| | 65.1.184.49 | 200 OK | 0 B |
URL User Request GET HTTP/1.1IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 May 2024 16:37:27 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Expires: Wed, 08 May 2024 17:37:29 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
X-Frame-Options: SAMEORIGIN
Location: https://65.1.184.49/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| | 65.1.184.49 | 200 OK | 92 kB |
URL User Request GET HTTP/1.1IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeHTML document, ASCII text, with very long lines (37131) Hash9b19adafbcf00004b72f884d09bd5c98 456a56e515d721c4f68f343d2498cdf1aea33b7b 1cb2ea4f143d2de21e3e7323428142395acfb2cc76f8d2c4f987c9e167a4a2a1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:31 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-json/>; rel="https://api.w.org/", <https://65.1.184.49/wp-json/wp/v2/pages/17925>; rel="alternate"; type="application/json", <https://65.1.184.49/>; rel=shortlink
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding
Content-Encoding: br
Cache-Control: max-age=0, no-cache, s-maxage=10
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| www.googletagmanager.com/gtag/js?id=UA-193707898-1 | 142.250.74.72 | | 72 kB |
URL www.googletagmanager.com/gtag/js?id=UA-193707898-1 IP142.250.74.72:0
File typeJavaScript source, ASCII text, with very long lines (1822) Hasha4a68bbc320fc962a3f6607580a744a0 11662715176dc8d0e98a903159547e7e2d45fcd7 907197cb7f093fc6a5ffc431fa39e2438e0f54fe154a28985ed1b267ff43150e
GET /gtag/js?id=UA-193707898-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 16:37:33 GMT
expires: Wed, 08 May 2024 16:37:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 65.1.184.49/wp-content/themes/houzez/js/houzez-instant-page.js | 65.1.184.49 | 200 OK | 898 B |
URL GET HTTP/1.165.1.184.49/wp-content/themes/houzez/js/houzez-instant-page.js IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeASCII text, with very long lines (2269) Hash1a3be845085b8d94a2997a3a472feb42 bca8b08e62be2f0cb66455ac325dc560987dd455 6f0ad9f3ff31904d6a4962296240ac2afa342ab957442389db0d04a33b40ef78
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/houzez/js/houzez-instant-page.js HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 18 Dec 2021 14:58:31 GMT
ETag: "934-5d36ce38c1cb2-br"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Cache-Control: s-maxage=10
Content-Length: 898
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15740, version 1.0 Hashb9c29351c46f3e8c8631c4002457f48a e57e59c5780995ff2937ab2b511a769212974a87 f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://65.1.184.49
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:32:46 GMT
expires: Fri, 02 May 2025 02:32:46 GMT
cache-control: public, max-age=31536000
age: 569087
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://65.1.184.49
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:03:54 GMT
expires: Fri, 02 May 2025 02:03:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 570819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2 | 216.58.207.227 | 200 OK | 18 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 17508, version 1.0 Hash7fbdfaab6bd8b191496ffe1ef1b9e748 e9e592f8498d489d8000f3a4cfb1bb447f251edd bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://65.1.184.49
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17508
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:18 GMT
expires: Fri, 02 May 2025 01:53:18 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
age: 571455
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic&subset=latin&display=swap | 142.250.74.106 | 200 OK | 1.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic&subset=latin&display=swap IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash929e93210683cfbfb75138a62bf4b1c8 665d5a0c0651990ef80765c90032faa9de8dfab5 7e8aab148e9b92e25a7596e9e23aba98684a44fe76ad25fa3e5413ca2bbcc512
GET /css?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic&subset=latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 16:37:33 GMT
date: Wed, 08 May 2024 16:37:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 65.1.184.49/wp-content/themes/houzez/fonts/houzez-iconfont.ttf?jd28ud | 65.1.184.49 | 200 OK | 34 kB |
URL GET HTTP/1.165.1.184.49/wp-content/themes/houzez/fonts/houzez-iconfont.ttf?jd28ud IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, houzez-iconfont Hashb74a8bd2d488f0bbc99fa6e2caf7dc58 d4db3d46ca01250935b2dc160f303dfd56b6e460 213ec8abf9caf3452f6e58f7c3a446871afc90dd3dea0b741873d34447437de4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/houzez/fonts/houzez-iconfont.ttf?jd28ud HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 18 Dec 2021 14:58:31 GMT
ETag: "8428-5d36ce38b9fb4"
Accept-Ranges: bytes
Content-Length: 33832
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/ttf
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://65.1.184.49
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 371336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:0
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://65.1.184.49
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 571353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-EVXJYXF793&l=dataLayer&cx=c | 142.250.74.72 | | 103 kB |
URL www.googletagmanager.com/gtag/js?id=G-EVXJYXF793&l=dataLayer&cx=c IP142.250.74.72:0
File typeJavaScript source, ASCII text, with very long lines (7711) Size103 kB (102642 bytes) Hash06b69910bba5400a658fbf18c1090c39 21dea94d6a48220adf449b4bd51a665f405dabff 186b7a0c4e0f91c98821e708220b6f2d26510894753b21fa3c2bc35843e367b6
GET /gtag/js?id=G-EVXJYXF793&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 16:37:33 GMT
expires: Wed, 08 May 2024 16:37:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102642
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 65.1.184.49/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0 | 65.1.184.49 | 200 OK | 92 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0 IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 92216, version 1.0 Hash70ffaa0b941707c09d1cbf69280d1424 fc3d9db08411484861c93dfe7c257bff8fe13b74 41e3c2c7e1af8d05bd4195d6241a16334583d6280f4ab41209aa3880bea50994
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0 HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 10 Feb 2022 09:17:58 GMT
ETag: "16838-5d7a66d205cc6"
Accept-Ranges: bytes
Content-Length: 92216
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| myevent.deals/wp-content/uploads/2021/09/FINAL-MED-Navigation2.jpg | 188.114.97.1 | | 16 kB |
URL myevent.deals/wp-content/uploads/2021/09/FINAL-MED-Navigation2.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x215, components 3 Hash7b15a08e4dd35cb0b018f7b335d7fc69 04dc27bdea6047cc3e8769379ab38c92ac2adbe5 3454ae8f2101df6089411359eec30f560e4a60a3bc4a88952c6e9b9cf0b27016
GET /wp-content/uploads/2021/09/FINAL-MED-Navigation2.jpg HTTP/1.1
Host: myevent.deals
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:37:34 GMT
content-type: image/jpeg
content-length: 16106
x-frame-options: SAMEORIGIN
x-original-content-length: 52362
etag: W/"PSA-aj-exWgjk3TXL"
expires: Wed, 08 May 2024 16:42:18 GMT
cache-control: max-age=14400
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KuSX1rIlNyAzEesgVX%2FUgczRmABA1gRo3AOYBQ8Vv8VM16lNL3m%2B%2Bad0KNTrB05TkJf3Mm4crtFwpwrminmOrh5KOHl%2BA0frUzA2Wgm8IViMV0PcuVog0OK8Aed22wDf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ae0068ba3712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-EVXJYXF793>m=45je4510v886978596za200&_p=1715186253429&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1304848229.1715186254&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715186253&sct=1&seg=0&dl=https%3A%2F%2F65.1.184.49%2F&dt=MyEvent.Deals%3A%20India%27s%20First%20Event%20Marketplace%20%26%20Management%20Company&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3773 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-EVXJYXF793>m=45je4510v886978596za200&_p=1715186253429&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1304848229.1715186254&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715186253&sct=1&seg=0&dl=https%3A%2F%2F65.1.184.49%2F&dt=MyEvent.Deals%3A%20India%27s%20First%20Event%20Marketplace%20%26%20Management%20Company&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3773 IP216.239.34.36:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-EVXJYXF793>m=45je4510v886978596za200&_p=1715186253429&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1304848229.1715186254&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715186253&sct=1&seg=0&dl=https%3A%2F%2F65.1.184.49%2F&dt=MyEvent.Deals%3A%20India%27s%20First%20Event%20Marketplace%20%26%20Management%20Company&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3773 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://65.1.184.49
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://65.1.184.49
date: Wed, 08 May 2024 16:37:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EVXJYXF793&cid=1304848229.1715186254>m=45je4510v886978596za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=66347375 | 172.217.21.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EVXJYXF793&cid=1304848229.1715186254>m=45je4510v886978596za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=66347375 IP172.217.21.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EVXJYXF793&cid=1304848229.1715186254>m=45je4510v886978596za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=66347375 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 16:37:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| myevent.deals/wp-content/uploads/2021/06/App-icon-MED.png | 188.114.97.1 | | 9.0 kB |
URL myevent.deals/wp-content/uploads/2021/06/App-icon-MED.png IP188.114.97.1:0
File typePNG image data, 192 x 192, 8-bit colormap, non-interlaced Hash458eac79bec26f11f63b9cbb207e90c9 7bf650e61df91ccfb93d6549cc2ae67e17bb5245 720be1f2a0fd73f9fb7dc2f7fd81c00bccb8cd9f7e9017a5eb60d02d23b0a8e5
GET /wp-content/uploads/2021/06/App-icon-MED.png HTTP/1.1
Host: myevent.deals
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:37:35 GMT
content-type: image/png
content-length: 8998
x-frame-options: SAMEORIGIN
last-modified: Sun, 06 Jun 2021 08:07:13 GMT
etag: "2326-5c414699255ec"
cache-control: max-age=14400, s-maxage=10
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FERIIbUEupmYnLeudu17kybSPPol2NUJgjSV6J7MJFNbFg67IxNcg4TPnCVi%2B9QAtJp5VU1Tj6a3WSea9IM9gPjAOS%2BvCpU9dOQbFRE%2FPd2pl0WxN5AKT5DLnc1exD7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ae011be2a5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNCUyRml0Yy1ncmFuZC1iaGFyYXQucG5nJmNhY2hlTWFya2VyPTE2MjE4OTE5MjYtMTAzODM2JnRva2VuPTdmNWEyZTExMDVkM2MyNzM.q.png | 65.1.184.49 | 200 OK | 32 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNCUyRml0Yy1ncmFuZC1iaGFyYXQucG5nJmNhY2hlTWFya2VyPTE2MjE4OTE5MjYtMTAzODM2JnRva2VuPTdmNWEyZTExMDVkM2MyNzM.q.png IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 600x360, Scaling: [none]x[none], YUV color, decoders should clamp Hashb671c291aa3749e439db717eef283bfe 4ee060e86e48f8ee8dce18d199a513025cd6a8f3 73447a5b2c5956cd088a740eb33091e5b946048209440ac668aae8f8ba8d36be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNCUyRml0Yy1ncmFuZC1iaGFyYXQucG5nJmNhY2hlTWFya2VyPTE2MjE4OTE5MjYtMTAzODM2JnRva2VuPTdmNWEyZTExMDVkM2MyNzM.q.png HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:33 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/04/itc-grand-bharat.png>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:36 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "d9fe91c991c04c43e919338fb05dd22b"
