r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6759
Expires: Fri, 13 Jan 2023 06:02:13 GMT
Date: Fri, 13 Jan 2023 04:09:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6778
Expires: Fri, 13 Jan 2023 06:02:32 GMT
Date: Fri, 13 Jan 2023 04:09:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 13 Jan 2023 03:48:49 GMT
content-type: application/json
age: 1245
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0f4ecf4f26be1ba09e61135b1b488bf4
f16b8277e00033bc990a8bcce54b693cb3c87d62
3018c2a228f0a894d217e8e8b0b8dd060527f06879cd2f469bac6c8766acbbf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3018C2A228F0A894D217E8E8B0B8DD060527F06879CD2F469BAC6C8766ACBBF8"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4205
Expires: Fri, 13 Jan 2023 05:19:39 GMT
Date: Fri, 13 Jan 2023 04:09:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IURXHVfZ3ve7Z+8igc5HHXskbNJylk/dzji50to6KmNpdeZrj/Mi+j4zPopLaW6wg6o5cPbG4jBB8C7pvKlOjQ==
x-amz-request-id: 4TVFKE4CPHNX5A5S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 13 Jan 2023 03:17:41 GMT
age: 3113
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 13 Jan 2023 04:09:34 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
latgroupaustralia.com.au/en/inicio/
50.87.239.23301 Moved Permanently 0 B URL HTTP/1.1 latgroupaustralia.com.au/en/inicio/
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /en/inicio/ HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 13 Jan 2023 04:09:34 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://latgroupaustralia.com.au/en/inicio/
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Vary: User-Agent
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 13 Jan 2023 03:17:25 GMT
age: 3130
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1362750c01a8e1a2db32aa73ae46a48d
a423b43f2bd52bd4ec38b760a674866a1294c5ad
f0f57e27c4ec8f1cd8e05f530edc37fb1e4a94ffe92e5729939998346f2e204f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5690
Cache-Control: max-age=109921
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:35 GMT
Etag: "63bfcda6-1d7"
Expires: Sat, 14 Jan 2023 10:41:36 GMT
Last-Modified: Thu, 12 Jan 2023 09:06:46 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a1cc2351b9641b2d3c382829b01d8e47
1ff711d93d1270f67fa49a073c16ded6a01ab5b6
44e3b2084d83c46955a65835cd1ba3ed3fb3fcfaa046218f75f453986fabe5f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44E3B2084D83C46955A65835CD1BA3ED3FB3FCFAA046218F75F453986FABE5F7"
Last-Modified: Fri, 13 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 13 Jan 2023 10:09:35 GMT
Date: Fri, 13 Jan 2023 04:09:35 GMT
Connection: keep-alive
push.services.mozilla.com/
52.32.180.241101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.32.180.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9kVaTV5NEnZa2lBtxAdJGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: POol8UfoZbf+hC9fDypnrgjIV/w=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0781cf77974e952683ab5c7ca2b194
2c8ad5f8e41f21e754983651d041a0e48520f5fe
6de0d87eb34209dcd25d8057f206ca2fba4afe08bea15ea0deedd7736fb5c09b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0781cf77974e952683ab5c7ca2b194
2c8ad5f8e41f21e754983651d041a0e48520f5fe
6de0d87eb34209dcd25d8057f206ca2fba4afe08bea15ea0deedd7736fb5c09b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0781cf77974e952683ab5c7ca2b194
2c8ad5f8e41f21e754983651d041a0e48520f5fe
6de0d87eb34209dcd25d8057f206ca2fba4afe08bea15ea0deedd7736fb5c09b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
latgroupaustralia.com.au/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.0
50.87.239.23200 OK 13 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.0
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (44114)
Hash b923c12f729d7c6b21af9c9f81064e81
9357a41c30010e356dc85ec6b746e52e5fc75308
a2fe0964fd0f03ac12833d4b14ade9f50135575855ad85b339f1979a12ab7b81
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.0 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 21 Jul 2022 20:22:05 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12785
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
50.87.239.23200 OK 5.3 kB URL HTTP/2 latgroupaustralia.com.au/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:23:51 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5321
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=3.9.0
50.87.239.23200 OK 468 B URL HTTP/2 latgroupaustralia.com.au/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=3.9.0
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3412), with no line terminators
Hash f88a6a529851c8ed1ffe2bd83219e490
597ff167b702900ee4473e31e390808b8de95664
ae20c6ea52a0534fdda58a7ae13839ac66194434406e00a3bb5f4538f9909886
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=3.9.0 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 21 Jul 2022 20:22:05 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 468
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1673582975
50.87.239.23200 OK 5.9 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1673582975
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15526)
Hash 340fb3facfd55fcb3e862b25455262d2
1d7851af3f69a6cabd3105b52baf7f7dbe39bb4f
34bf8732bf40e72fbed5eceba9594a73a1471acf8c6cfd9c216c50060c7bbc5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1673582975 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 04 Oct 2022 18:56:42 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5920
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
50.87.239.23200 OK 4.0 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19004)
Hash 3770d40a3b6bfb7fd2847fefdc93cf2c
0ae9564463a16c29233adefdf92bb7375ad46bcb
af5ed5aa155dc7252334407c53ee97a0d296d0bfb30590304a39abadb589c73c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 19:27:25 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3961
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5234
Expires: Fri, 13 Jan 2023 05:36:50 GMT
Date: Fri, 13 Jan 2023 04:09:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5234
Expires: Fri, 13 Jan 2023 05:36:50 GMT
Date: Fri, 13 Jan 2023 04:09:36 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5234
Expires: Fri, 13 Jan 2023 05:36:50 GMT
Date: Fri, 13 Jan 2023 04:09:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa56e9680-25b8-493c-8831-f933aca26e52.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa56e9680-25b8-493c-8831-f933aca26e52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e514f1b711f68a1699f9d0d269ca9a8a
71621fabcc4ae2a8c3180e22e63fac1217c4032f
cc10cadc4477cc6faa1973343b9019b1b4bc94e5ec9fab114a4b755f24872f35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa56e9680-25b8-493c-8831-f933aca26e52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9697
x-amzn-requestid: 6279e4e0-7268-422a-878c-3983bffa37d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: edG9MHqjoAMF3dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb8521-59063fac03eb407d74cabd38;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 03:08:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LdM05QUvlJcxt8IaDM9Wr4_CM5-SrhsBRAkVcdkVxNiyrJveNFHK9g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 07:18:16 GMT
age: 75080
etag: "71621fabcc4ae2a8c3180e22e63fac1217c4032f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F193388df-66d1-4b0b-a76a-1bceb229f97d.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F193388df-66d1-4b0b-a76a-1bceb229f97d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d51665a3de125668caaa8dd7b0a000d6
