| detectportal.firefox.com/success.txt?ipv4 | 34.107.221.82 | 200 OK | 8 B |
URL HTTP/1.1detectportal.firefox.com/success.txt?ipv4 IP34.107.221.82:0
Hashae780585f49b94ce1444eb7d28906123 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 14 Nov 2022 07:11:16 GMT
Age: 85516
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
|
|
| cet.firstchoicetechs.com/ga/click/2-97292245-245-686-1293-1301-2e5a72a009-o71d5d7673 | 5.182.17.105 | 302 Found | 220 B |
URL HTTP/1.1cet.firstchoicetechs.com/ga/click/2-97292245-245-686-1293-1301-2e5a72a009-o71d5d7673 IP5.182.17.105:0
File typeHTML document text\012- HTML document, ASCII text, with no line terminators Hashaf06c210b464bed741dd22ab36093689 cfc1b0f22c9f7c1acac2f35ac4c7de8cf78d4d37 1edb84081854d66315c648a33acd04a49dedd2db5f129950b06d012c85c04f6d
GET /ga/click/2-97292245-245-686-1293-1301-2e5a72a009-o71d5d7673 HTTP/1.1
Host: cet.firstchoicetechs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 15 Nov 2022 06:56:32 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.33
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: bbb1cad62d077509b0865b42632ef48e
Location: http://sets.shmarketresearch.com/Kidtewfwetvbcsdncbstrdtwefycsdbnsbvsdrdcwtvydsnbsv/jrehufgerytfewtyuwebcsvcftcwetyuybdsyew/kjhuerygytfuwehubcvywegubwvywe
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.022190
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.12
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7786cd9bd97e024b3a1d16215defaad2 786ddbb74b0b6bd9270622dbe0258d6caee407c1 9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13743
Expires: Tue, 15 Nov 2022 10:45:35 GMT
Date: Tue, 15 Nov 2022 06:56:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6f2cb9e3518977321f2d990c9b257d89 fbb9b616ca481b6f5c55a33d51fa4dde4b911d97 461eb613abb1c90eb2c24c3d2d2e5318f417faebd170f71a26c550db9d8466e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "461EB613ABB1C90EB2C24C3D2D2E5318F417FAEBD170F71A26C550DB9D8466E4"
Last-Modified: Sun, 13 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15968
Expires: Tue, 15 Nov 2022 11:22:40 GMT
Date: Tue, 15 Nov 2022 06:56:32 GMT
Connection: keep-alive
|
|
| getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 | 34.120.5.221 | 200 OK | 43 kB |
URL HTTP/2getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 IP34.120.5.221:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hash1c03e0021c63e973e296fac349a471f8 563d1d16460d7e9492911eba4dfabeca425b3db1 7bb45100996ad25f5105c40c7c075e33d4e91d6222d3920fd07d0d3e3f511a57
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: k7NvshkJC03jC5t31OZYmnRmOYqQWtc2Z8I_K01fIXgtJbJ53GZO-A==
content-encoding: gzip
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 06:47:46 GMT
age: 526
content-type: application/json
content-length: 42974
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8c15cef160d1514fc977ed4c4e97086c ffe4ce3199658a1fc7a45d1607df40ef3911621d db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12064
Expires: Tue, 15 Nov 2022 10:17:36 GMT
Date: Tue, 15 Nov 2022 06:56:32 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mBOuM9WnKsw8EbtcAUN+1oJDizpvYUd/e5oG12qEmrkewZFiVn+P1xih3TO61cd3CZgJ5Zw+0fg=
x-amz-request-id: V8BGN6XSC4NAVGJQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 06:14:09 GMT
age: 2543
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash832aecaba9f06ee2d39d4d4bea65f13c 7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6453
Cache-Control: max-age=105738
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:32 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 12:18:50 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4736bac84ca28f2b1e961159fb4ea098 1319612979f53896fcfeacd4215c2715d4951e4c 5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 06:44:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 729
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 06:56:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 06:44:48 GMT
cache-control: public,max-age=3600
age: 705
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash3200044057cb585f1a435c0efece61c8 8305d5b5891288aa9996b4b4ca6fce2265413194 df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3173
Cache-Control: max-age=97401
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:33 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 09:59:54 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2c44dd8355fc36a8df39b4d9a2f0a392 d5ee6d0b8827d739117058a88cc62fccaab78950 4b039eccabcc1d6c39ca23d43b6f80abc1d66acb096143316277dee19192fada
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5626
Cache-Control: max-age=131554
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:33 GMT
Etag: "63728109-1d7"
Expires: Wed, 16 Nov 2022 19:29:07 GMT
Last-Modified: Mon, 14 Nov 2022 17:55:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
|
|
| shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2 | 35.82.2.166 | 200 OK | 8 B |
URL HTTP/1.1shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2 IP35.82.2.166:0
Hash29fc57841962e407cb50c1be60284bf7 ce968a77e2996da5eee8925182318f171ccdce47 ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 15 Nov 2022 06:56:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
|
|
| sets.shmarketresearch.com/Kidtewfwetvbcsdncbstrdtwefycsdbnsbvsdrdcwtvydsnbsv/jrehufgerytfewtyuwebcsvcftcwetyuybdsyew/kjhuerygytfuwehubcvywegubwvywe | 66.150.130.192 | 302 Found | 0 B |
URL HTTP/1.1sets.shmarketresearch.com/Kidtewfwetvbcsdncbstrdtwefycsdbnsbvsdrdcwtvydsnbsv/jrehufgerytfewtyuwebcsvcftcwetyuybdsyew/kjhuerygytfuwehubcvywegubwvywe IP66.150.130.192:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Kidtewfwetvbcsdncbstrdtwefycsdbnsbvsdrdcwtvydsnbsv/jrehufgerytfewtyuwebcsvcftcwetyuybdsyew/kjhuerygytfuwehubcvywegubwvywe HTTP/1.1
Host: sets.shmarketresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 15 Nov 2022 06:56:32 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://mwebnice.com/7290/158/2/?subid=SgerOrb
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| push.services.mozilla.com/ | 35.162.142.194 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.162.142.194:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OEJgnZO3aR4cxT1wPDPW6Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BHGOr2gz6/LCtZenYIIX4mVLnM4=
|
|
| firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221668481035889%22 | 34.102.187.140 | 200 OK | 22 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221668481035889%22 IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (21675), with no line terminators Hashb43f3493dfd8596f0f3144f2c68aab2e 7a955bc274e07955340bd90e19c1592a92a5f747 8aa7c677f15f1fbdb5cd59a6fdc38057ab91434ada84dac31bf0fa657e042107
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221668481035889%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Tue, 15 Nov 2022 06:01:57 GMT
cache-control: public,max-age=3600
age: 3276
last-modified: Tue, 15 Nov 2022 02:57:15 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1668472632345&_since=%221666204638208%22 | 34.102.187.140 | 200 OK | 6.0 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1668472632345&_since=%221666204638208%22 IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (5962), with no line terminators Hash2fcec62f165c827c32e4fe836e3b1f37 2a5820e1e5b5add7dad3e346cbe97286c58638a2 54d726019e9df895def96cb5c32f63f5d77c291a66f60b9ed99627c10aecfa47
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1668472632345&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5962
via: 1.1 google
date: Tue, 15 Nov 2022 06:11:44 GMT
cache-control: public,max-age=3600
age: 2689