Last-Modified: Wed, 08 May 2024 16:37:36 GMT
Content-Length: 32510
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjUtMTAyNHg0NTguanBnJmNhY2hlTWFya2VyPTE2MjM1MjE2MjQtMTAxMDEzJnRva2VuPTIwODY4YzI0ZjJlODYxNjU.q.jpg | 65.1.184.49 | 200 OK | 41 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjUtMTAyNHg0NTguanBnJmNhY2hlTWFya2VyPTE2MjM1MjE2MjQtMTAxMDEzJnRva2VuPTIwODY4YzI0ZjJlODYxNjU.q.jpg IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1024x458, Scaling: [none]x[none], YUV color, decoders should clamp Hash57310230d91bb99c95950344b3a2246e 4ff53b6ef6405b9dacb5124011b83759c0dbec21 1ec6c45c1a280b86191acc47ea4a31911707bd7a1a6bc2aed4885350fdde397f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjUtMTAyNHg0NTguanBnJmNhY2hlTWFya2VyPTE2MjM1MjE2MjQtMTAxMDEzJnRva2VuPTIwODY4YzI0ZjJlODYxNjU.q.jpg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:34 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/06/5-1024x458.jpg>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:36 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "673326f9112b0e6c9ce3e52c2eec803a"
Last-Modified: Wed, 08 May 2024 16:37:36 GMT
Content-Length: 40954
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNyUyRmFsaS5qcGcmY2FjaGVNYXJrZXI9MTYyNjMzMDQ2NS0xMzEwMTcmdG9rZW49YWZmYTZkNmU0YjcwOWE2Mg.q.jpg | 65.1.184.49 | 200 OK | 83 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNyUyRmFsaS5qcGcmY2FjaGVNYXJrZXI9MTYyNjMzMDQ2NS0xMzEwMTcmdG9rZW49YWZmYTZkNmU0YjcwOWE2Mg.q.jpg IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 959x543, Scaling: [none]x[none], YUV color, decoders should clamp Hash49641e2cf0609db2f9099307b451bb7d a142b8d284718ca1b72c8727aa9ece83879ddb67 089aa5b934c7504fcdd03fa811f2a52a4951d288bf1fdbb5f0f34a8ab3614fe3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNyUyRmFsaS5qcGcmY2FjaGVNYXJrZXI9MTYyNjMzMDQ2NS0xMzEwMTcmdG9rZW49YWZmYTZkNmU0YjcwOWE2Mg.q.jpg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:33 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/07/ali.jpg>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:36 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "607edc27cab78c6b6123bc487ebd9ef0"
Last-Modified: Wed, 08 May 2024 16:37:36 GMT
Content-Length: 82708
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/uploads/2021/04/FINAL-MED-Favicon-Copy.png | 65.1.184.49 | | 4.6 kB |
URL 65.1.184.49/wp-content/uploads/2021/04/FINAL-MED-Favicon-Copy.png IP65.1.184.49:0
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typePNG image data, 110 x 110, 8-bit colormap, non-interlaced Hash2c004dce4aa9bee5cd81dbaa21096ec0 65793a777fd58fe41a8c06217c9b6b81b020d0a5 a5b0501511a97ee936c9aaf95466284d5538af83aecebda168497baeeaa2535f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/04/FINAL-MED-Favicon-Copy.png HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Cookie: _ga_EVXJYXF793=GS1.1.1715186253.1.0.1715186253.60.0.0; _ga=GA1.1.1304848229.1715186254
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 24 May 2021 08:39:10 GMT
ETag: "11d1-5c30f57ef845b"
Accept-Ranges: bytes
Content-Length: 4561
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjItNi5qcGcmY2FjaGVNYXJrZXI9MTYyMzUyMTYwOC03NDM2NSZ0b2tlbj04MTcwZDcwNzkwNzUyNmI5.q.jpg | 65.1.184.49 | 200 OK | 74 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjItNi5qcGcmY2FjaGVNYXJrZXI9MTYyMzUyMTYwOC03NDM2NSZ0b2tlbj04MTcwZDcwNzkwNzUyNmI5.q.jpg IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 750x500, Scaling: [none]x[none], YUV color, decoders should clamp Hashde79cfe0cef95ea7c525ee694e4edc0b 04ff8d070a01c0c6acf0414b0ae49e572d9dfc67 2eae9ddc52c9ff6e49dcae975f8fb44e25abf44001c1c29b53a6c491c24d32d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjItNi5qcGcmY2FjaGVNYXJrZXI9MTYyMzUyMTYwOC03NDM2NSZ0b2tlbj04MTcwZDcwNzkwNzUyNmI5.q.jpg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:33 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/06/2-6.jpg>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:36 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "e2209ba8d80d652645b6213c6558efb8"
Last-Modified: Wed, 08 May 2024 16:37:36 GMT
Content-Length: 74164
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRnZlbnVlaW1hZ2UuanBnJmNhY2hlTWFya2VyPTE2MjE5ODg1MTEtMTAzNzEyJnRva2VuPWNkYWFiZmI4OWNiYjRmOGE.q.jpg | 65.1.184.49 | 200 OK | 54 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRnZlbnVlaW1hZ2UuanBnJmNhY2hlTWFya2VyPTE2MjE5ODg1MTEtMTAzNzEyJnRva2VuPWNkYWFiZmI4OWNiYjRmOGE.q.jpg IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 721x495, Scaling: [none]x[none], YUV color, decoders should clamp Hash411a9c8367d49faff679705be6f32465 ea4557695534b5e77c51950fa8dccff7c602de69 64e7fece484ed611a90f250494f9b9fe1e182188ddde51792ec7a8ee264751ce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRnZlbnVlaW1hZ2UuanBnJmNhY2hlTWFya2VyPTE2MjE5ODg1MTEtMTAzNzEyJnRva2VuPWNkYWFiZmI4OWNiYjRmOGE.q.jpg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:33 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/05/venueimage.jpg>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:36 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "db57a7df8fa6ecab3b9c1b8af4700a66"
Last-Modified: Wed, 08 May 2024 16:37:36 GMT
Content-Length: 53612
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9MDRBZ0MtOFlJelUmcj0yZzM2aEFUNGRBcyZyPTNUTGs2MEl2Nkd3JnI9NTNmZWNlSllhRFEmcj1BUUhkSFcwV1FBMCZyPUVSZldTUVpsaHFvJnI9WTkyMXhDVXE2LTQmcj1mQVJENVY5U01layZyPWtQWHdZcFkwaWlzJnI9dGtwbVBRSkI4M1Emcj12QXhmNDZEWHM2VQ.q.js | 65.1.184.49 | 200 OK | 147 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9MDRBZ0MtOFlJelUmcj0yZzM2aEFUNGRBcyZyPTNUTGs2MEl2Nkd3JnI9NTNmZWNlSllhRFEmcj1BUUhkSFcwV1FBMCZyPUVSZldTUVpsaHFvJnI9WTkyMXhDVXE2LTQmcj1mQVJENVY5U01layZyPWtQWHdZcFkwaWlzJnI9dGtwbVBRSkI4M1Emcj12QXhmNDZEWHM2VQ.q.js IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
Size147 kB (146846 bytes) Hashe9d059876cbbabcba5f3d4bd70abffe0 f9f85fb43595b4670d86ec07538e0c7ae2ef2793 43055a79196b2fedd7e128a077ebf777cb72be6c77bf3dff36dfecb5ea7dc7f7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9MDRBZ0MtOFlJelUmcj0yZzM2aEFUNGRBcyZyPTNUTGs2MEl2Nkd3JnI9NTNmZWNlSllhRFEmcj1BUUhkSFcwV1FBMCZyPUVSZldTUVpsaHFvJnI9WTkyMXhDVXE2LTQmcj1mQVJENVY5U01layZyPWtQWHdZcFkwaWlzJnI9dGtwbVBRSkI4M1Emcj12QXhmNDZEWHM2VQ.q.js HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:33 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Content-Encoding: gzip
Vary: Accept-Encoding
Expires: Thu, 08 May 2025 16:37:36 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "f6491467423ba2b0465710a9df4e67fd"
Last-Modified: Wed, 08 May 2024 16:37:36 GMT
Cache-Control: max-age=31536000, s-maxage=10
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/plain;charset=UTF-8
|
|
| css.xjsx.lol/js/pub.min.js | 184.154.10.250 | 200 OK | 1.5 kB |
URL GET HTTP/2css.xjsx.lol/js/pub.min.js IP184.154.10.250:443
CertificateIssuerLet's Encrypt Subjectcss.xjsx.lol Fingerprint6E:CF:38:B4:22:2E:DB:7C:7A:6E:6D:E5:E1:CE:D1:95:98:88:E8:9A ValidityFri, 12 Apr 2024 03:20:43 GMT - Thu, 11 Jul 2024 03:20:42 GMT
File typeJavaScript source, ASCII text, with very long lines (2752) Hash842d4889c73f6664245d70112389026a 3f5d934289e1acfebce633760640881a81ac8299 99f43e50f4179af4ebf4c93668866d5a5607914fa0a5daa087354c3159d3fa03
GET /js/pub.min.js HTTP/1.1
Host: css.xjsx.lol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 16:37:37 GMT
content-type: application/javascript
content-length: 1482
last-modified: Fri, 11 Aug 2023 10:37:03 GMT
vary: Accept-Encoding
etag: "64d60f4f-5ca"
content-encoding: gzip
expires: Thu, 09 May 2024 16:37:37 GMT
cache-control: max-age=86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=604800; persist=1
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRkdPQS0yLmpwZyZjYWNoZU1hcmtlcj0xNjIxOTg4NDEyLTQ0ODI0JnRva2VuPTYwMGE5YTJmNWUyMjAwNDU.q.jpg | 65.1.184.49 | 200 OK | 24 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRkdPQS0yLmpwZyZjYWNoZU1hcmtlcj0xNjIxOTg4NDEyLTQ0ODI0JnRva2VuPTYwMGE5YTJmNWUyMjAwNDU.q.jpg IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 512x341, Scaling: [none]x[none], YUV color, decoders should clamp Hashc8f4efc97ac720ed1022c38e8b531bed c36e84325603ae51db990a4ac0c440e8654ff5d3 e1588dbec62a42c0ab4c48440122b97a0783b9817f5afb6dd0808645ff640a6d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRkdPQS0yLmpwZyZjYWNoZU1hcmtlcj0xNjIxOTg4NDEyLTQ0ODI0JnRva2VuPTYwMGE5YTJmNWUyMjAwNDU.q.jpg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:36 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/05/GOA-2.jpg>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:38 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "b8d987e0cf66a17fb55ad9f908a89c11"
Last-Modified: Wed, 08 May 2024 16:37:38 GMT
Content-Length: 23910
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRmRlbGhpLTIuanBnJmNhY2hlTWFya2VyPTE2MjE5ODg0MTgtMTE3MTMyJnRva2VuPTU4MTAzMmNlZjY2ZmNiY2I.q.jpg | 65.1.184.49 | | 53 kB |
URL 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRmRlbGhpLTIuanBnJmNhY2hlTWFya2VyPTE2MjE5ODg0MTgtMTE3MTMyJnRva2VuPTU4MTAzMmNlZjY2ZmNiY2I.q.jpg IP65.1.184.49:0
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 770x574, Scaling: [none]x[none], YUV color, decoders should clamp Hashf7f6574801cc5065938b0b83cddf436a 95b7748a38f571d7285ab840c41e0c14a15ac565 4bdc6d7fa0ba14a116412bbf257899e49d7c5bc732dc468ef91a24a75c92221d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRmRlbGhpLTIuanBnJmNhY2hlTWFya2VyPTE2MjE5ODg0MTgtMTE3MTMyJnRva2VuPTU4MTAzMmNlZjY2ZmNiY2I.q.jpg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/05/delhi-2.jpg>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:38 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "89a541d738042b0cf11731f4ee1145a8"
Last-Modified: Wed, 08 May 2024 16:37:38 GMT
Content-Length: 53040
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRldlbGNvbWUtQm9hcmQtMTgtNTkyeDQ0NC5qcGVnJmNhY2hlTWFya2VyPTE2MjUyMTQ0MDktMzQxMTc3JnRva2VuPWMyMThmNWY2N2ZmYTNkYWI.q.jpeg | 65.1.184.49 | 200 OK | 41 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRldlbGNvbWUtQm9hcmQtMTgtNTkyeDQ0NC5qcGVnJmNhY2hlTWFya2VyPTE2MjUyMTQ0MDktMzQxMTc3JnRva2VuPWMyMThmNWY2N2ZmYTNkYWI.q.jpeg IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 592x444, Scaling: [none]x[none], YUV color, decoders should clamp Hash353826521b3711a1512bd70adc390d66 1f5efcd04bb6553f073bf828c24ffe4701eba9cc 8cb45d8be3184c332690e1f575968becfc247d01740eef606982dee6eb6e8dd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRldlbGNvbWUtQm9hcmQtMTgtNTkyeDQ0NC5qcGVnJmNhY2hlTWFya2VyPTE2MjUyMTQ0MDktMzQxMTc3JnRva2VuPWMyMThmNWY2N2ZmYTNkYWI.q.jpeg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/06/Welcome-Board-18-592x444.jpeg>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:38 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "cfeb41cc34b4c1bb1fbc937ead45f4ce"