87b5fbde66fefcbaaf29819989564963066c6fbc
2c0feea5fbcdad197412b0c07f9caf933685e7e023b3e84df7f92e021331c48d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F193388df-66d1-4b0b-a76a-1bceb229f97d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9771
x-amzn-requestid: 3c3eac1d-07c9-4755-bbae-a2c0b2b50183
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eph7iFzwoAMF8Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c07d16-30bcb44a7d99a0295b0aee70;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iauWiLHJBG7KGhoiBTKUr-KFr4ROM_RBtfo0_H734iHClgwtubB99A==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 22:02:02 GMT
age: 22054
etag: "87b5fbde66fefcbaaf29819989564963066c6fbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51f29fa68742d72a5ad8ad54a973424d
4941e01c8718adfe7ce13d551e80549236e561df
83b4e946e058ae662e559703f64896ce4c5de969045cf8e3e00806297eab0007
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6895
x-amzn-requestid: 9367b7b5-6904-4308-85ca-69231b2d6fc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXnqzFBlIAMFcQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b95311-5774375508659511014974c0;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 11:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iVPiVZnh-zRlIEguoiOssDfs0bg74oM1nZyUNfY5XqRIsE_KArUZhA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 21:46:34 GMT
age: 22982
etag: "4941e01c8718adfe7ce13d551e80549236e561df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3A400%2C%7CMontserrat%3A500&display=fallback&ver=3.9.0
142.250.74.106200 OK 14 kB URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A400%2C%7CMontserrat%3A500&display=fallback&ver=3.9.0
IP 142.250.74.106:0
Hash f6554f1197d72074d926e80ffe71fc86
908eb9f370338132aa270fe21ef56bd9620b0469
91f2aa436ab00733dc2faafbe7eed91d47650a2a913c139abc6d0fa5e88007f4
GET /css?family=Raleway%3A400%2C%7CMontserrat%3A500&display=fallback&ver=3.9.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 13 Jan 2023 04:09:36 GMT
date: Fri, 13 Jan 2023 04:09:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
50.87.239.23200 OK 26 kB URL HTTP/2 latgroupaustralia.com.au/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a9936c690ea805ea665c6c34c315b820
62c035c35054c958bea94820af5c3f06faa7e3be
478907bf196feb2fc16032c1d565a22096dd83e57dd51d414410244d60ffa2c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 07:23:48 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0529cb91-7aac-4d53-b970-97e87c8b8462.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0529cb91-7aac-4d53-b970-97e87c8b8462.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7957da74e58963750af16b39145ca9a0
1da8c206d04ec1ed9801f17f63ff9dc6b7dbcbee
f3645d66ba2172d0f83f4c86fe7b11cffbf6ad221c43ec4869741dc50082d308
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0529cb91-7aac-4d53-b970-97e87c8b8462.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6930
x-amzn-requestid: 14babb76-10de-4e09-a594-855ffcb6660b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: em4rXFdhIAMF4jg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf6e48-06a5d5df44844bab697bf012;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 02:19:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lDUldq3Sybu8ykH-cqKzwfCAbdC2R0ujg248Swoxh4Ma92ryBIq2jg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 23:10:15 GMT
age: 17961
etag: "1da8c206d04ec1ed9801f17f63ff9dc6b7dbcbee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/elementor/css/post-38.css?ver=1647530512
50.87.239.23200 OK 536 B URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/elementor/css/post-38.css?ver=1647530512
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1852), with no line terminators
Hash 74f010dab205060cbb492ebb663b7206
57c3db98fa65078b163bc66ab387c05011f0512a
cce9b70f86fc32253e112a2d6ac68abdf8614c2a5b07893a5e789b5b6062094f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-38.css?ver=1647530512 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 15:21:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 536
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/elementor/css/post-30.css?ver=1663085205
50.87.239.23200 OK 4.5 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/elementor/css/post-30.css?ver=1663085205
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31369), with no line terminators
Hash 238f25e97842e95218d75e94a9930049
2e2205449fd1c6153cee9369757f5734feb39e87
e07af1d6370218da81462e1fa7904d3f44fd7aec8c0023149ab75ad7a15bed5a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-30.css?ver=1663085205 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 13 Sep 2022 16:06:45 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4509
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
50.87.239.23200 OK 4.6 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (29127)
Hash a45f41ae4f2f15e85f62d4902f6c7a7e
fffd0eb31af8258b58834aaa708064d1a486afd4
42532f43f5f527b9ca94935b1ecd1deafdf1242e20a6cce5e62f87d51ca9826d
GET /wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 28 Jan 2022 15:32:51 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4631
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
50.87.239.23200 OK 308 B URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 19:27:25 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 308
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-includes/js/wp-util.min.js?ver=6.1.1
50.87.239.23200 OK 758 B URL HTTP/2 latgroupaustralia.com.au/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391)
Hash 60bc75e3b14030c62d9fd3a3d317d8a8
6d919bbd05a3984a8e5e67b693e6d5d41cc885f9
e22df84be1a3ffe3b54352a4a39e14adb3fac69f2ce755e4c7babbc243c5bb4b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:23:48 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 758
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
50.87.239.23200 OK 309 B URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 19:27:25 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 309
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/elementor/css/post-1907.css?ver=1662087568
50.87.239.23200 OK 1.7 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/elementor/css/post-1907.css?ver=1662087568
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8783)
Hash 00d5d5032ad8f9812ac475160a9ac99e
c6d610ba775eec300780c14b082d77e0894a6cb9
f297182f4fd1654f6d6ea1d10be6bf7c0812423cbb7b3beb3fef9b0793630e8f
GET /wp-content/uploads/elementor/css/post-1907.css?ver=1662087568 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 02:59:28 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1693
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
50.87.239.23200 OK 4.6 kB URL HTTP/2 latgroupaustralia.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:23:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/elementor/thumbs/logo-05-pk0q2uvryxqswsqf68zdg683xf7qjr2jm8he3avimo.png
50.87.239.23200 OK 5.8 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/elementor/thumbs/logo-05-pk0q2uvryxqswsqf68zdg683xf7qjr2jm8he3avimo.png
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 200 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash dc6ff76c7180f33c9d6b2293712a29e6
f5f4448562fc172bfcd320860f565b7c372519b1
73523d47f23de17c9e77b7c71fe055ce71554eeda03f0d9c8e847c9eac2ad934
