20 Mar 2017 18:25:17 GMT
Server: ECS (arn/459D)
X-Cache: HIT
Content-Length: 471
GET /page/6jbm7H4Ma8KZr/ HTTP/1.1

Host: spark.adobe.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 52.85.89.94
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Location
Cache-Control: no-cache, no-transform
Date: Tue, 21 Mar 2017 01:38:08 GMT
Server: APIP
X-Request-Id: CcJ6heASFWAb0kMPFQBqTM3AW9e2LcDO
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: RefreshHit from cloudfront
Via: 1.1 9ea0733feaec20917b7bd93cbada276b.cloudfront.net (CloudFront)
X-Amz-Cf-Id: A0aGGGoLVHsQysZN_1xG734L9G_5jc470mKLkgebO7M3l2ZTs-OmxQ==
POST / HTTP/1.1

Host: ss.symcd.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request
 23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx/1.10.2
Content-Length: 1609
Content-Transfer-Encoding: binary
Cache-Control: max-age=445894, public, no-transform, must-revalidate
Last-Modified: Sun, 19 Mar 2017 05:38:32 GMT
Expires: Sun, 26 Mar 2017 05:38:32 GMT
Date: Tue, 21 Mar 2017 01:51:50 GMT
Connection: keep-alive
GET /runtime/1.20/base-fonts.gz.js HTTP/1.1

Host: d6uhzlpot4xwe.cloudfront.net

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://spark.adobe.com/page/6jbm7H4Ma8KZr/
 54.192.55.60
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 87
Connection: keep-alive
Date: Thu, 09 Mar 2017 19:29:17 GMT
Last-Modified: Thu, 09 Mar 2017 18:09:40 GMT
Etag: &quot;6270ad6778c01adffe817cbfb4929390&quot;
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Age: 22656
X-Cache: Hit from cloudfront
Via: 1.1 5a57d853ab1d61f9038a75f2a12c9421.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 4jZ_Lb4h_ekCxwSUcqqenIgvodR5XfCzSvakCmS-fv5OhhYuLyPffQ==
GET /runtime/1.20/images/favicon.ico HTTP/1.1

Host: d6uhzlpot4xwe.cloudfront.net

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 54.192.55.60
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
Content-Length: 503
Connection: keep-alive
Date: Thu, 09 Mar 2017 19:33:06 GMT
Last-Modified: Thu, 09 Mar 2017 18:09:37 GMT
Etag: &quot;7ae025806c645565042826c6a9be5efe&quot;
Accept-Ranges: bytes
Server: AmazonS3
Age: 21727
X-Cache: Hit from cloudfront
Via: 1.1 20710af5b67bb4f49570084055f06277.cloudfront.net (CloudFront)
X-Amz-Cf-Id: W5omKv_Y3HO7CxHM_OIDhhnj0RfI3FKvKrz4axN34OlA6o1X_NLpqw==
POST / HTTP/1.1

Host: ss.symcd.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request
 23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx/1.10.2
Content-Length: 1609
Content-Transfer-Encoding: binary
Cache-Control: max-age=588459, public, no-transform, must-revalidate
Last-Modified: Mon, 20 Mar 2017 21:15:24 GMT
Expires: Mon, 27 Mar 2017 21:15:24 GMT
Date: Tue, 21 Mar 2017 01:51:50 GMT
Connection: keep-alive
GET /runtime/1.20/themes/crisp-fonts.gz.js HTTP/1.1

Host: d6uhzlpot4xwe.cloudfront.net

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://spark.adobe.com/page/6jbm7H4Ma8KZr/
 54.192.55.60
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 121
Connection: keep-alive
Date: Thu, 09 Mar 2017 19:30:45 GMT
Last-Modified: Thu, 09 Mar 2017 18:09:40 GMT
Etag: &quot;8e4ad760653b81c2a7c2ca623d68ac2f&quot;
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Age: 22030
X-Cache: Hit from cloudfront
Via: 1.1 ac34121093afdc7c5e89263bece028e1.cloudfront.net (CloudFront)
X-Amz-Cf-Id: FNjzdH3nM7dtRkpA48uklECBNsu7-4Al_Br5Y9O-YaPcZArUamxeWg==
GET /runtime/1.20/runtime.gz.css HTTP/1.1

Host: d6uhzlpot4xwe.cloudfront.net

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://spark.adobe.com/page/6jbm7H4Ma8KZr/
 54.192.55.60
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 13187
Connection: keep-alive
Date: Thu, 09 Mar 2017 19:30:45 GMT
Last-Modified: Thu, 09 Mar 2017 18:09:40 GMT
Etag: &quot;1f2cc69e864308f765b7b8de89c0eed4&quot;
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Age: 22294
X-Cache: Hit from cloudfront
Via: 1.1 829eee129e6b5002d6c1a37f04888da1.cloudfront.net (CloudFront)
X-Amz-Cf-Id: VTMW1xcQ5fbNOoGdS-aMoxvyE2b7sYE_5sr-u7Ty3Sryjd-nvs0xfg==
GET /runtime/1.20/themes/crisp.gz.css HTTP/1.1