Last-Modified: Wed, 08 May 2024 16:37:38 GMT
Content-Length: 41316
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/themes/houzez/fonts/houzez-iconfont.ttf?jd28ud | 65.1.184.49 | 200 OK | 34 kB |
URL GET HTTP/1.165.1.184.49/wp-content/themes/houzez/fonts/houzez-iconfont.ttf?jd28ud IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, houzez-iconfont Hashb74a8bd2d488f0bbc99fa6e2caf7dc58 d4db3d46ca01250935b2dc160f303dfd56b6e460 213ec8abf9caf3452f6e58f7c3a446871afc90dd3dea0b741873d34447437de4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/houzez/fonts/houzez-iconfont.ttf?jd28ud HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Cookie: _ga_EVXJYXF793=GS1.1.1715186253.1.0.1715186253.60.0.0; _ga=GA1.1.1304848229.1715186254
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:38 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 18 Dec 2021 14:58:31 GMT
ETag: "8428-5d36ce38b9fb4"
Accept-Ranges: bytes
Content-Length: 33832
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/ttf
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRkpBSVBVUi0zLmpwZyZjYWNoZU1hcmtlcj0xNjIxOTg4NDc1LTExNjgwMiZ0b2tlbj05ZTljZjNjMDJlYzg3Zjg5.q.jpg | 65.1.184.49 | 200 OK | 68 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRkpBSVBVUi0zLmpwZyZjYWNoZU1hcmtlcj0xNjIxOTg4NDc1LTExNjgwMiZ0b2tlbj05ZTljZjNjMDJlYzg3Zjg5.q.jpg IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 670x433, Scaling: [none]x[none], YUV color, decoders should clamp Hash9f69c1e942e196328d7819b4a5679fee 2a18ee7c152eee9657970d6ddc8289b77deabea2 6bfb565832e44578bc17a4abb137b09cf89011029fd08b7b5475ca955d600ca1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRkpBSVBVUi0zLmpwZyZjYWNoZU1hcmtlcj0xNjIxOTg4NDc1LTExNjgwMiZ0b2tlbj05ZTljZjNjMDJlYzg3Zjg5.q.jpg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/05/JAIPUR-3.jpg>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:38 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "40bb0a560354501e3b6108ef6c0b68d5"
Last-Modified: Wed, 08 May 2024 16:37:38 GMT
Content-Length: 68508
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRmFncmEtNC5qcGcmY2FjaGVNYXJrZXI9MTYyMTk4ODQzOC0xMTE0NDUmdG9rZW49ZWM4YTdjNDI4NDQ4YmQ5Ng.q.jpg | 65.1.184.49 | 200 OK | 81 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRmFncmEtNC5qcGcmY2FjaGVNYXJrZXI9MTYyMTk4ODQzOC0xMTE0NDUmdG9rZW49ZWM4YTdjNDI4NDQ4YmQ5Ng.q.jpg IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 821x900, Scaling: [none]x[none], YUV color, decoders should clamp Hashc7a12486b2ad7c0ac52c76b55ea7ed54 9b6b84192b3b61a81ef3553bd7ead56f1b5e022e 491b0b68d44e105ced3c04c9e9bc60cda026930c82a09f7bddd39abefcc9465e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNSUyRmFncmEtNC5qcGcmY2FjaGVNYXJrZXI9MTYyMTk4ODQzOC0xMTE0NDUmdG9rZW49ZWM4YTdjNDI4NDQ4YmQ5Ng.q.jpg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/05/agra-4.jpg>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:38 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "dbcab0892598072f28bf8dc0588de398"
Last-Modified: Wed, 08 May 2024 16:37:38 GMT
Content-Length: 80860
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjItNy5qcGcmY2FjaGVNYXJrZXI9MTYyMzUyMTY0MS0xMjExMTgmdG9rZW49YWM5YjU1OGZhM2VhMGRmNA.q.jpg | 65.1.184.49 | 200 OK | 89 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjItNy5qcGcmY2FjaGVNYXJrZXI9MTYyMzUyMTY0MS0xMjExMTgmdG9rZW49YWM5YjU1OGZhM2VhMGRmNA.q.jpg IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 728x485, Scaling: [none]x[none], YUV color, decoders should clamp Hash4ecbeca3651bf25869cf6325c02a81ea 9513d70ca38408904f9171fdeaec31575dedf103 9a03434a76ee052bf8ea92634eef2f4b869fef4881cee51efd2007377015e6d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjItNy5qcGcmY2FjaGVNYXJrZXI9MTYyMzUyMTY0MS0xMjExMTgmdG9rZW49YWM5YjU1OGZhM2VhMGRmNA.q.jpg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:37 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/06/2-7.jpg>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:38 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "dc501a3095d89b14bbe2ca8b3abf06a9"
Last-Modified: Wed, 08 May 2024 16:37:38 GMT
Content-Length: 89438
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0 | 65.1.184.49 | 200 OK | 92 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0 IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 92216, version 1.0 Hash70ffaa0b941707c09d1cbf69280d1424 fc3d9db08411484861c93dfe7c257bff8fe13b74 41e3c2c7e1af8d05bd4195d6241a16334583d6280f4ab41209aa3880bea50994
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0 HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Cookie: _ga_EVXJYXF793=GS1.1.1715186253.1.0.1715186253.60.0.0; _ga=GA1.1.1304848229.1715186254
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:38 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 10 Feb 2022 09:17:58 GMT
ETag: "16838-5d7a66d205cc6"
Accept-Ranges: bytes
Content-Length: 92216
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 65.1.184.49/superpwa-manifest.json | 65.1.184.49 | | 342 B |
URL 65.1.184.49/superpwa-manifest.json IP65.1.184.49:0
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
Hash4d136bcce37cd2039fe6d3e474afa4ee df62fb49913f2f0cc185b8f1a0846e085027963a 756109ec820e61f4a9ffc800db85308803c536a9be9aadc79127d37f6e8f8f05
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /superpwa-manifest.json HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Cookie: _ga_EVXJYXF793=GS1.1.1715186253.1.0.1715186253.60.0.0; _ga=GA1.1.1304848229.1715186254
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:38 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 342
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/json
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2/VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwOCUyRldoYXRzQXBwLUltYWdlLTIwMjEtMDgtMDctYXQtMS40OS41NS1QTS01OTJ4NDQ0LmpwZWcmY2FjaGVNYXJrZXI9MTYyOTAyODcxNS0zMzY0MzAmdG9rZW49Y2U4MWJiNzE1YmI5ODI1Yg.q.jpeg | 65.1.184.49 | 200 OK | 43 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2/VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwOCUyRldoYXRzQXBwLUltYWdlLTIwMjEtMDgtMDctYXQtMS40OS41NS1QTS01OTJ4NDQ0LmpwZWcmY2FjaGVNYXJrZXI9MTYyOTAyODcxNS0zMzY0MzAmdG9rZW49Y2U4MWJiNzE1YmI5ODI1Yg.q.jpeg IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 592x444, Scaling: [none]x[none], YUV color, decoders should clamp Hash9c6844945051404fa9cdc78ac84a06ff de710dec909df3d5304d1cbc0ef88649e092c280 2f8ccabcbdcf9e6fddb30253df670d775233619b77c76f6b1e73571262c2f448
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2/VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwOCUyRldoYXRzQXBwLUltYWdlLTIwMjEtMDgtMDctYXQtMS40OS41NS1QTS01OTJ4NDQ0LmpwZWcmY2FjaGVNYXJrZXI9MTYyOTAyODcxNS0zMzY0MzAmdG9rZW49Y2U4MWJiNzE1YmI5ODI1Yg.q.jpeg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:38 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/08/WhatsApp-Image-2021-08-07-at-1.49.55-PM-592x444.jpeg>; rel="canonical"
Vary: Accept
Cache-Control: max-age=31536000
Expires: Thu, 08 May 2025 16:37:39 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "f25c11a0bb791bc122a57a8dda10a7fc"
Last-Modified: Wed, 08 May 2024 16:37:39 GMT
Content-Length: 43218
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9LWZrb1NMQWVFT2Mmcj0yWVRBNnMxYzFxdyZyPUFCdlFEc1Y0bGlvJnI9QlIwT1g3bGtuQ3cmcj1CX243cndORTFuVSZyPUJiVnVWZnZvOUd3JnI9S1JmVEVOU3NjVHcmcj1QLW9sdEJSaFpyRSZyPVF1c0dfaTJzQ1YwJnI9UktSa0NyRFBIWDAmcj1UNE1mbG/VtdThvbyZyPVRwRF9KbFo2NXFRJnI9Vkh2YW56dHV4TWcmcj1XM28zOUFJVjQ4dyZyPVdWM1cwNzBtNjR3JnI9WTgwNmowVzQ0Qzgmcj1ZYkpQT09UY2JPWSZyPWJiMko0QTBwMUZBJnI9aEk2RjdzcndKQ0Umcj1oblN2RlFXQ0x3TSZyPW5TVTc0bEhtS0ZFJnI9cHdhOGZFNmNNWWsmcj1yOEt2SVpVc1Z2dyZyPXRmQmkybWZta3lR.q.js | 65.1.184.49 | 200 OK | 371 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9LWZrb1NMQWVFT2Mmcj0yWVRBNnMxYzFxdyZyPUFCdlFEc1Y0bGlvJnI9QlIwT1g3bGtuQ3cmcj1CX243cndORTFuVSZyPUJiVnVWZnZvOUd3JnI9S1JmVEVOU3NjVHcmcj1QLW9sdEJSaFpyRSZyPVF1c0dfaTJzQ1YwJnI9UktSa0NyRFBIWDAmcj1UNE1mbG/VtdThvbyZyPVRwRF9KbFo2NXFRJnI9Vkh2YW56dHV4TWcmcj1XM28zOUFJVjQ4dyZyPVdWM1cwNzBtNjR3JnI9WTgwNmowVzQ0Qzgmcj1ZYkpQT09UY2JPWSZyPWJiMko0QTBwMUZBJnI9aEk2RjdzcndKQ0Umcj1oblN2RlFXQ0x3TSZyPW5TVTc0bEhtS0ZFJnI9cHdhOGZFNmNNWWsmcj1yOEt2SVpVc1Z2dyZyPXRmQmkybWZta3lR.q.js IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
Size371 kB (371233 bytes) Hash1693ba9dee4fc86f112f25b704474ce8 4a70c5a97d5d8bfaa7a88bb445a83709fcaa11de fa919b592fb80d1881d3e19d433fa13a295543fad87342415d18f472a375ca62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9LWZrb1NMQWVFT2Mmcj0yWVRBNnMxYzFxdyZyPUFCdlFEc1Y0bGlvJnI9QlIwT1g3bGtuQ3cmcj1CX243cndORTFuVSZyPUJiVnVWZnZvOUd3JnI9S1JmVEVOU3NjVHcmcj1QLW9sdEJSaFpyRSZyPVF1c0dfaTJzQ1YwJnI9UktSa0NyRFBIWDAmcj1UNE1mbG/VtdThvbyZyPVRwRF9KbFo2NXFRJnI9Vkh2YW56dHV4TWcmcj1XM28zOUFJVjQ4dyZyPVdWM1cwNzBtNjR3JnI9WTgwNmowVzQ0Qzgmcj1ZYkpQT09UY2JPWSZyPWJiMko0QTBwMUZBJnI9aEk2RjdzcndKQ0Umcj1oblN2RlFXQ0x3TSZyPW5TVTc0bEhtS0ZFJnI9cHdhOGZFNmNNWWsmcj1yOEt2SVpVc1Z2dyZyPXRmQmkybWZta3lR.q.js HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Cookie: _ga_EVXJYXF793=GS1.1.1715186253.1.0.1715186253.60.0.0; _ga=GA1.1.1304848229.1715186254
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:38 GMT
Server: Apache
X-Powered-By: PHP/7.4.15
Content-Encoding: gzip
Vary: Accept-Encoding
Expires: Thu, 08 May 2025 16:37:39 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "972b50fd8b1606664e8e59dd705fc0c7"
Last-Modified: Wed, 08 May 2024 16:37:39 GMT
Cache-Control: max-age=31536000, s-maxage=10
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/plain;charset=UTF-8
|
|
| www.googletagmanager.com/gtm.js?id=GTM-NGNJ79N | 142.250.74.72 | | 86 kB |
URL www.googletagmanager.com/gtm.js?id=GTM-NGNJ79N IP142.250.74.72:0
File typeJavaScript source, ASCII text, with very long lines (6415) Hash69b1b4f1004876fe3caa087dfe1d9a51 af79c560f90b7224f861c3bf1c879676094277b1 d3b49067a50a25c109a2434eadc5d65ba44c77ef3f3a95c8a98b75ad9ec1d14f
GET /gtm.js?id=GTM-NGNJ79N HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 16:37:40 GMT
expires: Wed, 08 May 2024 16:37:40 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85705
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 | 216.58.207.227 | | 12 kB |
URL fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 IP216.58.207.227:0
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11800, version 1.0 Hashe36fccd06262bef92e7a9841e2202225 b907dd02819497b3942220e0aa160c167195506b 7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://65.1.184.49
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:50:51 GMT
expires: Fri, 02 May 2025 01:50:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
age: 571609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjZiYzI2MmYzMDc1MTQ2ODlhM2FiOTIzODA4MmEwYjUxLmpwZyZjYWNoZU1hcmtlcj0xNjIzNTIyNDk3LTE3OTExMyZ0b2tlbj04Y2NkNTNlMzAzYjE0N2Ni.q.jpg | 65.1.184.49 | 200 OK | 79 kB |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjZiYzI2MmYzMDc1MTQ2ODlhM2FiOTIzODA4MmEwYjUxLmpwZyZjYWNoZU1hcmtlcj0xNjIzNTIyNDk3LTE3OTExMyZ0b2tlbj04Y2NkNTNlMzAzYjE0N2Ni.q.jpg IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1000x667, Scaling: [none]x[none], YUV color, decoders should clamp Hash1132f7a0cb84e56d34fc288b9e913f90 26d1848f4416eea1a63be238b4f993f1bd39f825 984aa33ee22da84797a2eba98062d401356a417d85ba5c0231c3f1cc8714f175