GET /wp-content/uploads/elementor/thumbs/logo-05-pk0q2uvryxqswsqf68zdg683xf7qjr2jm8he3avimo.png HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 20:36:24 GMT
accept-ranges: bytes
content-length: 5772
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.2
50.87.239.23200 OK 1.7 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.2
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (778)
Hash 876bede5ca27e06e66022a79d85b551a
cb0b5fa76547ecd2ecdedc525ff54fb10f4dda06
765bb1a891bfb6118104afff6ff523004f29158286c2283ddc00fcb2037deca7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.2 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:38:01 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1723
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1673582975
50.87.239.23200 OK 3.7 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1673582975
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6404)
Hash 60c085aec616d56a06b1569b8089103e
c22d5dc2e4881d0a25ca0a16242c6b1d2bdd34dc
6eb8733f2b3db7e14cf2d3abd066e098085e20c6ad89b7ba2ce6a400bd63fbb0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1673582975 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 04 Oct 2022 18:56:42 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3675
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.4
50.87.239.23200 OK 3.7 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.4
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4890)
Hash ae32d5c74008a6bd65c267fa874b73c8
d4efdf55bb4d49027e456a1943e221f5acc8a6ff
33e2b9c8c88678ee08bb55b3ffc8c9317e7724f20cc358acc58e30a75cb112b4
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.4 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:24:27 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3672
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.4
50.87.239.23200 OK 3.0 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.4
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.4 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 19:27:25 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2997
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
50.87.239.23200 OK 13 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57726)
Hash dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 19:27:25 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12577
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.2
50.87.239.23200 OK 3.7 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.2
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4946)
Hash d9ad97fc288dc5885634220b9d62125e
66c4424da738641d752ef19769b900d483d89cf2
08a9781b4323688c6acd5e57578fc20295dbb1943af86e52cf75d12d5d382506
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.2 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:20:05 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3744
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.4
50.87.239.23200 OK 7.0 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.4
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14220)
Hash 2ebbc9092a2966d5696536c84697dcbb
417d96465e07622362968e36407324fb160cc147
9a7c9294d316dd3d7e740b825ca0faaa8d15d6e659a6dab25799b322672b3ae8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.4 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:02:59 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7010
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
50.87.239.23200 OK 5.1 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12222)
Hash 1c80282718c0c92a80b2debbee406ff6
31f91b9fc3383b2b80c3c464d362494eaf14174e
41cac03ce16851bc217ffa6e941a37f3b7d94ce62a18a4cfeaadca168600a0f6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:29:21 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5132
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
50.87.239.23200 OK 8.3 kB URL HTTP/2 latgroupaustralia.com.au/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:23:49 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8344
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.0
50.87.239.23200 OK 7.0 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.0
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16794)
Hash 9723f1fa0d6847eb1ed8a24b1bc45447
bc704b884e543ef551b7b37d27f1d57cb4747fea
6d1ca1981a05f90031a0f88f6cc9ee1a398147f7bcb9936a2c76efc01c368729
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.0 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 21 Jul 2022 20:22:05 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6996
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-includes/js/underscore.min.js?ver=1.13.4
50.87.239.23200 OK 8.3 kB URL HTTP/2 latgroupaustralia.com.au/wp-includes/js/underscore.min.js?ver=1.13.4
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18798)
Hash ac9c7baaab74ef2576932d5798161987
fa202113e12b09696788a7024984879bddd29143
c03d52f8f157e9209646e3e696e9845d7d2b3cf3e73c8204f371b7393e738026
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:23:51 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8305
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.5.2
50.87.239.23200 OK 8.3 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.5.2
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24265)
Hash a286cbcd149a5c7fa47615ef093938c3
6bd1cb2a6c1d508d793ddee222d1c3b4e541b3f2
870f523722c5f0f07f9d55b58c55184bb4e3c9065b6a0fd43d4756b08bd555bd
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.5.2 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:18:32 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8284
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.2
50.87.239.23200 OK 8.6 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.2
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20274)
Hash 995c06abf2d547502acd79706bd8aff2
d34ad248c421a7a28a9b6955349fbc94e6a675f7
3fe95b7fd2f4f158c6138dbecb1e529ce744d917254bebcfbf52d80da75d3730
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.2 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:10:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8553
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
50.87.239.23200 OK 11 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (25139)
Hash 2183ee951d4fd03cc3f04f99e2aa4a7a
6b06073a2cba74a43d280f6f8bf788131effc162
37199f00bd27e02ce16625ebfdd2547ed6e853c232fc57c89beb42028cd812e3
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:30:43 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 11036
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.4
50.87.239.23200 OK 16 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.4
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36874)
Hash 186cb1cd3c90408089b73b1160c705e8
b47a74a373e86dc67dab340806b3c650e5a1b89f
b7c46c2f31fb27adac4d20faf3f542475f0bbd96245394cb3b36e3f65254c137
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.4 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:03:59 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 15821
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
latgroupaustralia.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
50.87.239.23200 OK 40 kB URL HTTP/2 latgroupaustralia.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 831d039dd41e7f996605456dace51b72
b0998f92d2859849ff7e9160e7331ccdc86b2312
3e054cd578233e826662629b849bd81b058a812e741f7293074a3e2826bc7f28
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 07:23:48 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d85923836060d54f16bf5e089c6cce0a