Host: d6uhzlpot4xwe.cloudfront.net

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://spark.adobe.com/page/6jbm7H4Ma8KZr/
 54.192.55.60
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2990
Connection: keep-alive
Date: Thu, 09 Mar 2017 19:30:45 GMT
Last-Modified: Thu, 09 Mar 2017 18:09:40 GMT
Etag: &quot;966e1cdd6b93b81902c691c1d2e1a714&quot;
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Age: 21853
X-Cache: Hit from cloudfront
Via: 1.1 5f52e505347220cd6b132b1b803e614d.cloudfront.net (CloudFront)
X-Amz-Cf-Id: QF-e42kmR4w_h1qslEllFJH3nEq5beAOuEgQVOqI0qIF7TkvI7swZg==
GET /onz5gap.js HTTP/1.1

Host: use.typekit.net

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://spark.adobe.com/page/6jbm7H4Ma8KZr/
 104.123.133.236
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=600, stale-while-revalidate=604800
Content-Encoding: gzip
Server: nginx
Status: 200 OK
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
Content-Length: 7608
Date: Tue, 21 Mar 2017 01:51:50 GMT
Connection: keep-alive
GET /rbi5aua.js HTTP/1.1

Host: use.typekit.net

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://spark.adobe.com/page/6jbm7H4Ma8KZr/
 104.123.133.236
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=600, stale-while-revalidate=604800
Content-Encoding: gzip
Server: nginx
Status: 200 OK
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
Content-Length: 7825
Date: Tue, 21 Mar 2017 01:51:50 GMT
Connection: keep-alive
POST /ocsp HTTP/1.1

Host: clients1.google.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request
 216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2017 01:51:50 GMT
Expires: Sat, 25 Mar 2017 01:51:50 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
POST / HTTP/1.1

Host: g.symcd.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 102
Content-Type: application/ocsp-request
 23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx/1.10.2
Content-Length: 1377
Content-Transfer-Encoding: binary
Cache-Control: max-age=465838, public, no-transform, must-revalidate
Last-Modified: Sun, 19 Mar 2017 11:14:20 GMT
Expires: Sun, 26 Mar 2017 11:14:20 GMT
Date: Tue, 21 Mar 2017 01:51:50 GMT
Connection: keep-alive
GET /embed/OvW_L8sTu5E?enablejsapi=1 HTTP/1.1

Host: youtube.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://spark.adobe.com/page/6jbm7H4Ma8KZr/
 216.58.211.142
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Location: https://www.youtube.com/embed/OvW_L8sTu5E?enablejsapi=1
Content-Length: 0
Date: Tue, 21 Mar 2017 01:51:50 GMT
Server: YouTubeFrontEnd
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=&quot;:443&quot;; ma=2592000; v=&quot;37,36,35&quot;
GET /embed/OvW_L8sTu5E?enablejsapi=1 HTTP/1.1

Host: www.youtube.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://spark.adobe.com/page/6jbm7H4Ma8KZr/
 216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Expires: Tue, 27 Apr 1971 19:44:06 EST
X-XSS-Protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
P3P: CP=&quot;This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info.&quot;
Content-Encoding: gzip
Cache-Control: no-cache
Date: Tue, 21 Mar 2017 01:51:51 GMT
Server: YouTubeFrontEnd
Set-Cookie: VISITOR_INFO1_LIVE=rbqLR4LQ1Qo; path=/; domain=.youtube.com; expires=Sun, 19-Nov-2017 13:44:51 GMT; httponly VISITOR_INFO1_LIVE=rbqLR4LQ1Qo; path=/; domain=.youtube.com; expires=Sun, 19-Nov-2017 13:44:51 GMT; httponly YSC=k-aGO-vlpkk; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Sun, 19-Nov-2017 13:44:51 GMT
Alt-Svc: quic=&quot;:443&quot;; ma=2592000; v=&quot;37,36,35&quot;
Transfer-Encoding: chunked
GET /runtime/1.20/runtime-prod.gz.js HTTP/1.1

Host: d6uhzlpot4xwe.cloudfront.net

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://spark.adobe.com/page/6jbm7H4Ma8KZr/
 54.192.55.60
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 122309
Connection: keep-alive
Date: Thu, 09 Mar 2017 19:29:17 GMT
Last-Modified: Thu, 09 Mar 2017 18:09:40 GMT
Etag: &quot;bc2ea2303538bb6c4cc2b2723981abb8&quot;
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Age: 22656
X-Cache: Hit from cloudfront
Via: 1.1 5a57d853ab1d61f9038a75f2a12c9421.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 7V7FCZS4H-8RQ6h9kNv8OWAe2karlG1XyZ9jLPDwqCw67PG0gn0d7w==
GET /yts/cssbin/www-embed-player-vfl3RUvbL.css HTTP/1.1