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMjElMkYwNiUyRjZiYzI2MmYzMDc1MTQ2ODlhM2FiOTIzODA4MmEwYjUxLmpwZyZjYWNoZU1hcmtlcj0xNjIzNTIyNDk3LTE3OTExMyZ0b2tlbj04Y2NkNTNlMzAzYjE0N2Ni.q.jpg HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Cookie: _ga_EVXJYXF793=GS1.1.1715186253.1.0.1715186253.60.0.0; _ga=GA1.1.1304848229.1715186254
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:40 GMT
Server: Apache
Content-Length: 78986
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/uploads/2021/06/6bc262f307514689a3ab9238082a0b51.jpg>; rel="canonical"
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
X-Original-Content-Length: 82520
Etag: W/"PSA-aj-ETL3oMuE5W"
Expires: Thu, 08 May 2025 16:37:31 GMT
Cache-Control: max-age=31535990
X-Content-Type-Options: nosniff, nosniff
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/webp
|
|
| www.googletagmanager.com/gtag/js?id=AW-300895111 | 142.250.74.72 | 200 OK | 81 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=AW-300895111 IP142.250.74.72:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hash38d170fc1b20fa4d5b5ebf0dc0bc788a d971eda0953eadeb9188cbedf2a6b6deeed0bb45 bc44b05d9dd7402e50af491332dd48a6c081404faa19cb5f2c890382eee66cca
GET /gtag/js?id=AW-300895111 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 16:37:41 GMT
expires: Wed, 08 May 2024 16:37:41 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81348
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGaG91emV6JTJGaW1nJTJGcHJldi5wbmcmY2FjaGVNYXJrZXI9MTYzOTgzOTUxMS0xMzYwJnRva2VuPTM0YWFhM2Q3MjJjNjUxY2E.q.png | 65.1.184.49 | 200 OK | 946 B |
URL GET HTTP/1.165.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGaG91emV6JTJGaW1nJTJGcHJldi5wbmcmY2FjaGVNYXJrZXI9MTYzOTgzOTUxMS0xMzYwJnRva2VuPTM0YWFhM2Q3MjJjNjUxY2E.q.png IP65.1.184.49:443
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image Hash50210877868c0e502fc1b47828bd45e8 9ec53d90fc20d9ba05e37382218aaeb241a8c784 533999905544d8b8bf58486a161d83cf08a2f7131315c0fda1947cc094e0d3c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGaG91emV6JTJGaW1nJTJGcHJldi5wbmcmY2FjaGVNYXJrZXI9MTYzOTgzOTUxMS0xMzYwJnRva2VuPTM0YWFhM2Q3MjJjNjUxY2E.q.png HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Cookie: _ga_EVXJYXF793=GS1.1.1715186253.1.0.1715186253.60.0.0; _ga=GA1.1.1304848229.1715186254; chatyWidget_0=[{"k":"v-widget","v":"2024-05-08T16:37:41.073Z"}]; activechatyWidgets=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:41 GMT
Server: Apache
Content-Length: 946
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/themes/houzez/img/prev.png>; rel="canonical"
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
X-Original-Content-Length: 966
Etag: W/"PSA-aj-UCEId4aMDl"
Expires: Thu, 08 May 2025 16:37:30 GMT
Cache-Control: max-age=31535988
X-Content-Type-Options: nosniff, nosniff
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGaG91emV6JTJGaW1nJTJGbmV4dC5wbmcmY2FjaGVNYXJrZXI9MTYzOTgzOTUxMS0xMzUwJnRva2VuPTBhNzgyNzZjNmZkZDdhY2M.q.png | 65.1.184.49 | | 978 B |
URL 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGaG91emV6JTJGaW1nJTJGbmV4dC5wbmcmY2FjaGVNYXJrZXI9MTYzOTgzOTUxMS0xMzUwJnRva2VuPTBhNzgyNzZjNmZkZDdhY2M.q.png IP65.1.184.49:0
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeRIFF (little-endian) data, Web/P image Hash795ec32b30eab9a3369e8d3a4da6b2f4 95d91ac9f041e3b69c809de64c089f4eed70fce2 22736561410dee9b563816e700493f585ea6f367e55583fa97a380d4ef0b9b63
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGaG91emV6JTJGaW1nJTJGbmV4dC5wbmcmY2FjaGVNYXJrZXI9MTYzOTgzOTUxMS0xMzUwJnRva2VuPTBhNzgyNzZjNmZkZDdhY2M.q.png HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Cookie: _ga_EVXJYXF793=GS1.1.1715186253.1.0.1715186253.60.0.0; _ga=GA1.1.1304848229.1715186254; chatyWidget_0=[{"k":"v-widget","v":"2024-05-08T16:37:41.073Z"}]; activechatyWidgets=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:41 GMT
Server: Apache
Content-Length: 978
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/themes/houzez/img/next.png>; rel="canonical"
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
X-Original-Content-Length: 992
Etag: W/"PSA-aj-eV7DKzDqua"
Expires: Thu, 08 May 2025 16:37:31 GMT
Cache-Control: max-age=31535989
X-Content-Type-Options: nosniff, nosniff
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/webp
|
|
| 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGaG91emV6JTJGaW1nJTJGbG9hZGluZy5naWYmY2FjaGVNYXJrZXI9MTYzOTgzOTUxMS04NDc2JnRva2VuPTJlZDQxOTJjYmJmM2IzMmY.q.gif | 65.1.184.49 | | 8.5 kB |
URL 65.1.184.49/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGaG91emV6JTJGaW1nJTJGbG9hZGluZy5naWYmY2FjaGVNYXJrZXI9MTYzOTgzOTUxMS04NDc2JnRva2VuPTJlZDQxOTJjYmJmM2IzMmY.q.gif IP65.1.184.49:0
CertificateIssuerBitnami Subjectwww.example.com Fingerprint2A:AA:96:8C:9B:A6:AF:26:F0:A4:E8:F4:15:47:79:8C:D9:69:72:E7 ValidityThu, 25 Mar 2021 07:14:23 GMT - Sun, 23 Mar 2031 07:14:23 GMT
File typeGIF image data, version 89a, 32 x 32 Hash2299ad0b3f63413f026dfec20c205b8f cf720b50cf8dde0e1a84ce1c6a77788bfc5882d5 225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGNjUuMS4xODQuNDklMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGaG91emV6JTJGaW1nJTJGbG9hZGluZy5naWYmY2FjaGVNYXJrZXI9MTYzOTgzOTUxMS04NDc2JnRva2VuPTJlZDQxOTJjYmJmM2IzMmY.q.gif HTTP/1.1
Host: 65.1.184.49
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Cookie: _ga_EVXJYXF793=GS1.1.1715186253.1.0.1715186253.60.0.0; _ga=GA1.1.1304848229.1715186254; chatyWidget_0=[{"k":"v-widget","v":"2024-05-08T16:37:41.073Z"}]; activechatyWidgets=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:41 GMT
Server: Apache
Content-Length: 8476
X-Powered-By: PHP/7.4.15
Link: <https://65.1.184.49/wp-content/themes/houzez/img/loading.gif>; rel="canonical"
Vary: Accept
Expires: Thu, 08 May 2025 16:37:31 GMT
X-Accel-Expires: 31536000
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Frame-Options: SAMEORIGIN
ETag: "6d2e6404531b17566e82f1e936aaf5e2"
Last-Modified: Wed, 08 May 2024 16:37:31 GMT
X-Content-Type-Options: nosniff, nosniff
Cache-Control: max-age=0, no-cache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
|
|
| cdn.sender.net/accounts_resources/universal.js | 104.22.74.115 | 200 OK | 47 kB |
URL GET HTTP/1.1cdn.sender.net/accounts_resources/universal.js IP104.22.74.115:443
CertificateIssuerCloudflare, Inc. Subjectcdn.sender.net FingerprintC2:FD:E9:EA:0C:B6:A8:D2:F4:F2:74:0D:F9:B0:0B:BD:C7:66:9D:33 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (45247), with NEL line terminators Hashc7b80a37da78ca14d6e87e0baa0aca57 ba3f0226bb8e68535180bf8917744232d90e1c56 dcabe55b1ff18fbaae396c3f2a0bb6e7e0029cd3d656694bad4b2232fce00720
GET /accounts_resources/universal.js HTTP/1.1
Host: cdn.sender.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:41 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"c7b80a37da78ca14d6e87e0baa0aca57"
Last-Modified: Fri, 03 May 2024 09:06:07 GMT
Vary: Accept-Encoding
Cache-Control: max-age=3600
CF-Cache-Status: HIT
Age: 5666
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
Server: cloudflare
CF-RAY: 880ae03558e19294-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.sender.net/accounts_resources/base/ce8c9dfdcb4498.json | 104.22.74.115 | 200 OK | 1.4 kB |
URL GET HTTP/1.1cdn.sender.net/accounts_resources/base/ce8c9dfdcb4498.json IP104.22.74.115:443
CertificateIssuerCloudflare, Inc. Subjectcdn.sender.net FingerprintC2:FD:E9:EA:0C:B6:A8:D2:F4:F2:74:0D:F9:B0:0B:BD:C7:66:9D:33 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
Hash4d96c26c36d2397b27de0a58cf0c140c 35ef98108a27665d6889c3d681e6db9ff28017a3 b9ae993338ac119cf6368f6b3e5c659f086aa622419187f6d119255279e50a3f
GET /accounts_resources/base/ce8c9dfdcb4498.json HTTP/1.1
Host: cdn.sender.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://65.1.184.49/
Origin: https://65.1.184.49
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:41 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
ETag: W/"4d96c26c36d2397b27de0a58cf0c140c"
Last-Modified: Fri, 23 Dec 2022 12:49:15 GMT
Vary: Origin, Accept-Encoding
CF-Cache-Status: DYNAMIC
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
Server: cloudflare
CF-RAY: 880ae036fbadabc9-CPH
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| js.hs-scripts.com/20022549.js | 104.16.137.209 | | 1.5 kB |
URL js.hs-scripts.com/20022549.js IP104.16.137.209:0
File typeASCII text, with very long lines (542) Hash5d8580f3b5a25508a829361fd8be4462 de479beaed7dcf937aac024f0b2b244b7c5e49c5 8191189e3fd69529020ea35cc9d72a67b49471f29dcaf47bd8055714754989d8
GET /20022549.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:37:41 GMT
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-max-age: 3600
access-control-allow-origin: https://65.1.184.49
x-envoy-upstream-service-time: 38
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 116ba1f4-cc87-4cce-9b42-37f445564420
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-zztqn
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 116ba1f4-cc87-4cce-9b42-37f445564420
last-modified: Wed, 08 May 2024 16:37:41 GMT
cf-cache-status: MISS
expires: Wed, 08 May 2024 16:39:11 GMT
cache-control: public, max-age=90
server: cloudflare
cf-ray: 880ae034e9131c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=5 | 104.19.175.188 | 200 OK | 35 B |
URL GET HTTP/1.1forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=5 IP104.19.175.188:443
CertificateIssuerGoogle Trust Services LLC Subjecthsforms.com Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=5 HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 16:37:42 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store
Vary: origin
Access-Control-Allow-Credentials: false
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-Origin-Hublet
X-Robots-Tag: none
x-envoy-upstream-service-time: 2
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
X-HubSpot-Correlation-Id: 20939459-c17e-419d-b830-2b31296f479e
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-ttdz2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 20939459-c17e-419d-b830-2b31296f479e
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: __cf_bm=L6pVt7vLHGswTY_9k8fO2wVgdoUjpZ91DOH_i_80Lwc-1715186262-1.0.1.1-uB3hszrpdtflXKoZok7IhIsZ_3.w7hjzuXCsU.h00yCvByImJhgwaHxVq6On_UBiKvDrZYe68oaLvvXn_067Xg; path=/; expires=Wed, 08-May-24 17:07:42 GMT; domain=.hsforms.com; HttpOnly; Secure; SameSite=None
_cfuvid=pg18RSEzsdcsbos.avwxsyoagjke4k1YqFhglN1yK_Q-1715186262204-0.0.1.1-604800000; path=/; domain=.hsforms.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 880ae0399936568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.youtube.com/s/player/178de1f2/www-widgetapi.vflset/www-widgetapi.js | 142.250.74.78 | 200 OK | 68 kB |
URL GET HTTP/3www.youtube.com/s/player/178de1f2/www-widgetapi.vflset/www-widgetapi.js IP142.250.74.78:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (531) Hash8c3db74fd4a0352b3a86086ced405a8d f3d61a450c740f7fd715cb44ef632e5535bf9d74 07cd8a0ea2b5b9fa0845c4f3a17ba1c634b7404c92f8c18012a8d933f59f26a2