last-modified: Tue, 15 Nov 2022 00:37:12 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: fv1A3HyaENIxKhf0l2vMNiq4YwCrE6qA9n1smnMVYK67SEkQNVttHekqOVPwmbVv2g/s0yiXrCs=
x-amz-request-id: FNA44279GC4PJ3Q1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 06:36:29 GMT
age: 1204
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash83f3095fc37a30712c49756c357bca10 2d6f8ea4c333eb52ed4961ed3e60c80904c60499 9083392d40484096f64bbce970f8e5991804292255b5bc644a24a925f3d9b1b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=148600
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:33 GMT
Etag: "6372d999-117"
Expires: Thu, 17 Nov 2022 00:13:13 GMT
Last-Modified: Tue, 15 Nov 2022 00:13:13 GMT
Server: nginx
Content-Length: 279
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1668470466458&_since=%221666483264567%22 | 34.102.187.140 | 200 OK | 50 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1668470466458&_since=%221666483264567%22 IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (50071), with no line terminators Hash924cbcc6d1a0cf759dfa66be284f202f 19be3d0892c16636b83a5931744aeb9c2cce772a fa4d031afca1ee74dc1156d92c7f1b1bd32a60d30a01e30123229a430995f07a
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1668470466458&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 50071
via: 1.1 google
date: Tue, 15 Nov 2022 06:00:16 GMT
cache-control: public,max-age=3600
age: 3377
last-modified: Tue, 15 Nov 2022 00:01:06 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1668445768179&_since=%221666279968541%22 | 34.102.187.140 | 200 OK | 9.9 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1668445768179&_since=%221666279968541%22 IP34.102.187.140:0
File typeASCII text, with very long lines (9873), with no line terminators Hash6b4c5313f7d0ffb9e9b68d714a45c0e2 86078381940420d0b94057dcc92eb1af8270221d 2f8a47b0332274f41137744b20c222c3487730585084dd11f42161f75f452f43
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1668445768179&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 9873
via: 1.1 google
date: Tue, 15 Nov 2022 06:52:50 GMT
cache-control: public,max-age=3600
age: 223
last-modified: Mon, 14 Nov 2022 17:09:28 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 | 34.102.187.140 | 200 OK | 1.5 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (1506), with no line terminators Hash4bf9c108a3dab80c738cbf2d4995721f b818b30329d25e588f8f262831841d936d676c1d 4d3bf358f40290e38873e8395288055dd23ef0eeef99790fe175e91bcc9edc29
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Tue, 15 Nov 2022 06:15:58 GMT
cache-control: public,max-age=3600
age: 2435
last-modified: Thu, 27 Oct 2022 18:14:21 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashc22da7ef9d9661440ea75c23cb583813 45e567955ce3901a1f2d723fdab3c607f7419dd9 2499384fa96f3b1644f5ff8ec2f7a058f5e9b516684e89eb3ff1a1a3060ff053
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: fBfmOMtJbl77w9qOVY4JyMbQ5J6iwSEQblLNLYSzuXRoHfXLEr8KvEdc6EpMPe0QWueMR17xXWI=
x-amz-request-id: FDNAHT1XYZ265VXT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 06:20:42 GMT
age: 2151
last-modified: Thu, 20 Oct 2022 20:34:01 GMT
etag: "c22da7ef9d9661440ea75c23cb583813"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 | 34.102.187.140 | 200 OK | 1.7 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (1719), with no line terminators Hash1971557ee32481ccb55dd637b351b263 be18a39de55151bb40ab40c95de41468fa47b8a2 cfffc68c1707cfbf7e93112696e899f31e4473c82130180e5767b4889e6c62ee
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Tue, 15 Nov 2022 06:26:43 GMT
cache-control: public,max-age=3600
age: 1790
last-modified: Mon, 31 Oct 2022 17:42:02 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22 | 34.102.187.140 | 200 OK | 1.3 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22 IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (1300), with no line terminators Hashc7e9f96e1a2142cb3ec17a1db32add0d 866196b5baab2194581407bdd1297f1934941675 81eb7fe101ad6a8966865dec8d3e0f73b7b81a8b519cb8cfc8abc1846e4c82b9
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1300
via: 1.1 google
date: Tue, 15 Nov 2022 05:57:24 GMT
cache-control: public,max-age=3600
age: 3550
last-modified: Mon, 31 Oct 2022 14:12:00 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash1b13f2aa6287363f3e156c84a462cc59 6ed0ac6e65bb8eb692129cb94badf7720807ef80 48df03c44ba508079fc3d698512f36c0d2f249ac8231451eff11098dcad529dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=128771
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:34 GMT
Etag: "63728c25-117"
Expires: Wed, 16 Nov 2022 18:42:45 GMT
Last-Modified: Mon, 14 Nov 2022 18:42:45 GMT
Server: nginx
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash1b13f2aa6287363f3e156c84a462cc59 6ed0ac6e65bb8eb692129cb94badf7720807ef80 48df03c44ba508079fc3d698512f36c0d2f249ac8231451eff11098dcad529dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=128771
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:34 GMT
Etag: "63728c25-117"
Expires: Wed, 16 Nov 2022 18:42:45 GMT
Last-Modified: Mon, 14 Nov 2022 18:42:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
|
|
| detectportal.firefox.com/success.txt?ipv4 | 34.107.221.82 | 200 OK | 8 B |
URL HTTP/1.1detectportal.firefox.com/success.txt?ipv4 IP34.107.221.82:0
Hashae780585f49b94ce1444eb7d28906123 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 14 Nov 2022 07:11:16 GMT
Age: 85518
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 1.2 kB |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
File typegzip compressed data, from Unix\012- data Hash9a4276b5c6313f5ee8b59236436d20c0 ae4e055b8d307de56dbfab34155fa04f32a249e7 4781d171e0bedc640eac0d8e79c373ef9c109179b5deb996b2143e60cf655331
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4685
Expires: Tue, 15 Nov 2022 08:14:39 GMT
Date: Tue, 15 Nov 2022 06:56:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash29b1503232a9cf0843bd9f0d01c0a9a5 620b3b98a58cd32175d40534dca81ef4a26d880f 1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4685
Expires: Tue, 15 Nov 2022 08:14:39 GMT
Date: Tue, 15 Nov 2022 06:56:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash29b1503232a9cf0843bd9f0d01c0a9a5 620b3b98a58cd32175d40534dca81ef4a26d880f 1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4685
Expires: Tue, 15 Nov 2022 08:14:39 GMT
Date: Tue, 15 Nov 2022 06:56:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash29b1503232a9cf0843bd9f0d01c0a9a5 620b3b98a58cd32175d40534dca81ef4a26d880f 1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4685
Expires: Tue, 15 Nov 2022 08:14:39 GMT
Date: Tue, 15 Nov 2022 06:56:34 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash1af800aa2b326e8af0f2640db68a7a0d 4c617814f5c705737bf4bf111c53bf40bb932af5 594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash032386e5c9dffff1ba1ee5e8a322d438 dd4fd6c803a9b333bace9a541c6bd183d0c56bb9 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HSNfGUJHQAK1pFU3LmKXa2o56F6QvbFaH_eRxfjMz4GboLKtsc91pg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 05:59:01 GMT
age: 3453
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg | 34.120.237.76 | 200 OK | 6.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4af82634a56d0978c9b4689c8b7eb8ae 4b40ef08bd37cabfcb937053dd58012abdd6620f 476a9f850cfbe41adea1d699fdf4f04424674c53b268681fa6fc0e226bed0797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6318
x-amzn-requestid: 6469c84d-fc45-470e-a438-2fb81dae70c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPtyHpXoAMFfWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705ff1-53ab9291301773c048f69696;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w-ycM-G6gAU8xssl0r8gTPLLLimSjv4M5VUONl8bynl_A2EzlmXoaw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:53:51 GMT