c34e8934f12a46d107086e9889e564c36fba6a51
befa234085a447c89e241c03f110bff261b59bae1dfc02e885a5b1091791901a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://latgroupaustralia.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 21:08:54 GMT
expires: Tue, 09 Jan 2024 21:08:54 GMT
cache-control: public, max-age=31536000
age: 284443
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d85923836060d54f16bf5e089c6cce0a
c34e8934f12a46d107086e9889e564c36fba6a51
befa234085a447c89e241c03f110bff261b59bae1dfc02e885a5b1091791901a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12820, version 1.0\012- data
Hash 3f2f6d9e64a95a40ea5dedfc91f42a95
9cd9f5a2f86f1d42390141d91619a0aa41a276b7
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://latgroupaustralia.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:23 GMT
expires: Sat, 06 Jan 2024 13:33:23 GMT
cache-control: public, max-age=31536000
age: 570974
last-modified: Mon, 11 Jul 2022 18:56:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0
50.87.239.23200 OK 92 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 92216, version 1.0\012- data
Hash 70ffaa0b941707c09d1cbf69280d1424
fc3d9db08411484861c93dfe7c257bff8fe13b74
41e3c2c7e1af8d05bd4195d6241a16334583d6280f4ab41209aa3880bea50994
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.14.0 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 19:27:25 GMT
accept-ranges: bytes
content-length: 92216
vary: Accept-Encoding,User-Agent
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff2
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
50.87.239.23200 OK 77 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 19:27:25 GMT
accept-ranges: bytes
content-length: 76764
vary: Accept-Encoding,User-Agent
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff2
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
50.87.239.23200 OK 2.0 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1340)
Hash 3a9fe34dae3ebca8745eb2776a95b93e
5f47c00c0c29b9ae6f44a0b311f25f81e011d381
876c3cb8d4e7fc73216ca7730cff993d2ac5252badb527b5b8154ef82e3d61a2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Cookie: pll_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:25:06 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2021
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/popup.7b71aedb401104b93788.bundle.min.js
50.87.239.23200 OK 1.8 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/popup.7b71aedb401104b93788.bundle.min.js
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (739)
Hash 698f20275fd3ceee7120f0ab81cccccb
a92dcfbca5f81308c91544c44abb6b296b7adfad
ad8d74785a1748c183074144cdd809b6834a0ab83151b3b1c7ca87de9f2ddd34
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/popup.7b71aedb401104b93788.bundle.min.js HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Cookie: pll_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:14:52 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1798
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/nav-menu.fd64b77e7258ee4c6205.bundle.min.js
50.87.239.23200 OK 2.7 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/nav-menu.fd64b77e7258ee4c6205.bundle.min.js
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3225)
Hash 4dfa0721e374227eae15f58c85c17cfb
b588a3222161f2fea792f8537dbac0c64cddd666
63eec93ff99b003049b6a18c86f025f9a07648e81537203cfdf745d2b522ab89
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.fd64b77e7258ee4c6205.bundle.min.js HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Cookie: pll_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:23:18 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2728
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/2022/02/cropped-logo-05-1-120x40.png
50.87.239.23200 OK 3.3 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/2022/02/cropped-logo-05-1-120x40.png
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 120 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 861d089ca83c7458d0cdd43040535df2
b4ebccf1f0edef36f80f20cf9a0b03fa2c2afe06
5f90ef3aaaec53a2781b5071591c414883d4e0f49108373548ebcfef89a2e7c5
GET /wp-content/uploads/2022/02/cropped-logo-05-1-120x40.png HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 17:27:31 GMT
accept-ranges: bytes
content-length: 3269
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/form.0fc25ba6639255b98660.bundle.min.js
50.87.239.23200 OK 8.0 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/js/form.0fc25ba6639255b98660.bundle.min.js
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19339)
Hash d112c6033cd3f6d3821571a09a7af001
8b246f0f3e7bbae19e2709a2ae735e0b6debfe1d
01ace008f3b75727e71e5292b3ddbc7984ddbe6bfa68d2f3d156f5609fde1b05
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/form.0fc25ba6639255b98660.bundle.min.js HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Cookie: pll_language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 03:25:00 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7985
content-type: application/javascript
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/2022/01/studying-at-college-2021-09-24-03-36-22-utc_resultado.jpg
50.87.239.23200 OK 169 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/2022/01/studying-at-college-2021-09-24-03-36-22-utc_resultado.jpg
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=18, height=1000, bps=230, PhotometricIntepretation=RGB, description=Portrait of beautiful smiing female college student, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=1500], baseline, precision 8, 1500x1000, components 3\012- data
Size 169 kB (168887 bytes)
Hash 7a48ef118955b8bd91817097218c561d
baefe24afd4463dfeb7a6846f1f209e4e36e779c
0b0132829da5c7b81b0aed1ef76cb1261f42af2ee46e3b79757e9f532d077df2
GET /wp-content/uploads/2022/01/studying-at-college-2021-09-24-03-36-22-utc_resultado.jpg HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/wp-content/uploads/elementor/css/post-30.css?ver=1663085205
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 21:55:52 GMT
accept-ranges: bytes
content-length: 168887
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/2022/02/cropped-LATGROUP-LOGO-BLANCO--768x256.png
50.87.239.23200 OK 22 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/2022/02/cropped-LATGROUP-LOGO-BLANCO--768x256.png
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 768 x 256, 8-bit gray+alpha, non-interlaced\012- data
Hash 4733debe321b88aedfec83c137843a8c
30bf29172e2c19b15e74c74d0770dff976593cb3
fc8b2704d9cb8df2a6f06432843f7dcbf91bfa1f9df3fd33219a684606973c08
GET /wp-content/uploads/2022/02/cropped-LATGROUP-LOGO-BLANCO--768x256.png HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Mar 2022 19:17:51 GMT
accept-ranges: bytes
content-length: 21959
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/2022/01/happy-tourist-man-taking-a-selfie-portrait-with-mo-2021-09-03-14-42-12-utc_resultado.jpg
50.87.239.23200 OK 222 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/2022/01/happy-tourist-man-taking-a-selfie-portrait-with-mo-2021-09-03-14-42-12-utc_resultado.jpg
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=15, height=1000, bps=194, PhotometricIntepretation=RGB, description=Happy tourist man taking a selfie portrait with mobile smart phone at airport - Airplane passenger waiting for flight - Travel , manufacturer=RICOH IMAGING COMPANY, LTD., model=PENTAX K-1, orientation=upper-left, width=1498], baseline, precision 8, 1498x1000, components 3\012- data