GET /s/player/178de1f2/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 68217
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:21:56 GMT
expires: Wed, 07 May 2025 07:21:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 119746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 | 142.250.74.78 | | 86 kB |
URL www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 IP142.250.74.78:0
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeHTML document, ASCII text, with very long lines (58090) Hash75a8c5e35df1bcee944d144b7495d8f6 ca0480b14a6e4c23876fe8ed45f20bd73579cb19 6b54ab07a83b82b3ae110ef72e8e4437c79ffc8861d71388bc5eef7ee17609b2
GET /embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://65.1.184.49/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 16:37:42 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=hIYfhH27_RU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=sLHvNlt0OGk; Domain=.youtube.com; Expires=Mon, 04-Nov-2024 16:37:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMICQ%3D; Domain=.youtube.com; Expires=Mon, 04-Nov-2024 16:37:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 432398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:50:52 GMT
expires: Fri, 02 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 571610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/178de1f2/www-embed-player.vflset/www-embed-player.js | 142.250.74.78 | 200 OK | 97 kB |
URL GET HTTP/3www.youtube.com/s/player/178de1f2/www-embed-player.vflset/www-embed-player.js IP142.250.74.78:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (829) Hash313f662ec66b3cb94106e411fba15e0d 39becc293c40b248ce60fafca7413f567d34fa03 d2d3f5afdcae3fd0b7ba628ff725ffc86cb50322d0f0900158ea19e2de701d5b
GET /s/player/178de1f2/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97382
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:20:52 GMT
expires: Wed, 07 May 2025 07:20:52 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 119810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/base.js | 142.250.74.78 | 200 OK | 813 kB |
URL GET HTTP/3www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/base.js IP142.250.74.78:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (555) Size813 kB (813434 bytes) Hash5ebe39f943e9d7346eaf44c56f463112 ad47f985f0bee2bc75b616d6bab087e8fee187aa 1ce835d53b199d552ef2e014c6b08754d901d4638eddf97ee2c58249de0fd863
GET /s/player/178de1f2/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 813434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:22:56 GMT
expires: Wed, 07 May 2025 07:22:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 119686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.74 | 200 OK | 0 B |
URL POST HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.74:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 08 May 2024 16:37:43 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/embed.js | 142.250.74.78 | | 20 kB |
URL www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/embed.js IP142.250.74.78:0
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (3391) Hash6b1e9f0504828607a4f59e3e04a43bd7 fcbb02f80b1d031640be70840dd0fd6f60c87a3c 0844cf3b7743e155d22eff4e535fa5290b077f189210f6fc26c1c72b19f6f1f0
GET /s/player/178de1f2/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 19841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:26:55 GMT
expires: Wed, 07 May 2025 07:26:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 119448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.74 | 200 OK | 42 kB |
URL POST HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.74:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashca9ccc759d86eb26db7ccb9eecb04437 5b64883172eac0a3727365a18c241cd7e56e5462 6154f7b35bb80cdf24bb4119c557094b59c1fb0c2d6a093e0e20dfab0ae58176
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 May 2024 16:37:43 GMT
server: ESF
cache-control: private
content-length: 41528
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/js/th/LvMrC3vzHFP8SzxjvqNWRksbkOPiJTf11ILX4Pq8Ybc.js | 216.58.211.4 | 200 OK | 20 kB |
URL GET HTTP/2www.google.com/js/th/LvMrC3vzHFP8SzxjvqNWRksbkOPiJTf11ILX4Pq8Ybc.js IP216.58.211.4:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeJavaScript source, ASCII text, with very long lines (51583) Hash8168176decd4ee149cd33fb0db48f5f5 b541726598ee936f690683f68551bb4e8fb01439 2ef32b0b7bf31c53fc4b3c63bea356464b1b90e3e22537f5d482d7e0fabc61b7
GET /js/th/LvMrC3vzHFP8SzxjvqNWRksbkOPiJTf11ILX4Pq8Ybc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20283
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:38 GMT
expires: Sun, 04 May 2025 09:28:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 371345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/youtubei/v1/player?prettyPrint=false | 142.250.74.78 | 200 OK | 29 kB |
URL POST HTTP/3www.youtube.com/youtubei/v1/player?prettyPrint=false IP142.250.74.78:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash813563e72b70d2d33cdcebe79e6d9e43 f7be3913dc76fe9b3794ba4368c9498c1c7facc6 05c2ddb1325de13519d9b21a03e43eb276216c6966b9a94d8f7b1cd0fe343658
POST /youtubei/v1/player?prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgtzTEh2Tmx0ME9HayjW1O6xBjIOCgJOTxIIEgQSAgsMICQ%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240506.01.00
Content-Length: 3119
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 08 May 2024 16:37:43 GMT
server: scaffolding on HTTPServer2
content-length: 29180
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.74 | 200 OK | 0 B |
URL OPTIONS HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.74:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 08 May 2024 16:37:44 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/api/stats/qoe?fmt=247&cpn=puIdfM2o3AwIKGz-&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&cl=631074025&seq=1&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&event=streamingstats&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&qclc=ChBwdUlkZk0ybzNBd0lLR3otEAE&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.033:B,0.357:B,0.357:B&cat=streaming&cmt=0.033:0.000,0.357:0.000&vfs=0.357:247:247::r&view=0.357:1240:698&bwe=0.357:130000&vis=0.357:0&bh=0.357:0.000 | 142.250.74.78 | | 0 B |
URL www.youtube.com/api/stats/qoe?fmt=247&cpn=puIdfM2o3AwIKGz-&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&cl=631074025&seq=1&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&event=streamingstats&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&qclc=ChBwdUlkZk0ybzNBd0lLR3otEAE&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.033:B,0.357:B,0.357:B&cat=streaming&cmt=0.033:0.000,0.357:0.000&vfs=0.357:247:247::r&view=0.357:1240:698&bwe=0.357:130000&vis=0.357:0&bh=0.357:0.000 IP142.250.74.78:0
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?fmt=247&cpn=puIdfM2o3AwIKGz-&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&cl=631074025&seq=1&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&event=streamingstats&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&qclc=ChBwdUlkZk0ybzNBd0lLR3otEAE&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.033:B,0.357:B,0.357:B&cat=streaming&cmt=0.033:0.000,0.357:0.000&vfs=0.357:247:247::r&view=0.357:1240:698&bwe=0.357:130000&vis=0.357:0&bh=0.357:0.000 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtzTEh2Tmx0ME9HayjW1O6xBjIOCgJOTxIIEgQSAgsMICQ%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240506.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715186263491&flash=0&frm=2&u_tz&u_his=3&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1240%2C698&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 16:37:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.74 | 200 OK | 114 B |
URL OPTIONS HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.74:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd3a6dc25df40dd351930e54c99279f81 9df1cbbb5925cc484cde5cfca489b34cadbe12db 9744c4ec5018e76335acb3154c27c61c86cd2bbc1a313cadd1f34071747c7165
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 982
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 May 2024 16:37:44 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/remote.js | 142.250.74.78 | | 34 kB |
URL www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/remote.js IP142.250.74.78:0
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (543) Hash949182fbd070ffe02417f214d18899e1 88205a6a179c2299a147de7c604caacfbb8df98d 3edf4e35228c643453b189122dc6ee087c43a389ca3919f3118be1b9fa11bab0
GET /s/player/178de1f2/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33663
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:29:37 GMT
expires: Wed, 07 May 2025 07:29:37 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 119287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/annotations_module.js | 142.250.74.78 | 200 OK | 19 kB |
URL GET HTTP/3www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/annotations_module.js IP142.250.74.78:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (1115) Hash145f8810636553744cc8437bab199d6f b1b1c2ff5abcc085d46792cc88b99408e50acaf2 0e1eb6dcd00ea84665e091f87523a0216e277bd4f5d5d857c3fa88e5e5ce7b36
GET /s/player/178de1f2/player_ias.vflset/en_US/annotations_module.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18890
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:38:50 GMT
expires: Wed, 07 May 2025 07:38:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 118734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/captions.js | 142.250.74.78 | 200 OK | 24 kB |
URL GET HTTP/3www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/captions.js IP142.250.74.78:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (546) Hashbc6ded623829e38d73c98eda2dd1c30a ec1d732a0e5210a414d187495de68dca60bfaa8e c344c9c11b34f9afcee080b096f76b49be8b9d923337d3b9e0da2434cb504405
GET /s/player/178de1f2/player_ias.vflset/en_US/captions.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 24446
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:38:21 GMT
expires: Wed, 07 May 2025 07:38:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 118763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/endscreen.js | 142.250.74.78 | | 8.4 kB |
URL www.youtube.com/s/player/178de1f2/player_ias.vflset/en_US/endscreen.js IP142.250.74.78:0
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (607) Hash7f9467d8156f7851442eeb6db048514e 740a3fb85afc2234fbfdb79f2153a5f0e83c4de6 61076c79f1589c02457dc3a241ab58cd016c43dcef304b1d6ed4c40d8eac5d59
GET /s/player/178de1f2/player_ias.vflset/en_US/endscreen.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 8378
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:38:21 GMT
expires: Wed, 07 May 2025 07:38:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 118763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=IJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1846250&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&mt=1715185983&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AHWaYeowRQIgVuyIdQ5_7dKL3fgb-yRMMd9IRUevlIGnBBmhYXdZ4-oCIQDoTLrbDjD1WhwDrIEQT6PiqMUsNrMwGZHifT9czIzA8w%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&range=0-158920&rn=1&rbuf=0&pot=IjpJvUm7L4bj5QraPccd-CGPHdAxjQT4cPUoxCPqePJ_xQvXAPIK2gPyHcUA9AzaGO4I2jrwAP4YmHr5&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 1.4 kB |