age: 10963
etag: "4b40ef08bd37cabfcb937053dd58012abdd6620f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfe4f5dc12e097182fed4de0161bc5b8a 746804d683bea55f44d5f6456a7e69d0048e4f58 d8a2095cd57455bab301ae68b7478997f3db056039886d85301eb85d7d196cf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5882
x-amzn-requestid: 3269a61b-6246-42bc-a3f6-ba2fc6708c4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPteF0SIAMFp8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705fef-48758a23646243030346d9d9;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fXm81LDpPcdG5wr5OA5jUT_wDh8oRuNYYRmlyOdjrPzj42J5FAEOQQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 04:08:35 GMT
age: 10079
etag: "746804d683bea55f44d5f6456a7e69d0048e4f58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash94c82cd0e4204ea23b9bd86a3f576fa8 1651325ad361d1c86a4b81edb6b75af27f490a39 0173a565be87e87b2a8fccb3bfe4f237ddd9fdafa5711e79f0c4381882238886
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8025
x-amzn-requestid: e7f9048b-7b8a-4e69-954f-31a7be2548e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bRUl5HvRoAMFy0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636a0158-063e221d1d6a4dac5f42ec48;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 07:12:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Fu14fmRDqxHs_RHrfXZRez5LnYW6HNuD-AvFDdzQwsxa1BPBFEqh-A==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:35:56 GMT
age: 12038
etag: "1651325ad361d1c86a4b81edb6b75af27f490a39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg | 34.120.237.76 | 200 OK | 4.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb18dc101656c2e449e5f54ff7b7fb10b d5ba3b6a069a74b5db3560a265728e627f6fe18d 53a73577e37651a936a5841fe06e40475e06ce6fa9e14fc0590ddc7aba421dd2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4394
x-amzn-requestid: fd389a5e-b816-4bd8-a073-2f52fea5bfab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhtFfnIAMF1rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b471-133a3285137912af436daffd;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:41 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6i-blK0B05DT_CvizlmYpcDTpDV8IZLOIrukIQPW6FISAuXa1T0FdQ==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 32952
etag: "d5ba3b6a069a74b5db3560a265728e627f6fe18d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07797f-dd0a-4d91-86dd-362bcde1053e.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07797f-dd0a-4d91-86dd-362bcde1053e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash14d5eaa5fe940564f077ca611f6e3fbe 032b8bfc63294a55ff49ee7186768bd9728ce103 7bed85f8f78ba7e1fad560d0ea311a65bff33aaf5f3226bef392ddc10f52d620
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07797f-dd0a-4d91-86dd-362bcde1053e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12942
x-amzn-requestid: fd589c13-7784-4e3a-b928-908fd2b8f98a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8hgHQvIAMFmfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-29db9a7832efa131593951f2;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f-hb5cPg2rs4xJls_0z3RbITwQlh__E1X7YkHZeISA2jOm3MX0CKrA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 05:59:09 GMT
age: 3445
etag: "032b8bfc63294a55ff49ee7186768bd9728ce103"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-62785402-87 | 142.250.74.168 | 200 OK | 44 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-62785402-87 IP142.250.74.168:0
File typeASCII text, with very long lines (1921) Hash8c2d8f4b9a2d0d4c38a24de0070e89ec 4a39fb3b1e97e706af63e7217d2442fc86f145e3 045f754475a8b6dfa3d7e99391addfea522095f8d03e5c7d4ddf1ff821b7240c
GET /gtag/js?id=UA-62785402-87 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 06:56:34 GMT
expires: Tue, 15 Nov 2022 06:56:34 GMT
cache-control: private, max-age=900
last-modified: Tue, 15 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash1af800aa2b326e8af0f2640db68a7a0d 4c617814f5c705737bf4bf111c53bf40bb932af5 594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashb2d6aeeb303eaefc4cc6900e30da3b1b 4c3c027013211aa1b987006d0eb6c72f18c6a657 f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashb2d6aeeb303eaefc4cc6900e30da3b1b 4c3c027013211aa1b987006d0eb6c72f18c6a657 f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash2316d2d43aee9525cdb65b3eb2ff53a0 cad4229071cf919cb3471632ac4924cfd1a97431 99d5cce0549dbb29351735d3e15f9cde16b2ca18c57581c8110b2c54998fa28d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash2316d2d43aee9525cdb65b3eb2ff53a0 cad4229071cf919cb3471632ac4924cfd1a97431 99d5cce0549dbb29351735d3e15f9cde16b2ca18c57581c8110b2c54998fa28d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashb2d6aeeb303eaefc4cc6900e30da3b1b 4c3c027013211aa1b987006d0eb6c72f18c6a657 f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash65cc9a457d6274ae15ae1b948065abde a1f06e59bdbdf9f3778c1de5b2014163e690016e c0147bc6f2f1ac2cfe1c8b235e608dcd24104253e80e03ead0ac6dc152f459b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4377
Cache-Control: max-age=162288
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Etag: "6372fdfa-117"
Expires: Thu, 17 Nov 2022 04:01:23 GMT
Last-Modified: Tue, 15 Nov 2022 02:48:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6ea606a3c83b6b14b9375c84e37870d8 d73a898c2f3eba8e71d6d4f675c47107df0a5795 0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6ea606a3c83b6b14b9375c84e37870d8 d73a898c2f3eba8e71d6d4f675c47107df0a5795 0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6ea606a3c83b6b14b9375c84e37870d8 d73a898c2f3eba8e71d6d4f675c47107df0a5795 0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.195 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Hashac0d2859ea5f8fd6bcb3c305c08ec184 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sonuvita.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 16:40:18 GMT
expires: Fri, 10 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 396977
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6ea606a3c83b6b14b9375c84e37870d8 d73a898c2f3eba8e71d6d4f675c47107df0a5795 0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 | 216.58.207.195 | 200 OK | 25 kB |
URL HTTP/2fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 25036, version 1.0\012- data Hash9dd150fb7229e143e0f71ba1fe8c8f63 664abfc4941054600213dda51a3d6f0d05b3c312 cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sonuvita.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 23:09:40 GMT
expires: Sat, 11 Nov 2023 23:09:40 GMT
cache-control: public, max-age=31536000
age: 287215
last-modified: Mon, 11 Jul 2022 18:59:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash65cc9a457d6274ae15ae1b948065abde a1f06e59bdbdf9f3778c1de5b2014163e690016e c0147bc6f2f1ac2cfe1c8b235e608dcd24104253e80e03ead0ac6dc152f459b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4377
Cache-Control: max-age=162288
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Etag: "6372fdfa-117"
Expires: Thu, 17 Nov 2022 04:01:23 GMT
Last-Modified: Tue, 15 Nov 2022 02:48:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash08fcaa46ea92b130a903ddcf748520b7 9744fbc0680a5dfd78b973215c616d601ece1f57 cff4ab22e788d4c75399096f522d6b058d064c98a2374bc26611a4ecbb2e1e23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash08fcaa46ea92b130a903ddcf748520b7 9744fbc0680a5dfd78b973215c616d601ece1f57 cff4ab22e788d4c75399096f522d6b058d064c98a2374bc26611a4ecbb2e1e23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash08fcaa46ea92b130a903ddcf748520b7 9744fbc0680a5dfd78b973215c616d601ece1f57 cff4ab22e788d4c75399096f522d6b058d064c98a2374bc26611a4ecbb2e1e23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 15 Nov 2022 06:41:09 GMT