Host: www.youtube.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/OvW_L8sTu5E?enablejsapi=1
Cookie: VISITOR_INFO1_LIVE=rbqLR4LQ1Qo; YSC=k-aGO-vlpkk; PREF=f1=50000000
 216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/css
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Date: Fri, 17 Mar 2017 01:02:30 GMT
Expires: Sat, 17 Mar 2018 01:02:30 GMT
Last-Modified: Thu, 16 Mar 2017 22:33:51 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 45348
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 348561
Alt-Svc: quic=&quot;:443&quot;; ma=2592000; v=&quot;37,36,35&quot;
GET /yts/jsbin/www-embed-player-vfl-eUc82/www-embed-player.js HTTP/1.1

Host: www.youtube.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/OvW_L8sTu5E?enablejsapi=1
Cookie: VISITOR_INFO1_LIVE=rbqLR4LQ1Qo; YSC=k-aGO-vlpkk; PREF=f1=50000000
 216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/javascript
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Date: Fri, 17 Mar 2017 01:02:33 GMT
Expires: Sat, 25 Mar 2017 01:02:33 GMT
Last-Modified: Thu, 16 Mar 2017 19:53:36 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 36986
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=691200
Age: 348558
Alt-Svc: quic=&quot;:443&quot;; ma=2592000; v=&quot;37,36,35&quot;
GET /yts/jsbin/player-en_US-vfl7pRlZI/base.js HTTP/1.1

Host: www.youtube.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/OvW_L8sTu5E?enablejsapi=1
Cookie: VISITOR_INFO1_LIVE=rbqLR4LQ1Qo; YSC=k-aGO-vlpkk; PREF=f1=50000000
 216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/javascript
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Date: Mon, 20 Mar 2017 04:48:51 GMT
Expires: Tue, 28 Mar 2017 04:48:51 GMT
Last-Modified: Mon, 20 Mar 2017 02:53:14 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 409441
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=691200
Age: 75780
Alt-Svc: quic=&quot;:443&quot;; ma=2592000; v=&quot;37,36,35&quot;
POST /ocsp HTTP/1.1

Host: clients1.google.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request
 216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2017 01:51:53 GMT
Expires: Sat, 25 Mar 2017 01:51:53 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
GET /runtime/1.20/images/favicon.ico HTTP/1.1

Host: d6uhzlpot4xwe.cloudfront.net

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
If-Modified-Since: Thu, 09 Mar 2017 18:09:37 GMT
If-None-Match: &quot;7ae025806c645565042826c6a9be5efe&quot;
 54.192.55.60
HTTP/1.1 304 Not Modified
HTTP/1.1 304 Not Modified
Connection: keep-alive
Date: Tue, 21 Mar 2017 01:51:53 GMT
Etag: &quot;7ae025806c645565042826c6a9be5efe&quot;
Server: AmazonS3
Age: 21730
X-Cache: Hit from cloudfront
Via: 1.1 20710af5b67bb4f49570084055f06277.cloudfront.net (CloudFront)
X-Amz-Cf-Id: rVpmKQMHSWprhvlq-3ubPdt-pq3RPGXA93ZHq8a6DSaSiOLgl74xCQ==
GET /pagead/id HTTP/1.1

Host: googleads.g.doubleclick.net

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/OvW_L8sTu5E?enablejsapi=1
Origin: https://www.youtube.com
 172.217.22.162
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
P3P: policyref=&quot;https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml&quot;, CP=&quot;CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR&quot;
Timing-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.youtube.com
Date: Tue, 21 Mar 2017 01:51:54 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename=&quot;f.txt&quot;
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=&quot;googleads.g.doubleclick.net:443&quot;; ma=2592000; v=&quot;37,36,35&quot;,quic=&quot;:443&quot;; ma=2592000; v=&quot;37,36,35&quot;
Transfer-Encoding: chunked
POST /ad_data_204 HTTP/1.1

Host: www.youtube.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
X-YouTube-Client-Name: 1
X-YouTube-Client-Version: 1.20170316
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://www.youtube.com/embed/OvW_L8sTu5E?enablejsapi=1
Content-Length: 613
Cookie: VISITOR_INFO1_LIVE=rbqLR4LQ1Qo; YSC=k-aGO-vlpkk; PREF=f1=50000000
Pragma: no-cache
Cache-Control: no-cache
 216.58.211.142
HTTP/1.1 204 No Content
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Expires: Tue, 27 Apr 1971 19:44:06 EST
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache
Date: Tue, 21 Mar 2017 01:51:54 GMT
Server: YouTubeFrontEnd
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=&quot;:443&quot;; ma=2592000; v=&quot;37,36,35&quot;