URL POST HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=IJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1846250&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&mt=1715185983&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AHWaYeowRQIgVuyIdQ5_7dKL3fgb-yRMMd9IRUevlIGnBBmhYXdZ4-oCIQDoTLrbDjD1WhwDrIEQT6PiqMUsNrMwGZHifT9czIzA8w%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&range=0-158920&rn=1&rbuf=0&pot=IjpJvUm7L4bj5QraPccd-CGPHdAxjQT4cPUoxCPqePJ_xQvXAPIK2gPyHcUA9AzaGO4I2jrwAP4YmHr5&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint9C:6E:65:64:F7:C4:DA:B1:9D:CA:0F:97:25:F0:3F:CD:FB:9C:CB:4F ValidityTue, 30 Apr 2024 14:31:05 GMT - Tue, 09 Jul 2024 14:31:04 GMT
Hashe59590df8846b094785819e351c43d6a 89237d358150a2605ed3d8ed8f8eb4f4872cbf52 74d644aa5ee5a9e38420c9696477cb1e42e4714bea92b636b00f7159ece6075d
POST /videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=IJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1846250&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&mt=1715185983&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AHWaYeowRQIgVuyIdQ5_7dKL3fgb-yRMMd9IRUevlIGnBBmhYXdZ4-oCIQDoTLrbDjD1WhwDrIEQT6PiqMUsNrMwGZHifT9czIzA8w%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&range=0-158920&rn=1&rbuf=0&pot=IjpJvUm7L4bj5QraPccd-CGPHdAxjQT4cPUoxCPqePJ_xQvXAPIK2gPyHcUA9AzaGO4I2jrwAP4YmHr5&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 08 May 2024 16:37:44 GMT
Expires: Wed, 08 May 2024 16:37:44 GMT
Cache-Control: private, max-age=21299
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=IJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1846250&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&mt=1715185983&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AHWaYeowRQIgVuyIdQ5_7dKL3fgb-yRMMd9IRUevlIGnBBmhYXdZ4-oCIQDoTLrbDjD1WhwDrIEQT6PiqMUsNrMwGZHifT9czIzA8w%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&range=0-65927&rn=2&rbuf=0&pot=IjphYmFkB1nLOiIFFRg1JwlQNQ8ZUiwnWCoAGws1UC1XGiMIKC0iBSstNRooKyQFMDEgBRIvKCEwR1Im&ump=1&srfvp=1 | 91.90.45.173 | | 1.3 kB |
URL rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=IJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1846250&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&mt=1715185983&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AHWaYeowRQIgVuyIdQ5_7dKL3fgb-yRMMd9IRUevlIGnBBmhYXdZ4-oCIQDoTLrbDjD1WhwDrIEQT6PiqMUsNrMwGZHifT9czIzA8w%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&range=0-65927&rn=2&rbuf=0&pot=IjphYmFkB1nLOiIFFRg1JwlQNQ8ZUiwnWCoAGws1UC1XGiMIKC0iBSstNRooKyQFMDEgBRIvKCEwR1Im&ump=1&srfvp=1 IP91.90.45.173:0 ASN#50304 Blix Solutions AS
CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint9C:6E:65:64:F7:C4:DA:B1:9D:CA:0F:97:25:F0:3F:CD:FB:9C:CB:4F ValidityTue, 30 Apr 2024 14:31:05 GMT - Tue, 09 Jul 2024 14:31:04 GMT
Hash1fa510a3afea99cce646c7f26092e122 90f06fabe2694cf9a8b2cc89a875110295cdd19a a4e2154505d39f2d4532387ed3bf6ea274b41dcd5f7b1b8a09c291c63400c9c9
POST /videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=IJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1846250&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&mt=1715185983&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AHWaYeowRQIgVuyIdQ5_7dKL3fgb-yRMMd9IRUevlIGnBBmhYXdZ4-oCIQDoTLrbDjD1WhwDrIEQT6PiqMUsNrMwGZHifT9czIzA8w%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&range=0-65927&rn=2&rbuf=0&pot=IjphYmFkB1nLOiIFFRg1JwlQNQ8ZUiwnWCoAGws1UC1XGiMIKC0iBSstNRooKyQFMDEgBRIvKCEwR1Im&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 08 May 2024 16:37:44 GMT
Expires: Wed, 08 May 2024 16:37:44 GMT
Cache-Control: private, max-age=21299
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| yt3.ggpht.com/_UvKSITKVmoJpVi4SgNuXOIYXROfYoiklnwk_n8tjIEvxOsT843zv_XaLSaeBvqrBHEl1IgdrzA=s68-c-k-c0x00ffffff-no-rj | 142.250.74.65 | 200 OK | 4.8 kB |
URL GET HTTP/2yt3.ggpht.com/_UvKSITKVmoJpVi4SgNuXOIYXROfYoiklnwk_n8tjIEvxOsT843zv_XaLSaeBvqrBHEl1IgdrzA=s68-c-k-c0x00ffffff-no-rj IP142.250.74.65:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3 Hash87da3d8c7a129cf781cbb4d775adf44b 2805a9624c4d14976682c36e2f3fef3be4ba773f beb35aff941ce3e7159fd5cb8612f419c58016e8e9480b33c743d203c00a1cf0
GET /_UvKSITKVmoJpVi4SgNuXOIYXROfYoiklnwk_n8tjIEvxOsT843zv_XaLSaeBvqrBHEl1IgdrzA=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Thu, 09 May 2024 16:37:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
date: Wed, 08 May 2024 16:37:44 GMT
server: fife
content-length: 4846
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/generate_204?btxbcw | 142.250.74.78 | | 0 B |
URL www.youtube.com/generate_204?btxbcw IP142.250.74.78:0
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?btxbcw HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 16:37:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/youtubei/v1/next?prettyPrint=false | 142.250.74.78 | 200 OK | 2.1 kB |
URL POST HTTP/3www.youtube.com/youtubei/v1/next?prettyPrint=false IP142.250.74.78:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash8a7fd14f67abfdcbc6c42d059736ad11 0b2a859e99773c43846a3e7f2ab6ddc25ac5ee15 d14fe09a217c28f302d0a938ee6dd5c8ade86e1165b60f8274b6531053337a05
POST /youtubei/v1/next?prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgtzTEh2Tmx0ME9HayjW1O6xBjIOCgJOTxIIEgQSAgsMICQ%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240506.01.00
Content-Length: 2747
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 08 May 2024 16:37:44 GMT
server: scaffolding on HTTPServer2
content-length: 2109
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| i.ytimg.com/vi/nmncB3-SqVU/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgYCgoMA8=&rs=AOn4CLBhtMKmhDPTefFuRa2G3-y86JGv-A | 142.250.74.118 | | 58 kB |
URL i.ytimg.com/vi/nmncB3-SqVU/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgYCgoMA8=&rs=AOn4CLBhtMKmhDPTefFuRa2G3-y86JGv-A IP142.250.74.118:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3 Hashf6522a17d7afc9bb58d16e5f57d96e79 cefe6beb98ce9a0209e03aa9167bc96549d6d00f 0a4844f5a46d3cb67ba0845be3b2903237430940edfa3ccea79cdc019857c2bf
GET /vi/nmncB3-SqVU/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgYCgoMA8=&rs=AOn4CLBhtMKmhDPTefFuRa2G3-y86JGv-A HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 58539
date: Wed, 08 May 2024 16:37:44 GMT
expires: Wed, 08 May 2024 18:37:44 GMT
cache-control: public, max-age=7200
etag: "1633496958"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rr3---sn-5goeen7y.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&cms_redirect=yes&cmsv=e&mh=IJ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1715185981&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRAIgf8_iCwwjgPHyTARsUIHZU7zHS_uOAlr4mMeXbjZD1tcCIFgglaJIXnriguZbJAUKwxWNzlj7pS3T7IKVieEhhjvL&range=0-65927&rn=4&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 | 74.125.110.136 | | 1.4 kB |
URL rr3---sn-5goeen7y.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&cms_redirect=yes&cmsv=e&mh=IJ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1715185981&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRAIgf8_iCwwjgPHyTARsUIHZU7zHS_uOAlr4mMeXbjZD1tcCIFgglaJIXnriguZbJAUKwxWNzlj7pS3T7IKVieEhhjvL&range=0-65927&rn=4&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 IP74.125.110.136:0
Hashaddafb03212d30015b80ba49b9964509 2099fbf5c2f6c9d75f0c49f7185276724c7136bc fc7c5e65b89066f80df7016ce8b22f9d8508506a83436d8997ff81bc380d5231
POST /videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&cms_redirect=yes&cmsv=e&mh=IJ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1715185981&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRAIgf8_iCwwjgPHyTARsUIHZU7zHS_uOAlr4mMeXbjZD1tcCIFgglaJIXnriguZbJAUKwxWNzlj7pS3T7IKVieEhhjvL&range=0-65927&rn=4&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 HTTP/1.1
Host: rr3---sn-5goeen7y.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 08 May 2024 16:37:44 GMT
Expires: Wed, 08 May 2024 16:37:44 GMT
Cache-Control: private, max-age=21299
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr3---sn-5goeen7y.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&cms_redirect=yes&cmsv=e&mh=IJ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1715185981&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgVV-x6viKv4Dy7aN9m9wX3DB4Gp9sYLOV71_SBZA88YkCIQDeqYaU_gAnnUKn9kTmfUftb8WeiXI4TWM3iYtmyb8mBQ%3D%3D&range=0-158920&rn=3&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 | 74.125.110.136 | | 1.5 kB |
URL rr3---sn-5goeen7y.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&cms_redirect=yes&cmsv=e&mh=IJ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1715185981&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgVV-x6viKv4Dy7aN9m9wX3DB4Gp9sYLOV71_SBZA88YkCIQDeqYaU_gAnnUKn9kTmfUftb8WeiXI4TWM3iYtmyb8mBQ%3D%3D&range=0-158920&rn=3&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 IP74.125.110.136:0
Hash51301e7e19f8ef49adecd564fab4da64 aa7df3a4fa2274864986c1df0283ab5b64fa74d8 4ef96a810424607465cfcd5e3c82c67dbc26022bcc91a8fb46df3d2037e50455
POST /videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&cms_redirect=yes&cmsv=e&mh=IJ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1715185981&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgVV-x6viKv4Dy7aN9m9wX3DB4Gp9sYLOV71_SBZA88YkCIQDeqYaU_gAnnUKn9kTmfUftb8WeiXI4TWM3iYtmyb8mBQ%3D%3D&range=0-158920&rn=3&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 HTTP/1.1
Host: rr3---sn-5goeen7y.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 08 May 2024 16:37:44 GMT
Expires: Wed, 08 May 2024 16:37:44 GMT
Cache-Control: private, max-age=21299
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| yt3.ggpht.com/_UvKSITKVmoJpVi4SgNuXOIYXROfYoiklnwk_n8tjIEvxOsT843zv_XaLSaeBvqrBHEl1IgdrzA=s88-c-k-c0x00ffffff-no-rj | 142.250.74.65 | 200 OK | 6.7 kB |
URL GET HTTP/3yt3.ggpht.com/_UvKSITKVmoJpVi4SgNuXOIYXROfYoiklnwk_n8tjIEvxOsT843zv_XaLSaeBvqrBHEl1IgdrzA=s88-c-k-c0x00ffffff-no-rj IP142.250.74.65:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 88x88, components 3 Hash3bf4ceea7bbd233216b075d16f11ae2b 758da16a5509708f7d61464786a53126a4d34b96 7bea07c734dcebd9372125d695d2abaad21740f7cf74a9c245d1d8ff7942f27a
GET /_UvKSITKVmoJpVi4SgNuXOIYXROfYoiklnwk_n8tjIEvxOsT843zv_XaLSaeBvqrBHEl1IgdrzA=s88-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Thu, 09 May 2024 16:37:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
date: Wed, 08 May 2024 16:37:44 GMT
server: fife
content-length: 6698
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgWWyuFEj5SWcUWpIFqjef-iTqXtt8fGz_HMbyZPFk06sCIQCICmejnWzAtnrcAT2MLqoZGRuhBXtCh2Mnb1mucmHsmw%3D%3D&range=0-65927&rn=5&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 | 209.85.226.39 | 200 OK | 66 kB |
URL POST HTTP/1.1rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgWWyuFEj5SWcUWpIFqjef-iTqXtt8fGz_HMbyZPFk06sCIQCICmejnWzAtnrcAT2MLqoZGRuhBXtCh2Mnb1mucmHsmw%3D%3D&range=0-65927&rn=5&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 IP209.85.226.39:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com FingerprintB0:9F:4D:46:E2:53:2A:37:C6:A8:A9:DD:4E:AD:03:BC:31:3F:3C:C3 ValidityTue, 30 Apr 2024 14:31:05 GMT - Tue, 09 Jul 2024 14:31:04 GMT