expires: Tue, 15 Nov 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 926
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash08fcaa46ea92b130a903ddcf748520b7 9744fbc0680a5dfd78b973215c616d601ece1f57 cff4ab22e788d4c75399096f522d6b058d064c98a2374bc26611a4ecbb2e1e23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash08fcaa46ea92b130a903ddcf748520b7 9744fbc0680a5dfd78b973215c616d601ece1f57 cff4ab22e788d4c75399096f522d6b058d064c98a2374bc26611a4ecbb2e1e23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash9d9493125a22b98bd2ac3a1b11cc0a12 8334175b79551b1e0592f63eb606543c915983a2 a583076207a416f2ccbb70821bc5185bb6b8e86180221014638af5af3b34a7fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.youtube.com/iframe_api | 142.250.74.110 | 200 OK | 523 B |
URL HTTP/2www.youtube.com/iframe_api IP142.250.74.110:0
File typeASCII text, with very long lines (509) Hash4955a2e08cfe091b28665e49e233f392 0d6d2c3b15bc8dd593a7df09c7042e418cc0478c 690385a67302b31941108e0f43a452a0ecffeacbc34c7b011f4a6bf8e639f5dd
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 15 Nov 2022 06:56:35 GMT
date: Tue, 15 Nov 2022 06:56:35 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=0fAixoqW5A4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=UWvCpB39Zgo; Domain=.youtube.com; Expires=Sun, 14-May-2023 06:56:35 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+864; expires=Thu, 14-Nov-2024 06:56:35 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/b50b69c9/www-widgetapi.vflset/www-widgetapi.js | 142.250.74.110 | 200 OK | 54 kB |
URL HTTP/2www.youtube.com/s/player/b50b69c9/www-widgetapi.vflset/www-widgetapi.js IP142.250.74.110:0
File typeASCII text, with very long lines (817) Hash5abedbc1a6421fb43760b6ceedd02572 0388e03c4f14689ecc8438eb9c95d0ad7fe81d1b 5d5057417cbfa5fbbdf0ec2b647ca543e03b716fac92f2b41103f92a2ba1bbe9
GET /s/player/b50b69c9/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 53804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 16:56:08 GMT
expires: Tue, 14 Nov 2023 16:56:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
content-type: text/javascript
age: 50427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash9d9493125a22b98bd2ac3a1b11cc0a12 8334175b79551b1e0592f63eb606543c915983a2 a583076207a416f2ccbb70821bc5185bb6b8e86180221014638af5af3b34a7fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| storage.googleapis.com/offerimages/sonuvita/custom/images/transcript/68-image-1.jpg | 142.250.74.48 | 200 OK | 52 kB |
URL HTTP/2storage.googleapis.com/offerimages/sonuvita/custom/images/transcript/68-image-1.jpg IP142.250.74.48:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 1531x448, components 3\012- data Hash60ac05784724b708df88ce485d9f866b ebc061f0a12d73399539fad271aaee9cea1d25df 04e9fd55368667d5c4a8497a530f2f1341a91f26e22bbfaa269ab87f13e0d993
GET /offerimages/sonuvita/custom/images/transcript/68-image-1.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduXeUTG2IQBo_FBRa7VAfwlV5cdN2GqlxTBOrBg7en7XGJ6WARCm51-jYhSHbIabu2XxHxCihLpubHMRmTpfErPq6UN-R0G
x-goog-generation: 1652194586252822
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 51597
x-goog-hash: crc32c=cLBpww==, md5=YKwFeEcktwjfiM5IXZ+Gaw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 51597
server: UploadServer
date: Tue, 15 Nov 2022 06:56:35 GMT
expires: Tue, 15 Nov 2022 07:56:35 GMT
cache-control: public, max-age=3600
last-modified: Tue, 10 May 2022 14:56:26 GMT
etag: "60ac05784724b708df88ce485d9f866b"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| storage.googleapis.com/offerimages/sonuvita/images/products/prod9/6-bottles.png | 142.250.74.48 | 200 OK | 170 kB |
URL HTTP/2storage.googleapis.com/offerimages/sonuvita/images/products/prod9/6-bottles.png IP142.250.74.48:0
File typePNG image data, 1078 x 600, 8-bit colormap, non-interlaced\012- data Size170 kB (169936 bytes) Hash753ad725420f2dec88038163052cc9c6 af6ab0f948732b8a123f1db8b1338a88d940d9ed b797a26e92858744c7b98b738d79ee2787566c61e365b9f87cdc2b253ae4094f
GET /offerimages/sonuvita/images/products/prod9/6-bottles.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvHH4_8pMM3m-6puy1DX0G1meqAF3a8amr8V-v-lzyp101xG9JwpNLw21woqC9MJPyr1DB4tDoEV9enK-F_AerBPTz-waOG
x-goog-generation: 1664534593327845
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 169936
x-goog-hash: crc32c=YXfE3g==, md5=dTrXJUIPLeyIA4FjBSzJxg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 169936
server: UploadServer
date: Tue, 15 Nov 2022 06:56:35 GMT
expires: Tue, 15 Nov 2022 07:56:35 GMT
cache-control: public, max-age=3600
last-modified: Fri, 30 Sep 2022 10:43:13 GMT
etag: "753ad725420f2dec88038163052cc9c6"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashfc4a04199fa01765b3b7889e637dc123 6288b4b806225852ef623d1e387a3f213e8338e5 3cb7a09cf97218769e8823c6ee4987a784c36aca694ccd5ee1f58343a675199d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash05dca23f6e874e5548f99d3aeaa60e32 3cc87be7a6233ce555ef0ae3402e30fd864dea6a a4891aaedef25691727800b9c4b6edce0370e82d6589a6c2e1c0e5e530994c39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129854
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:35 GMT
Etag: "63729061-116"
Expires: Wed, 16 Nov 2022 19:00:49 GMT
Last-Modified: Mon, 14 Nov 2022 19:00:49 GMT
Server: nginx
Content-Length: 278
|
|
| storage.googleapis.com/offerimages/sonuvita/images/custom/exit-popup.png | 142.250.74.48 | 200 OK | 9.9 kB |
URL HTTP/2storage.googleapis.com/offerimages/sonuvita/images/custom/exit-popup.png IP142.250.74.48:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 288x152, components 3\012- data Hash05015231118dac51e16cbbf71cffd72b 964ed170df69a712b99a8d83e6524ac0665ffff3 651a98148ff60e471b5d6a15c3d8e88e96c2432341f88c8e2c25c2ab2685f8cd
GET /offerimages/sonuvita/images/custom/exit-popup.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduT2ZSTj1EARcysKgUDN1NeVKb93Y2GSdJSMfwvbGSCN_L6-bSVsHksUPw8kJQZd2_CQqd8ywLadPBVrKMX-kPJtrws8AX4
expires: Tue, 15 Nov 2022 07:56:35 GMT
date: Tue, 15 Nov 2022 06:56:35 GMT
cache-control: public, max-age=3600
last-modified: Fri, 30 Sep 2022 10:43:14 GMT
etag: "05015231118dac51e16cbbf71cffd72b"
x-goog-generation: 1664534594600901
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9913
content-type: image/png
x-goog-hash: crc32c=1vuFnw==, md5=BQFSMRGNrFHhbLv3HP/XKw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 9913
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| storage.googleapis.com/offerimages/sonuvita/images/custom/shortcut-icon.png | 142.250.74.48 | 200 OK | 369 B |
URL HTTP/2storage.googleapis.com/offerimages/sonuvita/images/custom/shortcut-icon.png IP142.250.74.48:0
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data Hash5fbcf75e2c735441f592b4fe9ff0df50 cea6384aedcdc549adcf78e31c9bee0dd3d7a135 82aa928d11646275d1363d0d9fa437ed74538b7e0ab3ca4f2f97a6049192dbf1
GET /offerimages/sonuvita/images/custom/shortcut-icon.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv83ZWG2r1ovWVRbNp7KJKQennzValqC6iSwbSzjH4h_T7MZc-ZvjTV_dzPg0QrMwWp8QShqm4eS2FoTStt1CYHRWKiVlNs
expires: Tue, 15 Nov 2022 07:56:35 GMT
date: Tue, 15 Nov 2022 06:56:35 GMT
cache-control: public, max-age=3600
last-modified: Thu, 27 Oct 2022 10:04:27 GMT
etag: "5fbcf75e2c735441f592b4fe9ff0df50"
x-goog-generation: 1666865067332124
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 369
content-type: image/png
x-goog-hash: crc32c=W9jorQ==, md5=X7z3XixzVEH1krT+n/DfUA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 369