Size 222 kB (221462 bytes)
Hash 9777ada0390337425316f8dd2ad7fa1b
9969d974a351b81cefb50f2edda21030205a589b
9da8a26a2aee3514a6fe5e31a55fa46c33764a022e6d61b20e26a8f6da88c07c
GET /wp-content/uploads/2022/01/happy-tourist-man-taking-a-selfie-portrait-with-mo-2021-09-03-14-42-12-utc_resultado.jpg HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/wp-content/uploads/elementor/css/post-30.css?ver=1663085205
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 21:55:43 GMT
accept-ranges: bytes
content-length: 221462
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/2022/01/view-of-sydney-cbd-from-ferry-boat-2021-08-26-16-22-50-utc_resultado.jpg
50.87.239.23200 OK 230 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/2022/01/view-of-sydney-cbd-from-ferry-boat-2021-08-26-16-22-50-utc_resultado.jpg
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=view of Sydney CBD from ferry boat, manufacturer=SONY, model=DSC-RX100M5, orientation=upper-left, xresolution=128, yresolution=136, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 8.3 (Macintosh), datetime=2019:05:23 11:20:24], baseline, precision 8, 1500x1000, components 3\012- data
Size 230 kB (230013 bytes)
Hash beb2436d392c58e7274a32d1d51f6ec7
c4d6aa73627f91964675eebea1c6e6864aa18b34
6ab8153fef96a1b8b9a952f1b4288fca76daa029be0758fdc6a8bbf593cd8154
GET /wp-content/uploads/2022/01/view-of-sydney-cbd-from-ferry-boat-2021-08-26-16-22-50-utc_resultado.jpg HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/wp-content/uploads/elementor/css/post-30.css?ver=1663085205
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 21:04:00 GMT
accept-ranges: bytes
content-length: 230013
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/2022/01/passports-of-australia-background-immigration-or-2021-08-26-16-57-02-utc_resultado.jpg
50.87.239.23200 OK 262 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/2022/01/passports-of-australia-background-immigration-or-2021-08-26-16-57-02-utc_resultado.jpg
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Passports of Australia background. Immigration or travel concept. Pile of australian passports. 3d illustration], baseline, precision 8, 1333x1000, components 3\012- data
Size 262 kB (262154 bytes)
Hash db162ecd46b799e1070029df53929fa6
0dc9fadd0cf9b586f6f7a8eaf71e7b775e215632
2a05a34729cdab3081edd7c08a49c36d3d054ecc515d9e82d68ffbce94d83bb4
GET /wp-content/uploads/2022/01/passports-of-australia-background-immigration-or-2021-08-26-16-57-02-utc_resultado.jpg HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/wp-content/uploads/elementor/css/post-30.css?ver=1663085205
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 21:03:52 GMT
accept-ranges: bytes
content-length: 262154
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 13 Jan 2023 04:09:37 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash aabd4cb92d42e0c9e2d3860118029a6c
53325cdd89f9a117ac79dff7cedfd6370b07f33b
d9bc7a65b7e179ebd42170d0d43372e90739264df1f87a511ee0aab5ab012e85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
172.217.21.174200 OK 63 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (817)
Hash f02565101c5e23455bc9cb529917079f
d191ba22867a37580b73c62e85cafec8934445cc
adbc433ec3318badba117cecfe624154f8211ca424260f8626f1c5aa97340e6a
GET /s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 62798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 16:03:05 GMT
expires: Fri, 12 Jan 2024 16:03:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 43594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash aabd4cb92d42e0c9e2d3860118029a6c
53325cdd89f9a117ac79dff7cedfd6370b07f33b
d9bc7a65b7e179ebd42170d0d43372e90739264df1f87a511ee0aab5ab012e85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
latgroupaustralia.com.au/wp-content/uploads/2022/01/cropped-logo-lat-migration-light-small-174x50-1-32x32.png
50.87.239.23200 OK 1.2 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/2022/01/cropped-logo-lat-migration-light-small-174x50-1-32x32.png
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced\012- data
Hash 2e007d015184ca188518eb72ffa37b89
6d0787f782372f17e2509eedee2e2fa59b97b5f8
7c3c78cca290c0c2fb87bd96e050c4bda6f76ba95c8049026973cd9901da7a71
GET /wp-content/uploads/2022/01/cropped-logo-lat-migration-light-small-174x50-1-32x32.png HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Cookie: pll_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 21:09:44 GMT
accept-ranges: bytes
content-length: 1212
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 13 Jan 2023 04:09:39 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/uploads/2022/01/cropped-logo-lat-migration-light-small-174x50-1-192x192.png
50.87.239.23200 OK 18 kB URL HTTP/2 latgroupaustralia.com.au/wp-content/uploads/2022/01/cropped-logo-lat-migration-light-small-174x50-1-192x192.png
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit gray+alpha, non-interlaced\012- data
Hash 1016faf3ec8ba275553caa2cae424d95
91e5c838c5201c4d5ca0f3be48980a8a4ee404c1
5625805ba5873806f0b2a4500fc9949bafef2461b9e102e55c9c29df463e60a0
GET /wp-content/uploads/2022/01/cropped-logo-lat-migration-light-small-174x50-1-192x192.png HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Cookie: pll_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 21:09:44 GMT
accept-ranges: bytes
content-length: 17574
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 13 Jan 2023 04:09:39 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 21:48:03 GMT
expires: Fri, 12 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 22896
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 16:40:43 GMT
expires: Fri, 12 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 41336
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 90b213e442f9a7ac8cdfc2fe2393a6c3
7b17f3118b45f09b02fc1adea3638b606d0e5504
f17b9e9fa99ce11df3e6f7b09abf8c4e768e3b0b3eba0ea0a49cee894ad4ea87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c1cc8833602dd5e367a6233f2fd9a368
88ccf284313388951cc3eb3534022c403bce8f94
814c643caa1b930bcd10ed0f83968bd7b2d313075bbdd5bb7428e3b9aa87219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 04:02:37 GMT
expires: Fri, 13 Jan 2023 04:17:37 GMT
cache-control: public, max-age=900
age: 423
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 13 Jan 2023 04:09:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 13 Jan 2023 04:09:40 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 90b213e442f9a7ac8cdfc2fe2393a6c3
7b17f3118b45f09b02fc1adea3638b606d0e5504
f17b9e9fa99ce11df3e6f7b09abf8c4e768e3b0b3eba0ea0a49cee894ad4ea87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c6886e7ae6f1ab5559bcf8cce419709
257b2b131473a8ceeaecb40eb88565b520efc3d8
38506ac7d18c6cf700229e29eb8259ad8952b64062f8b0103ab32bb41c6f1e07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c1cc8833602dd5e367a6233f2fd9a368
88ccf284313388951cc3eb3534022c403bce8f94
814c643caa1b930bcd10ed0f83968bd7b2d313075bbdd5bb7428e3b9aa87219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 3a642f102999f729bd10cee28bdc9636
1cd122d621d90f5afc2e6ec0d4fe15c2109042ba
d57975fa0f7d37008b89bf9fff8a2dcae0b3b5e30132a62ad06362f2081eee71
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 13 Jan 2023 04:09:40 GMT
server: ESF
cache-control: private
content-length: 31260
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
216.58.211.4200 OK 14 kB URL HTTP/2 www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (35786)