Hashfc8c7e3dbce1a3c7842d0bc23fa3f160 48742ce050979e3a9d0b3e6837ebabed63d8b731 d628d1ac269a72617515b7543adb56ad23a04cc9d9a6b79f51dd941752e0129c
POST /videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgWWyuFEj5SWcUWpIFqjef-iTqXtt8fGz_HMbyZPFk06sCIQCICmejnWzAtnrcAT2MLqoZGRuhBXtCh2Mnb1mucmHsmw%3D%3D&range=0-65927&rn=5&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-5hnekn7d.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Wed, 06 Oct 2021 05:29:14 GMT
Content-Type: application/vnd.yt-ump
Date: Wed, 08 May 2024 16:37:45 GMT
Expires: Wed, 08 May 2024 16:37:45 GMT
Cache-Control: private, max-age=21298
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIhAMscPcsUwWT0lXgSFTr5jJvYXJkkeJcwQvGsu-5Y8AawAiAeV9EznrsPUtWCWl2SQu9gABaPvtOOkmisTpdhsQs91w%3D%3D&range=0-158920&rn=6&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 | 209.85.226.39 | | 159 kB |
URL rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIhAMscPcsUwWT0lXgSFTr5jJvYXJkkeJcwQvGsu-5Y8AawAiAeV9EznrsPUtWCWl2SQu9gABaPvtOOkmisTpdhsQs91w%3D%3D&range=0-158920&rn=6&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 IP209.85.226.39:0
CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com FingerprintB0:9F:4D:46:E2:53:2A:37:C6:A8:A9:DD:4E:AD:03:BC:31:3F:3C:C3 ValidityTue, 30 Apr 2024 14:31:05 GMT - Tue, 09 Jul 2024 14:31:04 GMT
Size159 kB (158988 bytes) Hashc248237d7665bae11c6b9a35a9a59375 d5bcc44c2249c1c5c5f15da77c5bcd859a6798ba 4bd3f4c5026958c2bb3c473ec284b86ad58ee5b3b909dae45dab4ee1a347b5d9
POST /videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIhAMscPcsUwWT0lXgSFTr5jJvYXJkkeJcwQvGsu-5Y8AawAiAeV9EznrsPUtWCWl2SQu9gABaPvtOOkmisTpdhsQs91w%3D%3D&range=0-158920&rn=6&rbuf=0&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-5hnekn7d.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Wed, 06 Oct 2021 05:29:12 GMT
Content-Type: application/vnd.yt-ump
Date: Wed, 08 May 2024 16:37:45 GMT
Expires: Wed, 08 May 2024 16:37:45 GMT
Cache-Control: private, max-age=21298
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 142.250.74.78 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP142.250.74.78:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1715186265534
Content-Type: application/json
X-Goog-Visitor-Id: CgtzTEh2Tmx0ME9HayjW1O6xBjIOCgJOTxIIEgQSAgsMICQ%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240506.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715186263491&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1240%2C698&vis=1&wgl=true&ca_type=image
Content-Length: 17115
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 08 May 2024 16:37:45 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/ptracking?html5=1&video_id=nmncB3-SqVU&cpn=puIdfM2o3AwIKGz-&ei=V6o7ZubvLNat0u8PzuuVwAM&ptk=youtube_none&pltype=contentugc | 142.250.74.78 | 204 No Content | 0 B |
URL GET HTTP/3www.youtube.com/ptracking?html5=1&video_id=nmncB3-SqVU&cpn=puIdfM2o3AwIKGz-&ei=V6o7ZubvLNat0u8PzuuVwAM&ptk=youtube_none&pltype=contentugc IP142.250.74.78:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ptracking?html5=1&video_id=nmncB3-SqVU&cpn=puIdfM2o3AwIKGz-&ei=V6o7ZubvLNat0u8PzuuVwAM&ptk=youtube_none&pltype=contentugc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtzTEh2Tmx0ME9HayjW1O6xBjIOCgJOTxIIEgQSAgsMICQ%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240506.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715186263491&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1240%2C698&vis=1&wgl=true&ca_type=image
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 16:37:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=20022549&utk= | 104.16.111.254 | | 102 B |
URL forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=20022549&utk= IP104.16.111.254:0
Hash30af8b450746d807b87a8569d386cd02 a3440121e7fb8e7557ba7c236238dd4b10bed877 5ddd3c8167c3d2ee6dfb141cd2b6b022e04b369988eddc46b07210512e9224d8
GET /collected-forms/v1/config/json?portalId=20022549&utk= HTTP/1.1
Host: forms.hscollectedforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://65.1.184.49
DNT: 1
Connection: keep-alive
Referer: https://65.1.184.49/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 16:37:41 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-robots-tag: none
access-control-allow-origin: https://65.1.184.49
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-envoy-upstream-service-time: 10
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 7ceee6bf-e65c-45f1-898b-00a48e548dd8
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rl62l
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 7ceee6bf-e65c-45f1-898b-00a48e548dd8
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 880ae0387f680b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 142.250.74.78 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP142.250.74.78:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1715186265789
Content-Type: application/json
X-Goog-Visitor-Id: CgtzTEh2Tmx0ME9HayjW1O6xBjIOCgJOTxIIEgQSAgsMICQ%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240506.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715186263003&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1240%2C698&vis=1&wgl=true&ca_type=image
Content-Length: 5098
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 08 May 2024 16:37:45 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=puIdfM2o3AwIKGz-&ver=2&cmt=4.579&fmt=247&fs=0&rt=6.623&euri=https%3A%2F%2F65.1.184.49%2F&lact=6679&cl=631074025&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&epm=1&hl=en_US&cr=NO&len=75.221&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&afmt=251&muted=1&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKT0xBeUR1S1c5ZHBWY05EMFFmZzFfRWJZei1UQnVEZ3hDZnQ2eVRYNHZqQWJiQVBta0tETHowOTd5VTM3NzdkMWMwMnlZOVdQSjlvby1kc2tqd1A0bi1lU1I5TEpvdG43UGN3QmhtUHpaVTZ4bGlzTWVaUlU1Wi11ZXlGRkNLLUtEV0N2S01xNFpaTXNxeWdoAg | 142.250.74.78 | | 0 B |
URL www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=puIdfM2o3AwIKGz-&ver=2&cmt=4.579&fmt=247&fs=0&rt=6.623&euri=https%3A%2F%2F65.1.184.49%2F&lact=6679&cl=631074025&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&epm=1&hl=en_US&cr=NO&len=75.221&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&afmt=251&muted=1&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKT0xBeUR1S1c5ZHBWY05EMFFmZzFfRWJZei1UQnVEZ3hDZnQ2eVRYNHZqQWJiQVBta0tETHowOTd5VTM3NzdkMWMwMnlZOVdQSjlvby1kc2tqd1A0bi1lU1I5TEpvdG43UGN3QmhtUHpaVTZ4bGlzTWVaUlU1Wi11ZXlGRkNLLUtEV0N2S01xNFpaTXNxeWdoAg IP142.250.74.78:0
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/atr?ns=yt&el=embedded&cpn=puIdfM2o3AwIKGz-&ver=2&cmt=4.579&fmt=247&fs=0&rt=6.623&euri=https%3A%2F%2F65.1.184.49%2F&lact=6679&cl=631074025&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&epm=1&hl=en_US&cr=NO&len=75.221&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&afmt=251&muted=1&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKT0xBeUR1S1c5ZHBWY05EMFFmZzFfRWJZei1UQnVEZ3hDZnQ2eVRYNHZqQWJiQVBta0tETHowOTd5VTM3NzdkMWMwMnlZOVdQSjlvby1kc2tqd1A0bi1lU1I5TEpvdG43UGN3QmhtUHpaVTZ4bGlzTWVaUlU1Wi11ZXlGRkNLLUtEV0N2S01xNFpaTXNxeWdoAg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtzTEh2Tmx0ME9HayjW1O6xBjIOCgJOTxIIEgQSAgsMICQ%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240506.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715186263491&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1240%2C698&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 1872
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 16:37:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=puIdfM2o3AwIKGz-&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&cl=631074025&seq=2&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&event=streamingstats&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&qclc=ChBwdUlkZk0ybzNBd0lLR3otEAI&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.363:251::i&ctmp=itr:t.423;,dompaused:t.463;r.promise;m.NotAllowedError&cmt=0.451:0.000,1.943:0.000,2.069:0.080,2.820:0.843,10.007:8.032&vps=0.451:N,1.943:B,2.069:PL,10.007:PL&user_intent=0.822&bh=2.069:2.901,10.007:22.130&bwm=10.007:2220307:5.251&bwe=10.007:923495&df=10.007:0 | 142.250.74.78 | | 0 B |
URL www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=puIdfM2o3AwIKGz-&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&cl=631074025&seq=2&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&event=streamingstats&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&qclc=ChBwdUlkZk0ybzNBd0lLR3otEAI&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.363:251::i&ctmp=itr:t.423;,dompaused:t.463;r.promise;m.NotAllowedError&cmt=0.451:0.000,1.943:0.000,2.069:0.080,2.820:0.843,10.007:8.032&vps=0.451:N,1.943:B,2.069:PL,10.007:PL&user_intent=0.822&bh=2.069:2.901,10.007:22.130&bwm=10.007:2220307:5.251&bwe=10.007:923495&df=10.007:0 IP142.250.74.78:0
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?fmt=247&afmt=251&cpn=puIdfM2o3AwIKGz-&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&cl=631074025&seq=2&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&event=streamingstats&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&qclc=ChBwdUlkZk0ybzNBd0lLR3otEAI&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.363:251::i&ctmp=itr:t.423;,dompaused:t.463;r.promise;m.NotAllowedError&cmt=0.451:0.000,1.943:0.000,2.069:0.080,2.820:0.843,10.007:8.032&vps=0.451:N,1.943:B,2.069:PL,10.007:PL&user_intent=0.822&bh=2.069:2.901,10.007:22.130&bwm=10.007:2220307:5.251&bwe=10.007:923495&df=10.007:0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtzTEh2Tmx0ME9HayjW1O6xBjIOCgJOTxIIEgQSAgsMICQ%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240506.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715186263491&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1240%2C698&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 16:37:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgWWyuFEj5SWcUWpIFqjef-iTqXtt8fGz_HMbyZPFk06sCIQCICmejnWzAtnrcAT2MLqoZGRuhBXtCh2Mnb1mucmHsmw%3D%3D&range=65928-131463&rn=8&rbuf=4510&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 | 209.85.226.39 | 200 OK | 66 kB |
URL POST HTTP/3rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgWWyuFEj5SWcUWpIFqjef-iTqXtt8fGz_HMbyZPFk06sCIQCICmejnWzAtnrcAT2MLqoZGRuhBXtCh2Mnb1mucmHsmw%3D%3D&range=65928-131463&rn=8&rbuf=4510&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 IP209.85.226.39:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com FingerprintB0:9F:4D:46:E2:53:2A:37:C6:A8:A9:DD:4E:AD:03:BC:31:3F:3C:C3 ValidityTue, 30 Apr 2024 14:31:05 GMT - Tue, 09 Jul 2024 14:31:04 GMT
Hash8f063066268287e04971a59c0ba59785 f0b2c052a5e8c6592fe54d170fc59628c073b860 61d2c4d404dec7437a782643add1308fd1f5c0bd3d830d75fc30819dfc64ab6f
POST /videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgWWyuFEj5SWcUWpIFqjef-iTqXtt8fGz_HMbyZPFk06sCIQCICmejnWzAtnrcAT2MLqoZGRuhBXtCh2Mnb1mucmHsmw%3D%3D&range=65928-131463&rn=8&rbuf=4510&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-5hnekn7d.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