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| storage.googleapis.com/offerimages/sonuvita/custom/images/transcript/68-image-2.jpg | 142.250.74.48 | 200 OK | 20 kB |
URL HTTP/2storage.googleapis.com/offerimages/sonuvita/custom/images/transcript/68-image-2.jpg IP142.250.74.48:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 397x600, components 3\012- data Hashf6f0959ea7513b2abe2ace7af16835e5 e57351b7d921bd761c6e6c0c250bbeddc702ceaa 6b432ffefe7348ee7ad0bd0effbae076966a0f06c70b65788679710dc28a1a33
GET /offerimages/sonuvita/custom/images/transcript/68-image-2.jpg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtydRg5yJKTOdUHMD4oJEv0A5Ldvn1y1AFfBdZZ6aLvgOvYmT4h17y1NJDnS4aV75J1NM_owI1ytfcxcMrouL8o1ynPatNM
expires: Tue, 15 Nov 2022 07:56:35 GMT
date: Tue, 15 Nov 2022 06:56:35 GMT
cache-control: public, max-age=3600
last-modified: Tue, 10 May 2022 14:56:26 GMT
etag: "f6f0959ea7513b2abe2ace7af16835e5"
x-goog-generation: 1652194586734458
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 19456
content-type: image/jpeg
x-goog-hash: crc32c=Fx+rGw==, md5=9vCVnqdROyq+Ks568Wg15Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 19456
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| storage.googleapis.com/offerimages/sonuvita/images/products/prod11/6-bottles.png | 142.250.74.48 | 200 OK | 170 kB |
URL HTTP/2storage.googleapis.com/offerimages/sonuvita/images/products/prod11/6-bottles.png IP142.250.74.48:0
File typePNG image data, 1078 x 600, 8-bit colormap, non-interlaced\012- data Size170 kB (169936 bytes) Hash753ad725420f2dec88038163052cc9c6 af6ab0f948732b8a123f1db8b1338a88d940d9ed b797a26e92858744c7b98b738d79ee2787566c61e365b9f87cdc2b253ae4094f
GET /offerimages/sonuvita/images/products/prod11/6-bottles.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt32OL_cDX2uS1Wog4mnylLD0uktdHSj83b6BFALY9yHsLcZFcI9mCSRGb-6PVQ-2Weth8GL5_BO4K7JdK7dJatm_MoOiEO
expires: Tue, 15 Nov 2022 07:56:35 GMT
date: Tue, 15 Nov 2022 06:56:35 GMT
cache-control: public, max-age=3600
last-modified: Fri, 30 Sep 2022 10:43:13 GMT
etag: "753ad725420f2dec88038163052cc9c6"
x-goog-generation: 1664534593802335
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 169936
content-type: image/png
x-goog-hash: crc32c=YXfE3g==, md5=dTrXJUIPLeyIA4FjBSzJxg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 169936
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash68a04663a52ab4272c25f5afcc09a92d 48b0722227353d06cb1dfd4480b644be6e6fc030 892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash7c6a6db24d1ff3ffe787a8a5f78ef812 d9b2d385df52929ea7c6080b7c2e10c38df51572 3950ecddae384c36f9fb092dd5d27d3aa20c1197a37ff465d0bd350952dd9774
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.doubleclick.net/instream/ad_status.js | 142.250.74.166 | 200 OK | 29 B |
URL HTTP/2static.doubleclick.net/instream/ad_status.js IP142.250.74.166:0
Hash1fa71744db23d0f8df9cce6719defcb7 e4be9b7136697942a036f97cf26ebaf703ad2067 eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 06:44:05 GMT
expires: Tue, 15 Nov 2022 06:59:05 GMT
cache-control: public, max-age=900
age: 751
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| go.maxweb.com/conversion/iframe/?a=7290&token=a94b623aa5775d35e660bc7eaabd0bc7 | 172.66.43.113 | 200 OK | 50 B |
URL HTTP/2go.maxweb.com/conversion/iframe/?a=7290&token=a94b623aa5775d35e660bc7eaabd0bc7 IP172.66.43.113:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators Hashcbfb19b0c07aaa9aac4a8bc78b6fcb45 c1122a6862a96ddee43ba4b7011fefb71fae3890 90e91281fb39bab96d8c1f34f2feb5771a56848faa3fd848688857a01afcf742
GET /conversion/iframe/?a=7290&token=a94b623aa5775d35e660bc7eaabd0bc7 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 06:56:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 15 Nov 2022 07:56:36 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76a616802ad0b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash7c6a6db24d1ff3ffe787a8a5f78ef812 d9b2d385df52929ea7c6080b7c2e10c38df51572 3950ecddae384c36f9fb092dd5d27d3aa20c1197a37ff465d0bd350952dd9774
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash68a04663a52ab4272c25f5afcc09a92d 48b0722227353d06cb1dfd4480b644be6e6fc030 892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 216.58.207.202 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP216.58.207.202:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 15 Nov 2022 06:56:36 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 216.58.207.202 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP216.58.207.202:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hashf5faafd00945a74e27565d0de3a8ece5 619eaff60abd78c5c405fbfd4ba1342ba14eae12 c4019cd2d1395b8fd87d389fafcc2fa2c947401789fbd0042104770499d42fbc
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 15 Nov 2022 06:56:36 GMT
server: ESF
cache-control: private
content-length: 30917
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash8094f6d66cd067b92b99cc3c1ec916c6 cdb6d27ace38846e7a770dafce189f90a30db886 f07248933eddbab19c1153daaece5a2c3bcb421598bfab2c4b0f4c547d75e817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| storage.googleapis.com/offerimages/sonuvita/images/products/prod8/3-bottles.png | 142.250.74.48 | 200 OK | 14 kB |
URL HTTP/2storage.googleapis.com/offerimages/sonuvita/images/products/prod8/3-bottles.png IP142.250.74.48:0
Hash7d6dc2989ad5a0a0590a37f1e0d2fb53 d8a8adcb74248ab834fa21e83d4935dd9a1ff4aa 92dfcdcf42525cfbe070b98ead507fa1cb2db11b4e5d390b64f04fc661c6515c
GET /offerimages/sonuvita/images/products/prod8/3-bottles.png HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvRlml89N7DFHRSUyL-Lahgs9_QuE40nPo2M2rDNGvzQT6xofZEco4nMjS7J_h_l1HDviP7eOB8za6mPUcABdkTerNu9pay
expires: Tue, 15 Nov 2022 07:56:35 GMT
date: Tue, 15 Nov 2022 06:56:35 GMT
cache-control: public, max-age=3600
last-modified: Fri, 30 Sep 2022 10:43:13 GMT
etag: "e3ebe6a0ddbd1691888a5fcb19cf1b3a"
x-goog-generation: 1664534593101770
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 127132
content-type: image/png
x-goog-hash: crc32c=L81eJQ==, md5=4+vmoN29FpGIil/LGc8bOg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 127132
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash188acd4738d46f1bef7b2b553064fc64 f2d738d64c7cd5cd10a831be218b6128df380631 3cdf0097c134e71b4949a613f50c295b7c67df69ec09ac7978f7be0884c19e74
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-76&cid=1240254118.1668495395&jid=335974131&gjid=1428731408&_gid=1729443428.1668495395&_u=4GDAAUABAAAAACAAI~&z=458258743 | 142.251.1.157 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-76&cid=1240254118.1668495395&jid=335974131&gjid=1428731408&_gid=1729443428.1668495395&_u=4GDAAUABAAAAACAAI~&z=458258743 IP142.251.1.157:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-76&cid=1240254118.1668495395&jid=335974131&gjid=1428731408&_gid=1729443428.1668495395&_u=4GDAAUABAAAAACAAI~&z=458258743 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.sonuvita.com
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.sonuvita.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 15 Nov 2022 06:56:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-87&cid=1240254118.1668495395&jid=1646193581&gjid=1513137098&_gid=1729443428.1668495395&_u=4GBAAUAAAAAAACAAI~&z=603690795 | 142.251.1.157 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-87&cid=1240254118.1668495395&jid=1646193581&gjid=1513137098&_gid=1729443428.1668495395&_u=4GBAAUAAAAAAACAAI~&z=603690795 IP142.251.1.157:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-87&cid=1240254118.1668495395&jid=1646193581&gjid=1513137098&_gid=1729443428.1668495395&_u=4GBAAUAAAAAAACAAI~&z=603690795 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.sonuvita.com