Hash ab1d51e6cf1d842260dab25a4332649c
0c814f9168dff9647a797787c2109a568904fedb
4b4e6a92912d486accd192aec1f4ba5ffee3658019c01e98199976a192941f09
GET /js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 18:08:18 GMT
expires: Fri, 12 Jan 2024 18:08:18 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 36082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 94b3851fdf453ccc8b2811666f0e75b6
368cbc57c06510dd49c697beabb2b55cd94251fb
9fa7350969af6fdecad31fee10e336d87996e921c6e2a2e3c0db55ee5f8976d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8123f9cbb636d95e71efe63c183f9c44
4194adf313bb1516b7f0b7c7f4f3dc4089848a78
37a4043452d8134df14fc22597cd11cd281aeb5d223c591e043c0e07154f3853
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash acf67276f6f354beb54906e9c4e44b2a
0a2beab94b639a37f25e0385bb79934c0becf5ab
e33d70a72714a81b21186b5e92c80200af814e728268ec67e2c5f41d9a1d16b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/YX_yKlEg_vo/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgVChMMA8=&rs=AOn4CLBSJzsehTFLi8F82a7IwOqGgqM8SQ
142.250.74.150200 OK 41 kB URL HTTP/2 i.ytimg.com/vi/YX_yKlEg_vo/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgVChMMA8=&rs=AOn4CLBSJzsehTFLi8F82a7IwOqGgqM8SQ
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 127080199699f6fea359c7717858ffaa
88d2e9e3befe9c1a1febebf91d8944a41e1c5b2c
6251ac7ccd4d0c7bb3233269e5c69c75213d929273b886ae2033db7885c478b8
GET /vi/YX_yKlEg_vo/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgVChMMA8=&rs=AOn4CLBSJzsehTFLi8F82a7IwOqGgqM8SQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 41379
date: Fri, 13 Jan 2023 04:09:40 GMT
expires: Fri, 13 Jan 2023 06:09:40 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8123f9cbb636d95e71efe63c183f9c44
4194adf313bb1516b7f0b7c7f4f3dc4089848a78
37a4043452d8134df14fc22597cd11cd281aeb5d223c591e043c0e07154f3853
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 13 Jan 2023 04:09:40 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9047c93cf7de0e92146707aa324d70e6
9a9f49d452373ba54f271233d9ec22af6ba99797
bf8abb6001be208995102bd17204fc7f52a8b72c35f925a86c1acd07230ae422
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 835
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 13 Jan 2023 04:09:40 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f281cbc05bdc31410992b1c14eec4a43
ff9b4b8125d39a94033f3fe7b2ee6d7843d6bff0
523935e69065f582e0bbb914778e4a06f85a83b40feffefa7afaf08458fa4cfe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f281cbc05bdc31410992b1c14eec4a43
ff9b4b8125d39a94033f3fe7b2ee6d7843d6bff0
523935e69065f582e0bbb914778e4a06f85a83b40feffefa7afaf08458fa4cfe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&mh=NJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1180000&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&mt=1673582470&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANfBdo70pyCf4g0UaBs5N_DPM1_bG9DBhyWBeoNX078aAiEA-M0HlGHPLkKK2txOCgvcj1L1X8hDggX8jg3NhP0_0Lo%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&range=0-164561&rn=1&rbuf=0
91.90.45.172200 OK 1.1 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&mh=NJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1180000&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&mt=1673582470&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANfBdo70pyCf4g0UaBs5N_DPM1_bG9DBhyWBeoNX078aAiEA-M0HlGHPLkKK2txOCgvcj1L1X8hDggX8jg3NhP0_0Lo%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&range=0-164561&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1111), with no line terminators
Hash a10ae4a8f25aeef40cd18fc16aec1fa2
76b82419ac9d94540e0b3649ca4bbd6204b81e6d
c8d528244f1b146e6f25fa5cd692183152acd399eac856dfb94a09d3b70b5f36
POST /videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&mh=NJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1180000&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&mt=1673582470&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANfBdo70pyCf4g0UaBs5N_DPM1_bG9DBhyWBeoNX078aAiEA-M0HlGHPLkKK2txOCgvcj1L1X8hDggX8jg3NhP0_0Lo%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&range=0-164561&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 13 Jan 2023 04:09:40 GMT
Expires: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1111
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=250&source=youtube&requiressl=yes&mh=NJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1180000&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=audio%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=9372&dur=20.061&lmt=1643983234287248&mt=1673582470&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgZq5lSfd5cgtwQzd7YvV-jtycPvjnvPQpabRwaLM9zdQCIAJCZOA7xql_OgTKOWX_ID64kn3czk1l15giNiIIJ92z&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANfBdo70pyCf4g0UaBs5N_DPM1_bG9DBhyWBeoNX078aAiEA-M0HlGHPLkKK2txOCgvcj1L1X8hDggX8jg3NhP0_0Lo%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&range=0-9371&rn=2&rbuf=0
91.90.45.172200 OK 1.0 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=250&source=youtube&requiressl=yes&mh=NJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1180000&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=audio%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=9372&dur=20.061&lmt=1643983234287248&mt=1673582470&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgZq5lSfd5cgtwQzd7YvV-jtycPvjnvPQpabRwaLM9zdQCIAJCZOA7xql_OgTKOWX_ID64kn3czk1l15giNiIIJ92z&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANfBdo70pyCf4g0UaBs5N_DPM1_bG9DBhyWBeoNX078aAiEA-M0HlGHPLkKK2txOCgvcj1L1X8hDggX8jg3NhP0_0Lo%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&range=0-9371&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1008), with no line terminators
Hash c833ef500ce7901c683e6a298611516f
a93a9db1b42e53ae0dfa5ccae0a446a9e7b0ab02
7397a5880ddcdfab01cbcf4ea283d335e61054c8b2bd245a31fcb705551290f3
POST /videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=250&source=youtube&requiressl=yes&mh=NJ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1180000&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=audio%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=9372&dur=20.061&lmt=1643983234287248&mt=1673582470&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgZq5lSfd5cgtwQzd7YvV-jtycPvjnvPQpabRwaLM9zdQCIAJCZOA7xql_OgTKOWX_ID64kn3czk1l15giNiIIJ92z&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANfBdo70pyCf4g0UaBs5N_DPM1_bG9DBhyWBeoNX078aAiEA-M0HlGHPLkKK2txOCgvcj1L1X8hDggX8jg3NhP0_0Lo%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&range=0-9371&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 13 Jan 2023 04:09:40 GMT
Expires: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1008
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f281cbc05bdc31410992b1c14eec4a43
ff9b4b8125d39a94033f3fe7b2ee6d7843d6bff0
523935e69065f582e0bbb914778e4a06f85a83b40feffefa7afaf08458fa4cfe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu9UXzqMr0-2ym-Bs-HRz2qUS1DLc2Nsa6lVD2w6-Q=s68-c-k-c0x00ffffff-no-rj
142.250.74.65200 OK 3.8 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9UXzqMr0-2ym-Bs-HRz2qUS1DLc2Nsa6lVD2w6-Q=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 98b7f195d753256807e2064709efced6
33407907a755a66165cb9f16213f063cf644a81e
5cca76cf84230476462b60d9a45317bee1a8b4d516e1df7bc66c6fc7973ecfd2
GET /ytc/AMLnZu9UXzqMr0-2ym-Bs-HRz2qUS1DLc2Nsa6lVD2w6-Q=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2989"