last-modified: Wed, 06 Oct 2021 05:29:14 GMT
content-type: application/vnd.yt-ump
date: Wed, 08 May 2024 16:37:46 GMT
expires: Wed, 08 May 2024 16:37:46 GMT
cache-control: private, max-age=21297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=puIdfM2o3AwIKGz-&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&cl=631074025&seq=3&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&event=streamingstats&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&qclc=ChBwdUlkZk0ybzNBd0lLR3otEAM&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&bwe=11.832:923495,11.834:923495,11.921:923495&vis=11.832:3&cmt=11.832:9.838,11.834:9.838,11.921:9.919&bh=11.832:20.163,11.834:20.163,11.921:20.163&vps=11.921:N | 142.250.74.46 | | 0 B |
URL www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=puIdfM2o3AwIKGz-&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&cl=631074025&seq=3&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&event=streamingstats&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&qclc=ChBwdUlkZk0ybzNBd0lLR3otEAM&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&bwe=11.832:923495,11.834:923495,11.921:923495&vis=11.832:3&cmt=11.832:9.838,11.834:9.838,11.921:9.919&bh=11.832:20.163,11.834:20.163,11.921:20.163&vps=11.921:N IP142.250.74.46:0
CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?fmt=247&afmt=251&cpn=puIdfM2o3AwIKGz-&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&cl=631074025&seq=3&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&event=streamingstats&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&qclc=ChBwdUlkZk0ybzNBd0lLR3otEAM&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&bwe=11.832:923495,11.834:923495,11.921:923495&vis=11.832:3&cmt=11.832:9.838,11.834:9.838,11.921:9.919&bh=11.832:20.163,11.834:20.163,11.921:20.163&vps=11.921:N HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtzTEh2Tmx0ME9HayjW1O6xBjIOCgJOTxIIEgQSAgsMICQ%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240506.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715186263491&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=63%2C39%2C63%2C39%2C1280%2C0%2C1280%2C1024%2C1240%2C698&vis=2&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 16:37:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgWWyuFEj5SWcUWpIFqjef-iTqXtt8fGz_HMbyZPFk06sCIQCICmejnWzAtnrcAT2MLqoZGRuhBXtCh2Mnb1mucmHsmw%3D%3D&range=412480-686268&rn=13&rbuf=20444&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 | 209.85.226.39 | | 252 kB |
URL rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgWWyuFEj5SWcUWpIFqjef-iTqXtt8fGz_HMbyZPFk06sCIQCICmejnWzAtnrcAT2MLqoZGRuhBXtCh2Mnb1mucmHsmw%3D%3D&range=412480-686268&rn=13&rbuf=20444&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 IP209.85.226.39:0
CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com FingerprintB0:9F:4D:46:E2:53:2A:37:C6:A8:A9:DD:4E:AD:03:BC:31:3F:3C:C3 ValidityTue, 30 Apr 2024 14:31:05 GMT - Tue, 09 Jul 2024 14:31:04 GMT
Size252 kB (251640 bytes) Hashc571ed77159255ee4a6c94d82de4ab4c b70f4f07c64ad778394722f507d56681aa2c15bb cd86b034a902ab2fd30be9e4f85125d61b4c77586f03bd6a9637a70340df4d85
POST /videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=1017104&dur=75.221&lmt=1633498154705037&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6211224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALJTUgcFxHzGZWaNkB3vUJTXXnVLsydVRz-aiSKlPMYrAiAFY6WsS6sU5pJMRHdDhQavGIZMPG9JE7bcRdA2uyMm2Q%3D%3D&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIgWWyuFEj5SWcUWpIFqjef-iTqXtt8fGz_HMbyZPFk06sCIQCICmejnWzAtnrcAT2MLqoZGRuhBXtCh2Mnb1mucmHsmw%3D%3D&range=412480-686268&rn=13&rbuf=20444&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-5hnekn7d.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
last-modified: Wed, 06 Oct 2021 05:29:14 GMT
content-type: application/vnd.yt-ump
date: Wed, 08 May 2024 16:37:55 GMT
expires: Wed, 08 May 2024 16:37:55 GMT
cache-control: private, max-age=21288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=puIdfM2o3AwIKGz-&ver=2&cmt=0.08&fmt=247&fs=0&rt=2.075&euri=https%3A%2F%2F65.1.184.49%2F&lact=2131&cl=631074025&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&epm=1&hl=en_US&cr=NO&len=75.221&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&rtn=12&afmt=251&size=1240%3A698&muted=1&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKT0xBeUR1S1c5ZHBWY05EMFFmZzFfRWJZei1UQnVEZ3hDZnQ2eVRYNHZqQWJiQVBta0tETHowOTd5VTM3NzdkMWMwMnlZOVdQSjlvby1kc2tqd1A0bi1lU1I5TEpvdG43UGN3QmhtUHpaVTZ4bGlzTWVaUlU1Wi11ZXlGRkNLLUtEV0N2S01xNFpaTXNxeWdoAg | 142.250.74.78 | 204 No Content | 0 B |
URL GET HTTP/3www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=puIdfM2o3AwIKGz-&ver=2&cmt=0.08&fmt=247&fs=0&rt=2.075&euri=https%3A%2F%2F65.1.184.49%2F&lact=2131&cl=631074025&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&epm=1&hl=en_US&cr=NO&len=75.221&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&rtn=12&afmt=251&size=1240%3A698&muted=1&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKT0xBeUR1S1c5ZHBWY05EMFFmZzFfRWJZei1UQnVEZ3hDZnQ2eVRYNHZqQWJiQVBta0tETHowOTd5VTM3NzdkMWMwMnlZOVdQSjlvby1kc2tqd1A0bi1lU1I5TEpvdG43UGN3QmhtUHpaVTZ4bGlzTWVaUlU1Wi11ZXlGRkNLLUtEV0N2S01xNFpaTXNxeWdoAg IP142.250.74.78:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/stats/playback?ns=yt&el=embedded&cpn=puIdfM2o3AwIKGz-&ver=2&cmt=0.08&fmt=247&fs=0&rt=2.075&euri=https%3A%2F%2F65.1.184.49%2F&lact=2131&cl=631074025&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240506.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&epm=1&hl=en_US&cr=NO&len=75.221&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C2871%2C3818%2C2007%2C9072%2C4654%2C3499%2C4958%2C16041%2C2197%2C8969%2C1026%2C1103%2C21%2C911%2C3148%2C128%2C54%2C2690%2C102%2C52%2C2605%2C55%2C638%2C5%2C3%2C41%2C3%2C288%2C2%2C78%2C2693%2C932%2C8%2C831%2C452%2C176%2C5%2C38%2C2540%2C1478%2C491%2C528%2C151&rtn=12&afmt=251&size=1240%3A698&muted=1&docid=nmncB3-SqVU&ei=V6o7ZubvLNat0u8PzuuVwAM&plid=AAYX8-v6LZgitxCg&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FnmncB3-SqVU%3Fcontrols%3D1%26rel%3D0%26playsinline%3D1%26modestbranding%3D1%26autoplay%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F65.1.184.49%26widgetid%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKT0xBeUR1S1c5ZHBWY05EMFFmZzFfRWJZei1UQnVEZ3hDZnQ2eVRYNHZqQWJiQVBta0tETHowOTd5VTM3NzdkMWMwMnlZOVdQSjlvby1kc2tqd1A0bi1lU1I5TEpvdG43UGN3QmhtUHpaVTZ4bGlzTWVaUlU1Wi11ZXlGRkNLLUtEV0N2S01xNFpaTXNxeWdoAg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtzTEh2Tmx0ME9HayjW1O6xBjIOCgJOTxIIEgQSAgsMICQ%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240506.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1715186263491&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1240%2C698&vis=1&wgl=true&ca_type=image
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 16:37:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIhAMscPcsUwWT0lXgSFTr5jJvYXJkkeJcwQvGsu-5Y8AawAiAeV9EznrsPUtWCWl2SQu9gABaPvtOOkmisTpdhsQs91w%3D%3D&range=158921-362818&rn=7&rbuf=3061&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 | 209.85.226.39 | 200 OK | 204 kB |
URL POST HTTP/3rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIhAMscPcsUwWT0lXgSFTr5jJvYXJkkeJcwQvGsu-5Y8AawAiAeV9EznrsPUtWCWl2SQu9gABaPvtOOkmisTpdhsQs91w%3D%3D&range=158921-362818&rn=7&rbuf=3061&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 IP209.85.226.39:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com FingerprintB0:9F:4D:46:E2:53:2A:37:C6:A8:A9:DD:4E:AD:03:BC:31:3F:3C:C3 ValidityTue, 30 Apr 2024 14:31:05 GMT - Tue, 09 Jul 2024 14:31:04 GMT
Size204 kB (203971 bytes) Hash2cb61182d6bb559d39d2da3cf471bd6b 24a7361019927f3069adeaa34c1f26c7b31d4dce db3a2ff5e76c48b6eb2795fe6a9406c05decb666d51d12bad3aec552a21ada09
POST /videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIhAMscPcsUwWT0lXgSFTr5jJvYXJkkeJcwQvGsu-5Y8AawAiAeV9EznrsPUtWCWl2SQu9gABaPvtOOkmisTpdhsQs91w%3D%3D&range=158921-362818&rn=7&rbuf=3061&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-5hnekn7d.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Wed, 06 Oct 2021 05:29:12 GMT
content-type: application/vnd.yt-ump
date: Wed, 08 May 2024 16:37:45 GMT
expires: Wed, 08 May 2024 16:37:45 GMT
cache-control: private, max-age=21298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
|
|
| rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIhAMscPcsUwWT0lXgSFTr5jJvYXJkkeJcwQvGsu-5Y8AawAiAeV9EznrsPUtWCWl2SQu9gABaPvtOOkmisTpdhsQs91w%3D%3D&range=362819-809327&rn=9&rbuf=6266&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 | 209.85.226.39 | 200 OK | 447 kB |
URL POST HTTP/3rr2---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIhAMscPcsUwWT0lXgSFTr5jJvYXJkkeJcwQvGsu-5Y8AawAiAeV9EznrsPUtWCWl2SQu9gABaPvtOOkmisTpdhsQs91w%3D%3D&range=362819-809327&rn=9&rbuf=6266&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 IP209.85.226.39:443
Requested byhttps://www.youtube.com/embed/nmncB3-SqVU?controls=1&rel=0&playsinline=1&modestbranding=1&autoplay=1&enablejsapi=1&origin=https%3A%2F%2F65.1.184.49&widgetid=1 CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com FingerprintB0:9F:4D:46:E2:53:2A:37:C6:A8:A9:DD:4E:AD:03:BC:31:3F:3C:C3 ValidityTue, 30 Apr 2024 14:31:05 GMT - Tue, 09 Jul 2024 14:31:04 GMT
Size447 kB (446598 bytes) Hash89bdf3ce8faf1c025208a54b45a34af6 c03e6f4e729e00ba6bf350c2f3f3b438c64270ef 10caf5a592e79fbdaa41e1cd6c18e880a05a76b0a47116a6c45d0d561c85f567
POST /videoplayback?expire=1715207863&ei=V6o7ZubvLNat0u8PzuuVwAM&ip=91.90.42.154&id=o-AHep0FMo8znN8LvZLTazbg0yR6uoW2P4oadYYivixL-N&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AWRWj2QOQz0cOn9TsnWKSMxMAU1du3GgHnaqxvj2NZnp7YhPPFm-mZlTl5LDQUzGXgKxKEpeVfy_CpQH&spc=UWF9f1wjm4WlLLxsiM18ad9OZb3Tx13nZpQB9_VvlajaEFvB2aoMyeRL2w&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zC7_13IRGup2y_1RjIueNjgQ&gir=yes&clen=3754957&dur=75.199&lmt=1633498152448719&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=6216224&n=8sAT2jGH5I-9hQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgBqYSfRVunX4frqSXqZnrixktTXHbWDKLow49ogeb-kwCID2vP21Z967JBKo6mhCilmz3bQlEcsZeipFB1yrdLvpO&alr=yes&cpn=puIdfM2o3AwIKGz-&cver=1.20240506.01.00&cm2rm=sn-capm-vnae7l,sn-5gole7s&fexp=24350324,24350328,24350330,24350379,24350414,24350424,24350464&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=IJ&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1715185955&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AHWaYeowRQIhAMscPcsUwWT0lXgSFTr5jJvYXJkkeJcwQvGsu-5Y8AawAiAeV9EznrsPUtWCWl2SQu9gABaPvtOOkmisTpdhsQs91w%3D%3D&range=362819-809327&rn=9&rbuf=6266&pot=MnkVpEt1LbKWphWfQNs6zYc_NvV8ztvmjihMfjFXvmixK6noyPCXn4LvFPcIIYxf7szwKoau7GetXq5ZjbnZy5pB4HbV7eRC2jO7i9kDzpn6VwKP4o3-feBJJpM6SmPFvyj6FPBs4QvwUMxtCZG2Oimioz_lmEF3uWJl&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-5hnekn7d.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Wed, 06 Oct 2021 05:29:12 GMT
content-type: application/vnd.yt-ump
date: Wed, 08 May 2024 16:37:46 GMT
expires: Wed, 08 May 2024 16:37:46 GMT
cache-control: private, max-age=21297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
|
|