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.sonuvita.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 15 Nov 2022 06:56:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash4a57291a56e0d7ffa0b4888b59a422b8 7a748cb78b21bbb7c4eb1ddc331ffa9d12d33248 9cc42b59af0f988712634b9430c4a0be52e5575d7e3458ddd872a751484612a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/ytc/AMLnZu8KG2nBLFjF8dDBIfYEVC1EgWSwcwrOHggf48MN7mVWisIshbCwrKnwRBsF8hFS=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 924 B |
URL HTTP/2yt3.ggpht.com/ytc/AMLnZu8KG2nBLFjF8dDBIfYEVC1EgWSwcwrOHggf48MN7mVWisIshbCwrKnwRBsF8hFS=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data Hash4017c69565452bc9748876b8c0d21ed7 1b0e75c73f5c31871cb3a8bdf8fdcc2b8c6cd2d7 53e5228a50a6726e95c788e69459c9521b881e8b007940569a885fdaf739af09
GET /ytc/AMLnZu8KG2nBLFjF8dDBIfYEVC1EgWSwcwrOHggf48MN7mVWisIshbCwrKnwRBsF8hFS=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 924
x-xss-protection: 0
date: Tue, 15 Nov 2022 05:35:12 GMT
expires: Wed, 16 Nov 2022 05:35:12 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 4884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashc3304327b77a6a8e6b9ee69f63c5c81f 20f2dc91fc2fbd013d9fa40806c2061b50262cd0 7e069ab5b61bfec87f840bf474e68373b749c3bd1d514cd2ade049efd9129d46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 216.58.207.202 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP216.58.207.202:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 15 Nov 2022 06:56:36 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| i.ytimg.com/vi/auRXQDL0Ei8/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLBz441o22nCj9Rs4vTk27eRD53kmg | 142.250.74.182 | 200 OK | 23 kB |
URL HTTP/2i.ytimg.com/vi/auRXQDL0Ei8/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLBz441o22nCj9Rs4vTk27eRD53kmg IP142.250.74.182:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data Hashdd4aed5b156580c192d7038474db4837 b4dc0b2413fe7af9b0c6a7ac45f33bd96be81cb5 fdcf296fedcb8d542cebef4e262b5ee766b69f4238359eac6eef35bcdf943aa6
GET /vi/auRXQDL0Ei8/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLBz441o22nCj9Rs4vTk27eRD53kmg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 23158
date: Tue, 15 Nov 2022 06:56:36 GMT
expires: Tue, 15 Nov 2022 08:56:36 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 216.58.207.202 | 200 OK | 114 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP216.58.207.202:0
File typeJSON data\012- , ASCII text, with no line terminators Hash0cb3ec8d1fd3076b2296b6fcb739035c 8419a9b4f5c20e99ff458f92b5d7460e2f2210b5 239c35cc757a82a4314080b651830f76aed07d646cfe79f7d9b78bc8115374ca
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1258
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 15 Nov 2022 06:56:36 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash188acd4738d46f1bef7b2b553064fc64 f2d738d64c7cd5cd10a831be218b6128df380631 3cdf0097c134e71b4949a613f50c295b7c67df69ec09ac7978f7be0884c19e74
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash0ee6fa1263324bed2b3d2c99f9dd5f71 c2b6c0df075c4590dcba0cdf460e75c8d25b7dd7 cb3acdb9ac72521402996dc38e576d03a2794347e2a52b4bae1b07d730ed0e15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash0ee6fa1263324bed2b3d2c99f9dd5f71 c2b6c0df075c4590dcba0cdf460e75c8d25b7dd7 cb3acdb9ac72521402996dc38e576d03a2794347e2a52b4bae1b07d730ed0e15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=VF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2568750&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&mt=1668494727&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgGThpvDJnL1C9nQ-kOenmbb2s_JZmpm4TfeS6oCXHZ5QCIH2AMEDcO9WQyUMFP70ZoKB7IEae2Nzq4th4FWKW12Lh&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&range=0-141011&rn=1&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= | 91.90.45.172 | 200 OK | 1.2 kB |
URL HTTP/1.1rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=VF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2568750&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&mt=1668494727&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgGThpvDJnL1C9nQ-kOenmbb2s_JZmpm4TfeS6oCXHZ5QCIH2AMEDcO9WQyUMFP70ZoKB7IEae2Nzq4th4FWKW12Lh&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&range=0-141011&rn=1&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= IP91.90.45.172:0 ASN#50304 Blix Solutions AS
File typeASCII text, with very long lines (1249), with no line terminators Hashe0c8b94d8910c0a8d2a2d3fa30c2550a c884a36eb789dbc8d121e125531509777b09e4cb 7653d2c60345ecc4916afa3aa970c4523c9bdc107807d9328cc2fc0e9c47cc71
GET /videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=VF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2568750&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&mt=1668494727&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgGThpvDJnL1C9nQ-kOenmbb2s_JZmpm4TfeS6oCXHZ5QCIH2AMEDcO9WQyUMFP70ZoKB7IEae2Nzq4th4FWKW12Lh&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&range=0-141011&rn=1&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 15 Nov 2022 06:56:37 GMT
Expires: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1249
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=251&source=youtube&requiressl=yes&mh=VF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2568750&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=audio%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=57711018&dur=3645.761&lmt=1657775643923696&mt=1668494727&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPeME9ESnG6i1-NgOiGhFZlizhlCyKoM8cYrKqFpQ20NAiEAySXfDh9wVAwrCI8eDu5br8gbSOzZHe1ISo7-6jsCMuE%3D&alr=yes&sig=AOq0QJ8wRgIhAPWks1akoJ-nofiv-WxQ0mznnFqAWEO0H1Ag2ZymixnoAiEA6Hq9ad3RqqhBI3hlMY6itiMtRZKKD7qerGrkLlTLvZ8%3D&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&range=0-72264&rn=2&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= | 91.90.45.172 | 200 OK | 1.2 kB |
URL HTTP/1.1rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=251&source=youtube&requiressl=yes&mh=VF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2568750&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=audio%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=57711018&dur=3645.761&lmt=1657775643923696&mt=1668494727&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPeME9ESnG6i1-NgOiGhFZlizhlCyKoM8cYrKqFpQ20NAiEAySXfDh9wVAwrCI8eDu5br8gbSOzZHe1ISo7-6jsCMuE%3D&alr=yes&sig=AOq0QJ8wRgIhAPWks1akoJ-nofiv-WxQ0mznnFqAWEO0H1Ag2ZymixnoAiEA6Hq9ad3RqqhBI3hlMY6itiMtRZKKD7qerGrkLlTLvZ8%3D&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&range=0-72264&rn=2&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= IP91.90.45.172:0 ASN#50304 Blix Solutions AS
File typeASCII text, with very long lines (1177), with no line terminators Hashe8324a484d2055b7f908c1d35c818b8a 56c912180f87e3ae96e3d1dc0634ec706f1bea99 090be2692449fcdd71c4e6caab1680423805c799e590fc729c8ab22cd89503e6
GET /videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=251&source=youtube&requiressl=yes&mh=VF&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2568750&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=audio%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=57711018&dur=3645.761&lmt=1657775643923696&mt=1668494727&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPeME9ESnG6i1-NgOiGhFZlizhlCyKoM8cYrKqFpQ20NAiEAySXfDh9wVAwrCI8eDu5br8gbSOzZHe1ISo7-6jsCMuE%3D&alr=yes&sig=AOq0QJ8wRgIhAPWks1akoJ-nofiv-WxQ0mznnFqAWEO0H1Ag2ZymixnoAiEA6Hq9ad3RqqhBI3hlMY6itiMtRZKKD7qerGrkLlTLvZ8%3D&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&range=0-72264&rn=2&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 15 Nov 2022 06:56:37 GMT