expires: Sat, 14 Jan 2023 04:09:40 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 13 Jan 2023 04:09:40 GMT
server: fife
content-length: 3776
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e75478c4c01ce04512c8e62b63cab5d3
2acd1c853a4fa0091677548b5e11ddb42c030dd9
bcda6f9ecd8bed4bfff28b55beea6cd2a30b72452cf9ffe9b3bcb40391a83973
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e75478c4c01ce04512c8e62b63cab5d3
2acd1c853a4fa0091677548b5e11ddb42c030dd9
bcda6f9ecd8bed4bfff28b55beea6cd2a30b72452cf9ffe9b3bcb40391a83973
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 94b3851fdf453ccc8b2811666f0e75b6
368cbc57c06510dd49c697beabb2b55cd94251fb
9fa7350969af6fdecad31fee10e336d87996e921c6e2a2e3c0db55ee5f8976d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=NJ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1673582722&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOYTjIo66DUD3yLP09ITMT1NY0tCfvka46SeUEi-SXGCAiBZUnCWlChnCcR6MNEE-xJh3JAAkZo78o_UC_GsCBCRHg%3D%3D&range=0-164561&rn=3&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA=
74.125.108.233200 OK 1.3 kB URL HTTP/1.1 rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=NJ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1673582722&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOYTjIo66DUD3yLP09ITMT1NY0tCfvka46SeUEi-SXGCAiBZUnCWlChnCcR6MNEE-xJh3JAAkZo78o_UC_GsCBCRHg%3D%3D&range=0-164561&rn=3&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA=
IP 74.125.108.233:0
File type ASCII text, with very long lines (1259), with no line terminators
Hash aad97cd7cef90475af7d4d00c22a3e21
c134fd8d296a15bf55d4b8e7a923ce58b72dd156
1fb6d6de4abc5f095f296b554d128aed1c5102ae9fef02d14f94081d4d2e3de6
POST /videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=NJ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1673582722&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOYTjIo66DUD3yLP09ITMT1NY0tCfvka46SeUEi-SXGCAiBZUnCWlChnCcR6MNEE-xJh3JAAkZo78o_UC_GsCBCRHg%3D%3D&range=0-164561&rn=3&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA= HTTP/1.1
Host: rr4---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 13 Jan 2023 04:09:40 GMT
Expires: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1259
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=250&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=audio%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=9372&dur=20.061&lmt=1643983234287248&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgZq5lSfd5cgtwQzd7YvV-jtycPvjnvPQpabRwaLM9zdQCIAJCZOA7xql_OgTKOWX_ID64kn3czk1l15giNiIIJ92z&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=NJ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1673582722&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAOqN91U8J_IVhk6OQYWW8MnmirD3ABVM7yxgDiZWXuTCAiEA-oHrHg1-plrZj0kpyfUQutOPMHqOCMHpcO6IeiXg9uI%3D&range=0-9371&rn=4&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA=
74.125.108.233200 OK 1.2 kB URL HTTP/1.1 rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=250&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=audio%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=9372&dur=20.061&lmt=1643983234287248&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgZq5lSfd5cgtwQzd7YvV-jtycPvjnvPQpabRwaLM9zdQCIAJCZOA7xql_OgTKOWX_ID64kn3czk1l15giNiIIJ92z&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=NJ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1673582722&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAOqN91U8J_IVhk6OQYWW8MnmirD3ABVM7yxgDiZWXuTCAiEA-oHrHg1-plrZj0kpyfUQutOPMHqOCMHpcO6IeiXg9uI%3D&range=0-9371&rn=4&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA=
IP 74.125.108.233:0
File type ASCII text, with very long lines (1158), with no line terminators
Hash 549f29a729bfe3770131d01b7c145d02
0f07e8eb7a6002e0bf0d5f21b9406e82fe7cc323
acf962f8e35fdd6fe1374c3b683d62c61580854066675c1127e6c40318c3b89d
POST /videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=250&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=audio%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=9372&dur=20.061&lmt=1643983234287248&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgZq5lSfd5cgtwQzd7YvV-jtycPvjnvPQpabRwaLM9zdQCIAJCZOA7xql_OgTKOWX_ID64kn3czk1l15giNiIIJ92z&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=NJ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1673582722&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAOqN91U8J_IVhk6OQYWW8MnmirD3ABVM7yxgDiZWXuTCAiEA-oHrHg1-plrZj0kpyfUQutOPMHqOCMHpcO6IeiXg9uI%3D&range=0-9371&rn=4&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA= HTTP/1.1
Host: rr4---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 13 Jan 2023 04:09:40 GMT
Expires: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1158
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=NJ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1673582722&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALPPOtgOTTvhjysWdI-erlDDMVmYBWlgSMb5EekYEYEGAiEAhJXL8XM1gHoLauQ80CypRNNRwo2UcsIS8UiUchdZD0s%3D&range=0-164561&rn=7&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA=
74.125.108.233200 OK 1.3 kB URL HTTP/1.1 rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=NJ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1673582722&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALPPOtgOTTvhjysWdI-erlDDMVmYBWlgSMb5EekYEYEGAiEAhJXL8XM1gHoLauQ80CypRNNRwo2UcsIS8UiUchdZD0s%3D&range=0-164561&rn=7&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA=
IP 74.125.108.233:0
File type ASCII text, with very long lines (1267), with no line terminators
Hash d99568f23acafbf2c4cf16605bb102ea
d31c5a02509f14dbc576e1f79645fe7852624715
7a21d54b37b4374d89f78019c19599323a9ca4b1486b547fa29d0e7cf87c28b2
POST /videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=NJ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1673582722&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALPPOtgOTTvhjysWdI-erlDDMVmYBWlgSMb5EekYEYEGAiEAhJXL8XM1gHoLauQ80CypRNNRwo2UcsIS8UiUchdZD0s%3D&range=0-164561&rn=7&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA= HTTP/1.1
Host: rr4---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 13 Jan 2023 04:09:40 GMT
Expires: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1267
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e75478c4c01ce04512c8e62b63cab5d3
2acd1c853a4fa0091677548b5e11ddb42c030dd9
bcda6f9ecd8bed4bfff28b55beea6cd2a30b72452cf9ffe9b3bcb40391a83973
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 04:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5hnednsz.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=250&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=audio%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=9372&dur=20.061&lmt=1643983234287248&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgZq5lSfd5cgtwQzd7YvV-jtycPvjnvPQpabRwaLM9zdQCIAJCZOA7xql_OgTKOWX_ID64kn3czk1l15giNiIIJ92z&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=NJ&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1673582682&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgWqj2ZQn05RYzdXn6kJRqkHXyoD2sE8fF7rmsqZ9FEBwCIGHuI5PGbYkpJ2VO3TgXhB_xzKE19i7k-yGGcMrgDjdx&range=0-9371&rn=6&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA=