Expires: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1177
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash0ee6fa1263324bed2b3d2c99f9dd5f71 c2b6c0df075c4590dcba0cdf460e75c8d25b7dd7 cb3acdb9ac72521402996dc38e576d03a2794347e2a52b4bae1b07d730ed0e15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashbb5d8a1abe7ea4bf20b573f59d050ab8 f4cb3a86df01b8e9b7355ce3ddabf953fd7ae412 0821cc1e1e7b7ae0c66ff3a56d6fab41e80c41f1c580b1a035bf3518dcc4ae40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashbb5d8a1abe7ea4bf20b573f59d050ab8 f4cb3a86df01b8e9b7355ce3ddabf953fd7ae412 0821cc1e1e7b7ae0c66ff3a56d6fab41e80c41f1c580b1a035bf3518dcc4ae40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr5---sn-5goeen7r.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=VF&mm=29&mn=sn-5goeen7r&ms=rdu&mt=1668495220&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMrSP028tQ1wCBGnIx1e_UpaOLmmwr4iGIr5vZn_5ekHAiEAm8tyTmD5RVQDYgK2TLsJbicyBzd-cKI6ZVAN3GUHj1U%3D&range=0-141011&rn=3&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= | 173.194.150.219 | 200 OK | 1.3 kB |
URL HTTP/1.1rr5---sn-5goeen7r.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=VF&mm=29&mn=sn-5goeen7r&ms=rdu&mt=1668495220&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMrSP028tQ1wCBGnIx1e_UpaOLmmwr4iGIr5vZn_5ekHAiEAm8tyTmD5RVQDYgK2TLsJbicyBzd-cKI6ZVAN3GUHj1U%3D&range=0-141011&rn=3&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= IP173.194.150.219:0
File typeASCII text, with very long lines (1260), with no line terminators Hash1ed2005a930190feebb7f50b91709b7d 6a8ffffb43c2f90dbcddbb526a31ecd1dc5b07f9 733a4ccb59e013232accc1f60c59f07666a9d299e8bed40ad0ccb0ea60dcaf1a
GET /videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=VF&mm=29&mn=sn-5goeen7r&ms=rdu&mt=1668495220&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAMrSP028tQ1wCBGnIx1e_UpaOLmmwr4iGIr5vZn_5ekHAiEAm8tyTmD5RVQDYgK2TLsJbicyBzd-cKI6ZVAN3GUHj1U%3D&range=0-141011&rn=3&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= HTTP/1.1
Host: rr5---sn-5goeen7r.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 15 Nov 2022 06:56:37 GMT
Expires: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1260
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr5---sn-5goeen7r.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=251&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=audio%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=57711018&dur=3645.761&lmt=1657775643923696&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAPWks1akoJ-nofiv-WxQ0mznnFqAWEO0H1Ag2ZymixnoAiEA6Hq9ad3RqqhBI3hlMY6itiMtRZKKD7qerGrkLlTLvZ8%3D&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=VF&mm=29&mn=sn-5goeen7r&ms=rdu&mt=1668495220&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJdvgZGplxXnxee2tPlq6v3gE7c22Jpp8CmxeWjJJA6iAiAd7dH2_1PX0k8-7i01EsYctdNsKD7lJdC6L-ndUEbrKA%3D%3D&range=0-72264&rn=4&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= | 173.194.150.219 | 200 OK | 72 kB |
URL HTTP/1.1rr5---sn-5goeen7r.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=251&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=audio%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=57711018&dur=3645.761&lmt=1657775643923696&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAPWks1akoJ-nofiv-WxQ0mznnFqAWEO0H1Ag2ZymixnoAiEA6Hq9ad3RqqhBI3hlMY6itiMtRZKKD7qerGrkLlTLvZ8%3D&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=VF&mm=29&mn=sn-5goeen7r&ms=rdu&mt=1668495220&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJdvgZGplxXnxee2tPlq6v3gE7c22Jpp8CmxeWjJJA6iAiAd7dH2_1PX0k8-7i01EsYctdNsKD7lJdC6L-ndUEbrKA%3D%3D&range=0-72264&rn=4&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= IP173.194.150.219:0
File typeWebM\012- EBML file, creator webmB\20\012- data Hash3f99d8f26f25510279ab028dea27f7ac 0446d14a3e54557959d1b9879c799355d388e8f3 99b6788ddfec5bd18b8e3d0101730ac2326c10065d79dc60a9efff20f23ff28a
GET /videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=251&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=audio%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=57711018&dur=3645.761&lmt=1657775643923696&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAPWks1akoJ-nofiv-WxQ0mznnFqAWEO0H1Ag2ZymixnoAiEA6Hq9ad3RqqhBI3hlMY6itiMtRZKKD7qerGrkLlTLvZ8%3D&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=VF&mm=29&mn=sn-5goeen7r&ms=rdu&mt=1668495220&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJdvgZGplxXnxee2tPlq6v3gE7c22Jpp8CmxeWjJJA6iAiAd7dH2_1PX0k8-7i01EsYctdNsKD7lJdC6L-ndUEbrKA%3D%3D&range=0-72264&rn=4&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= HTTP/1.1
Host: rr5---sn-5goeen7r.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 14 Jul 2022 05:14:03 GMT
Content-Type: audio/webm
Date: Tue, 15 Nov 2022 06:56:37 GMT
Expires: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 72265
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashbb5d8a1abe7ea4bf20b573f59d050ab8 f4cb3a86df01b8e9b7355ce3ddabf953fd7ae412 0821cc1e1e7b7ae0c66ff3a56d6fab41e80c41f1c580b1a035bf3518dcc4ae40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr5---sn-5goeen7r.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=VF&mm=29&mn=sn-5goeen7r&ms=rdu&mt=1668495220&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaAC2bwH5AS4e0A4MXonjfxDk28ecHqb68kxkVgVLBhgCIHjKbI7MB6ylLXVk6GZguO2uFl6H4xUKIZPtkc6FUzvJ&range=0-141011&rn=6&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= | 173.194.150.219 | 200 OK | 1.3 kB |
URL HTTP/1.1rr5---sn-5goeen7r.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=VF&mm=29&mn=sn-5goeen7r&ms=rdu&mt=1668495220&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaAC2bwH5AS4e0A4MXonjfxDk28ecHqb68kxkVgVLBhgCIHjKbI7MB6ylLXVk6GZguO2uFl6H4xUKIZPtkc6FUzvJ&range=0-141011&rn=6&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= IP173.194.150.219:0
File typeASCII text, with very long lines (1262), with no line terminators Hash95999b8e5ff6a9cd97bc22288d0de304 15348b186aac1a8ab3643d3cf26f0e8ef64e676e d97834c9366bc96619c4dabf45db7d13e8c881b8bd844513bbe4add69316b5b0
GET /videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=VF&mm=29&mn=sn-5goeen7r&ms=rdu&mt=1668495220&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaAC2bwH5AS4e0A4MXonjfxDk28ecHqb68kxkVgVLBhgCIHjKbI7MB6ylLXVk6GZguO2uFl6H4xUKIZPtkc6FUzvJ&range=0-141011&rn=6&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= HTTP/1.1
Host: rr5---sn-5goeen7r.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 15 Nov 2022 06:56:37 GMT
Expires: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1262
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr5---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&cm2rm=sn-capm-vnae7e,sn-5gol676&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=VF&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1668495190&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAK6cU-lKSwaAMO_fpoJbyMexQ1tJuQFC7SYNETa-XtdSAiBPxfG7zLqlUS3FoDB0pYEUE6XlfbAfpvdyIa9gs-eL8g%3D%3D&range=0-141011&rn=8&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= | 209.85.226.42 | 200 OK | 141 kB |
URL HTTP/1.1rr5---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&cm2rm=sn-capm-vnae7e,sn-5gol676&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=VF&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1668495190&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAK6cU-lKSwaAMO_fpoJbyMexQ1tJuQFC7SYNETa-XtdSAiBPxfG7zLqlUS3FoDB0pYEUE6XlfbAfpvdyIa9gs-eL8g%3D%3D&range=0-141011&rn=8&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= IP209.85.226.42:0
File typeWebM\012- EBML file, creator webmB\20\012- data Size141 kB (141012 bytes) Hash6ffc9f3eec36f0b328f7f0ad39c18be9 8f8a5565f433718b55c81588d03887c608d49242 ca8ca1fbda3c90122b8c2a444d6b631a9ee81db8c4a8a7a234094b21becbebb8
GET /videoplayback?expire=1668516997&ei=JThzY835CJKFpASBo6iACw&ip=91.90.42.154&id=o-AHeSSZolhyyRqV84QMrtSbA88io9hkhnncqVQaORDblz&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmN-HuvIiEWObESJlv3Y1D47bN4&vprv=1&mime=video%2Fwebm&ns=_F8HvBIHFncGQT5DTvnzufwJ&gir=yes&clen=25865278&dur=3645.742&lmt=1657777229614263&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=Y7ViX5xivTruFQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgeWNv18GsXPJkBDc0t8UPQgg4qpFtVrFadCdSxP2p2sMCICpdb0JUjKQpix7pa_vMR4pPaZy29gKXP9jg7go3o-Hn&cpn=jMctBzeNzajQ-QI1&cver=1.20221113.00.00&cm2rm=sn-capm-vnae7e,sn-5gol676&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=VF&mm=34&mn=sn-5hnekn7d&ms=ltu&mt=1668495190&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAK6cU-lKSwaAMO_fpoJbyMexQ1tJuQFC7SYNETa-XtdSAiBPxfG7zLqlUS3FoDB0pYEUE6XlfbAfpvdyIa9gs-eL8g%3D%3D&range=0-141011&rn=8&rbuf=0&pot=DwxY7KgU2YsRDGO68LJudzbm2ZSZ_NudC8XY1gCgU47hKatfLwyAFCFVw9xbfKBbaYcLluHAgIIdMCYe-KRRMxM0X_QCkFSJ1pWdRb_UmwBdMO21WXopx0mFEUtsD2p0jaYeBBm0B_s= HTTP/1.1
Host: rr5---sn-5hnekn7d.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 14 Jul 2022 05:40:29 GMT
Content-Type: video/webm
Date: Tue, 15 Nov 2022 06:56:37 GMT
Expires: Tue, 15 Nov 2022 06:56:37 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 141012
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| mwebnice.com/7290/158/2/?subid=SgerOrb | 104.21.10.231 | 302 Found | 0 B |
URL HTTP/2mwebnice.com/7290/158/2/?subid=SgerOrb IP104.21.10.231:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /7290/158/2/?subid=SgerOrb HTTP/1.1
Host: mwebnice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 15 Nov 2022 06:56:33 GMT
content-type: text/html; charset=UTF-8
location: https://www.sonuvita.com/report?aff_id=98&subid2=7290_sessid20221115065646299&subid=158
cache-control: max-age=3600, private
pragma: no-cache
expires: Tue, 15 Nov 2022 07:56:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76a616722ab5b4f9-OSL
X-Firefox-Spdy: h2
|
|
| www.sonuvita.com/report?aff_id=98&subid2=7290_sessid20221115065646299&subid=158 | 172.67.196.13 | 200 OK | 0 B |
URL HTTP/2www.sonuvita.com/report?aff_id=98&subid2=7290_sessid20221115065646299&subid=158 IP172.67.196.13:0
GET /report?aff_id=98&subid2=7290_sessid20221115065646299&subid=158 HTTP/1.1
Host: www.sonuvita.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 15 Nov 2022 06:56:34 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6IktBSjllQllDeU5EWkRQVzNTNExBQkE9PSIsInZhbHVlIjoidTBuT1U3ZHQvMVc1emhBRWVTa0pJcExKK01NS0FuSUZVaFNldDE2NzN0ZFhQenpneEFkMkp0T0RDWWlCUnRYWSIsIm1hYyI6ImVlOTZkZWE1ZWM4OTExMmFmMGViZDVkYTgzOTljODBiNjM4ZjNkZWZhMDVkZDhlOTc4NmJjZGFkOWM3NGM2NWEifQ%3D%3D; expires=Fri, 25-Nov-2022 06:56:34 GMT; Max-Age=864000; path=/; samesite=lax
_=eyJpdiI6IjlUMUtNdDNGVWRXUkpoVXFDd01tU3c9PSIsInZhbHVlIjoid1l1d0ZqN1VzcEhRdHNBcDhoSlY3Z1lIMmg1L3B1bGpZWVUxRml0SUJSOWJtUktPUVgxMHExbUdBVHYvUm5MWSIsIm1hYyI6IjU2ODU3MTQ2M2U0YzBhNzhiZmM4YzAwY2EzOTQyYzcyZTNlYmE3YzdmNTMwOTZkOTNlMTYyZThiNzEyZjdkMWMifQ%3D%3D; expires=Fri, 25-Nov-2022 06:56:34 GMT; Max-Age=864000; path=/; httponly; samesite=lax
referrer=eyJpdiI6IlFsbkxNN09hVG1mMW1GZE9oSVJVZ1E9PSIsInZhbHVlIjoiZVY1YzgvcFpYY1czZDF0ejJ2RkVPZz09IiwibWFjIjoiNzAwMTliMzg0ZGM4MTU0MTkyZDRkODI5N2RkNmQ5ZjlmMThhOTIzZjhlMmUzMTYxNjY2Yzk5ZTNlMzc0OWUwMCJ9; expires=Sun, 20-Nov-2022 06:56:34 GMT; Max-Age=432000; path=/; httponly; samesite=lax
affiliate=eyJpdiI6InZmdHFpNnhLTTdEcnlaRkFYQVNzSXc9PSIsInZhbHVlIjoiejVLektScDRYZWxNdUVlUnFIUGc1dz09IiwibWFjIjoiODQyZDliNjFiZjNkNGM0MTRkZjYzZDM0YzA5MjI2ZGIxOWI2YTA5MDRiOTY0MDI5ZTNkYjQ2NmIyOWE1NWJjMSJ9; expires=Sun, 20-Nov-2022 06:56:34 GMT; Max-Age=432000; path=/; httponly; samesite=lax
pixels=eyJpdiI6ImNtMjVEOHlMQjZaZWVIK2tSMWNiTVE9PSIsInZhbHVlIjoiVTZjOWxZZDArOE5EUWxKSmorTks5Ly9CdXNHdXB4ellYTldaTy9PMjdpTzQ3SUdiWURKSWZlRnZIYXZMdDdPTVZQV1RDQi96Snd0TDVtdEkzSXNyOHIyanRkTFduSDBIV1pxc0JEOUYzMXc9IiwibWFjIjoiYTE3MTliMWNlMWNjMzkwOTkxNzVmNjBkNDEwMTZhNGE2MmQxMWY0Yzk3ODdkZGQzZjY4OTlkYmJmNWI1NDQ5ZCJ9; expires=Sun, 20-Nov-2022 06:56:34 GMT; Max-Age=432000; path=/; httponly; samesite=lax
hp=eyJpdiI6ImFCcmpNR2NmQWFRZHM4enRpQ29BWkE9PSIsInZhbHVlIjoiUFRxakFBTEVnbmErWnB3NzhCMk9HblV5YS9tcm1jcmZpSTFaa21DVDUvaWQyOGJGSWIzSzExMVROOUQ1cWRLMCIsIm1hYyI6IjJhN2RhOTczZTcwMmFlN2QwYWY3ZDhiNzBkMDA0MDY1NjhiOWM0YTM0ZmI3NzljMjUwZDY4NjQ5Mjg4ZTgyZjQifQ%3D%3D; expires=Sun, 20-Nov-2022 06:56:34 GMT; Max-Age=432000; path=/; httponly; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVPyj49FPd1E48JZXKAPI7lhPxPqeZKR2kTHdQjBnlCc4oRN4HgIPcRApf80gjjLwQXfyv%2BhID%2FsWa6Uhs%2FYoT8I38quzCB7oXrND%2BkK2nrov1xOhEjEnEOvqS4Ul392EyDB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a616760ddcb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800 IP142.250.74.10:0
GET /css2?family=Oswald:wght@400;500;600;700;800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 06:56:34 GMT
date: Tue, 15 Nov 2022 06:56:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| tracking.buygoods.com/track/?a=6273&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=prod7,prod8,prod9,prod11&caller_url=https%3A%2F%2Fwww.sonuvita.com%2Freport%3Faff_id%3D98%26subid2%3D7290_sessid20221115065646299%26subid%3D158 | 172.66.43.22 | 200 OK | 0 B |
URL HTTP/2tracking.buygoods.com/track/?a=6273&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=prod7,prod8,prod9,prod11&caller_url=https%3A%2F%2Fwww.sonuvita.com%2Freport%3Faff_id%3D98%26subid2%3D7290_sessid20221115065646299%26subid%3D158 IP172.66.43.22:0
GET /track/?a=6273&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=prod7,prod8,prod9,prod11&caller_url=https%3A%2F%2Fwww.sonuvita.com%2Freport%3Faff_id%3D98%26subid2%3D7290_sessid20221115065646299%26subid%3D158 HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 06:56:35 GMT
content-type: application/javascript
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
set-cookie: spiaffid_6273=98; expires=Mon, 13-Feb-2023 06:56:35 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisubid_6273=158%7C7290_sessid20221115065646299; expires=Mon, 13-Feb-2023 06:56:35 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spicampaign_id_6273=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6273=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6273=91.90.42.154::www.sonuvita.com%2Freport; expires=Mon, 13-Feb-2023 06:56:35 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisessid2_6273=sessid20221115065644868; expires=Mon, 13-Feb-2023 06:56:35 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spi_funnel_codename_6273=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76a6167b28711c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@400 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@400 IP142.250.74.10:0
GET /css2?family=Roboto:wght@400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 06:56:34 GMT
date: Tue, 15 Nov 2022 06:56:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Sacramento | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Sacramento IP142.250.74.10:0
GET /css2?family=Sacramento HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 06:56:34 GMT
date: Tue, 15 Nov 2022 06:56:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900 IP142.250.74.10:0
GET /css2?family=Montserrat:wght@400;500;600;700;900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sonuvita.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 06:56:34 GMT
date: Tue, 15 Nov 2022 06:56:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|