74.125.8.231200 OK 9.4 kB URL HTTP/1.1 rr2---sn-5hnednsz.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=250&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=audio%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=9372&dur=20.061&lmt=1643983234287248&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgZq5lSfd5cgtwQzd7YvV-jtycPvjnvPQpabRwaLM9zdQCIAJCZOA7xql_OgTKOWX_ID64kn3czk1l15giNiIIJ92z&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=NJ&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1673582682&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgWqj2ZQn05RYzdXn6kJRqkHXyoD2sE8fF7rmsqZ9FEBwCIGHuI5PGbYkpJ2VO3TgXhB_xzKE19i7k-yGGcMrgDjdx&range=0-9371&rn=6&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA=
IP 74.125.8.231:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 54e9968c3ae2b31fece7e94fab331725
222883b9091bb4e4b2f10366c116ecdabb1d8204
38f4393c19fcdf4e282bb9179455dc603dfb7c66d0dd0e62b5b8dae64a77160e
POST /videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=250&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=audio%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=9372&dur=20.061&lmt=1643983234287248&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgZq5lSfd5cgtwQzd7YvV-jtycPvjnvPQpabRwaLM9zdQCIAJCZOA7xql_OgTKOWX_ID64kn3czk1l15giNiIIJ92z&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=NJ&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1673582682&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgWqj2ZQn05RYzdXn6kJRqkHXyoD2sE8fF7rmsqZ9FEBwCIGHuI5PGbYkpJ2VO3TgXhB_xzKE19i7k-yGGcMrgDjdx&range=0-9371&rn=6&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA= HTTP/1.1
Host: rr2---sn-5hnednsz.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 04 Feb 2022 14:00:34 GMT
Content-Type: audio/webm
Date: Fri, 13 Jan 2023 04:09:41 GMT
Expires: Fri, 13 Jan 2023 04:09:41 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 9372
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-5hnednsz.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=NJ&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1673582682&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgf0fliD9y8gVrBqdtwMqHj606HUH3737vyX8s07s8bnICIQD2vcCQauV8M3yYeeMMY6V7LkYxGHb3Qk31HpUpfK_eIQ%3D%3D&range=0-164561&rn=8&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA=
74.125.8.231200 OK 165 kB URL HTTP/1.1 rr2---sn-5hnednsz.googlevideo.com/videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=NJ&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1673582682&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgf0fliD9y8gVrBqdtwMqHj606HUH3737vyX8s07s8bnICIQD2vcCQauV8M3yYeeMMY6V7LkYxGHb3Qk31HpUpfK_eIQ%3D%3D&range=0-164561&rn=8&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA=
IP 74.125.8.231:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 165 kB (164562 bytes)
Hash a4dd6a5271ff8108a271f8fd4dc02135
020f5d0a7f57bf51d400caf385a49383619504dc
d207daaf6b0b38d81773a8b8dc63a31aa85107715680bdfbf9b6e5b4071db237
POST /videoplayback?expire=1673604580&ei=hNnAY6W_JI_-yQXYqrfwBg&ip=91.90.42.154&id=o-AO_RYCfGwWZ9jl5P1kfGCpM72FKyPeqHUNE94zBNoWBT&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=zIddbG5ghS2W3jkazOG0czbJ287BKAE&vprv=1&mime=video%2Fwebm&ns=q5sda018hnJ3JeGOLqbFC0wK&gir=yes&clen=863011&dur=20.033&lmt=1643983251966116&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=1CXiPVWf8_xFGw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANeLtCoASG_0pZFW8DUXL1QEvibmu8Zn7teJWBueY6t_AiEAtfiPy6izReJEk3GzjBpgUNWgv-E-zixLLOHucR54VCk%3D&alr=yes&cpn=czauew6-6K5sGLIN&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=NJ&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1673582682&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgf0fliD9y8gVrBqdtwMqHj606HUH3737vyX8s07s8bnICIQD2vcCQauV8M3yYeeMMY6V7LkYxGHb3Qk31HpUpfK_eIQ%3D%3D&range=0-164561&rn=8&rbuf=0&pot=D93r7QjtNLcV3dDRvu7UqS2kiktv7jJM0LwQOGFi8Wa1_Yx_twO8GrEgrgEyCnEGWZUU1fxVjEfPCYbLbSV3RHzurN-OMX1Lm4NSzO0F5X8OVUEySN9JGD5wDlPGDiFr48Pc-dOJAGA= HTTP/1.1
Host: rr2---sn-5hnednsz.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 04 Feb 2022 14:00:51 GMT
Content-Type: video/webm
Date: Fri, 13 Jan 2023 04:09:41 GMT
Expires: Fri, 13 Jan 2023 04:09:41 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 164562
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62a54fea-c51d-4ae4-9e52-1f619209c115.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62a54fea-c51d-4ae4-9e52-1f619209c115.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e58281026f1cb342839390a19b3eb055
ea380c559ae16ec297b11657ba4124d153ef0829
fe55fa81462823025097aaf4f3fa0057a0d3f403b3173f65b3aa34cf1faf0eb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62a54fea-c51d-4ae4-9e52-1f619209c115.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9199
x-amzn-requestid: 00ee205e-9d25-4bcc-a5d5-b5c8b0b83449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejy2KGMjIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be31c0-619bb9120e44c5f93e97b5b9;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:49:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wJuV48igTge5YiaL3hYnptNoonZWxi0qis7R-7rn9HwGd1OYjgEUWQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 22:06:36 GMT
age: 21787
etag: "ea380c559ae16ec297b11657ba4124d153ef0829"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
172.217.21.174200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 172.217.21.174:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Fri, 13 Jan 2023 04:09:39 GMT
date: Fri, 13 Jan 2023 04:09:39 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=dcx_C2fP0tU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU0TnprNE5ERTJNVGsyTnpReU5ERTJNUT09EIOzg54GGIOzg54G; Domain=.youtube.com; Expires=Wed, 12-Jul-2023 04:09:39 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=r4wMekiU6y8; Domain=.youtube.com; Expires=Wed, 12-Jul-2023 04:09:39 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+011; expires=Sun, 12-Jan-2025 04:09:39 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.5.2
50.87.239.23200 OK 0 B URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.5.2
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.5.2 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 28 Jan 2022 15:32:51 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Raleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 13 Jan 2023 04:09:36 GMT
date: Fri, 13 Jan 2023 04:09:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
latgroupaustralia.com.au/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.5.4
50.87.239.23200 OK 0 B URL HTTP/2 latgroupaustralia.com.au/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.5.4
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.5.4 HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latgroupaustralia.com.au/en/inicio/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 19:27:25 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 13 Jan 2023 04:09:36 GMT
server: Apache
X-Firefox-Spdy: h2
latgroupaustralia.com.au/en/inicio/
50.87.239.23200 OK 0 B URL HTTP/2 latgroupaustralia.com.au/en/inicio/
IP 50.87.239.23:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /en/inicio/ HTTP/1.1
Host: latgroupaustralia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://latgroupaustralia.com.au/wp-json/>; rel="https://api.w.org/", <https://latgroupaustralia.com.au/wp-json/wp/v2/pages/30>; rel="alternate"; type="application/json", <https://latgroupaustralia.com.au/>; rel=shortlink
vary: Accept-Encoding,User-Agent
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/html; charset=UTF-8
date: Fri, 13 Jan 2023 04:09:35 GMT
server: Apache
X-Firefox-Spdy: h2