Report - 3.142.138.123/kioscos/kioscobanner3.0/index.php

Report Overview

Visited public
2024-08-15 10:00:02
Tags
URL
3.142.138.123/kioscos/kioscobanner3.0/index.php
Finishing URL
3.142.138.123/kioscos/kioscobanner3.0/index.php
IP / ASN
3.142.138.123
#16509 AMAZON-02
Title
Bienvenidos | Kiosco

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Sent	Received	IP
3.142.138.123	unknown	16 kB	488 kB	3.142.138.123
cdnjs.cloudflare.com	235	718 B	5.7 kB	104.17.25.14
ajax.googleapis.com	12905	1.5 kB	134 kB	142.250.74.74
fonts.gstatic.com	unknown	2.1 kB	68 kB	216.58.207.227
rr5---sn-oj5hn5-55.googlevideo.com	unknown	16 kB	2.4 MB	74.125.8.5
o.pki.goog	unknown	5.5 kB	12 kB	142.250.74.131
www.youtube.com	90	20 kB	1.6 MB	216.58.211.14
play.google.com	34	4.6 kB	4.4 kB	216.58.211.14
www.gstatic.com	unknown	474 B	217 kB	142.250.74.35
jnn-pa.googleapis.com	2640	2.4 kB	46 kB	216.58.207.202
rr2---sn-5goeenez.googlevideo.com	unknown	3.8 kB	5.1 kB	74.125.111.7
yt3.ggpht.com	203	1.0 kB	6.6 kB	142.250.74.65
r11.o.lencr.org	unknown	1.6 kB	4.4 kB	23.33.119.57
r10.o.lencr.org	unknown	981 B	2.7 kB	23.33.119.27
fonts.googleapis.com	8877	2.1 kB	12 kB	142.250.74.138
www.google.com	7	863 B	23 kB	142.250.74.164
rr1---sn-capm-vnae.googlevideo.com	unknown	3.6 kB	4.8 kB	91.90.45.172

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed
2024-08-15	medium	3.142.138.123	Sinkholed

ThreatFox

No alerts detected

JavaScript (157)

	URL	From	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js	ScriptElement	93 kB	2023-03-07	2025-06-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:03 Times Seen15632 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js	ScriptElement	5.6 kB	2023-03-07	2025-06-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-06-16 23:52 Times Seen1417 Hash 3eac3c72434a0945b92dd4a01f7b6b4e 7767b356530e39cd76ec259320b0b2774b4097a8 ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b Loading...

	3.142.138.123/kioscos/kioscobanner3.0/index.php	ScriptElement	1.7 kB	2023-05-08	2025-04-17
Pretty URL 3.142.138.123/kioscos/kioscobanner3.0/index.php IP 3.142.138.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 19:23 Last Seen2025-04-17 06:24 Times Seen10 Hash 12b7f081287b5e7f040e9ef8d542684f f8112a7fbc29cbeb1423b4aa9fcd4b16a3cf00fe a681c7ce472fef59b14e92e6fc55d1ee46a0f226aa00c7c865b954d61a701c64 Loading...

	www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1	ScriptElement	108 B	2023-08-01	2025-06-18
Pretty URL www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-01 01:42 Last Seen2025-06-18 04:27 Times Seen48495 Hash 6247dd5d2d787d98a0d5e4966146d550 51dcfa67e8318f689e1a4589a9def15c6f9a23bd cbb9ab7439a233ff75c44799819b7a7de5fdb18f4e30f0236430bc751530c211 Loading...

	www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/remote.js	ScriptElement	121 kB	2024-08-13	2024-08-19
Pretty URL www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/remote.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 20:21 Last Seen2024-08-19 13:33 Times Seen61 Hash b98a22487ac02c039c99602876d1972a 9e5b569d57053c14b506b987ac495e6b2acd8c5b 1b88aa48ac2d0a3cdca3725b9dec657bc4cf5a774c492412e4300dde1950db0b Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-06-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:12 Times Seen37936 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/base.js	ScriptElement	2.4 MB	2024-08-13	2024-08-19
Pretty URL www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/base.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 20:21 Last Seen2024-08-19 13:33 Times Seen74 Hash a730faaed986c6214c384d96e6b12b89 b22cf16c395284da9d55a4819833e6c03fb31720 ce1fa41a949ab70c3d6cf79cdeca6ce66e757b03c2a7bb37ffe8332fb7a6a554 Loading...

	www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/captions.js	ScriptElement	75 kB	2024-08-13	2024-08-19
Pretty URL www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/captions.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 20:21 Last Seen2024-08-19 13:33 Times Seen11 Hash 21d17794a96767348e0f2e45555d77b7 20fef8c97095b715166eea45c9fc829ad2caba5f 9375ba83bb62570f86eaed68365ad09127e59358c1a90fefd36a363d5f6b6cf5 Loading...

	3.142.138.123/kioscos/kioscobanner3.0/js/validacion.js	ScriptElement	2.6 kB	2023-07-10	2025-04-17
Pretty URL 3.142.138.123/kioscos/kioscobanner3.0/js/validacion.js IP 3.142.138.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-10 18:46 Last Seen2025-04-17 06:24 Times Seen7 Hash 89239fc4ad5a53f50f2632127ef92d08 1ba85f2ca06ec870ffe5e468920e85eef89c9720 1779d20b6195a083e889f8da6c952c302525868078df91afd195bd33039b25ff Loading...

	www.google.com/js/th/-0TfInu9ra9zkah2wyCD78KX7EDwI16Gf6-9m2UuzfU.js	ScriptElement	55 kB	2024-08-08	2024-08-19
Pretty URL www.google.com/js/th/-0TfInu9ra9zkah2wyCD78KX7EDwI16Gf6-9m2UuzfU.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 569ce42b984674dbb65bda2ee07d6122 1a38eb73f0d4c12ed763542bbf30aa05e83d25af fb44df227bbdadaf7391a876c32083efc297ec40f0235e867fafbd9b652ecdf5 Loading...

	www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/embed.js	ScriptElement	68 kB	2024-08-13	2024-08-19
Pretty URL www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/embed.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 21:33 Last Seen2024-08-19 13:33 Times Seen66 Hash 8e211f141e5328418be41a23102f62ab 883b670378bae8a5c1cc60fe5ec28078f2404724 bad0e523af56d8645e53575cdc1defd4f1a4b81e59249f416e0af5d621a50fcf Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js	ScriptElement	97 kB	2023-03-07	2025-06-17
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39 Last Seen2025-06-17 18:41 Times Seen16237 Hash bdc2b7efb1faf219d65edfe253a103e9 4921529fc15b8133f2fe65b3bebf53d1e9ef8579 95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9 Loading...

	www.google.com/recaptcha/api.js?hl=es	ScriptElement	870 B	2024-08-04	2024-08-21
Pretty URL www.google.com/recaptcha/api.js?hl=es IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-04 18:44 Last Seen2024-08-21 10:09 Times Seen9 Hash 17e4d554c29baea4bd7113310eb8aeaa f6c5bd242b1b121c71dce178cacd92c7fa4c3d9d ede4da029ca12214493c4d5d35a1b96b997b604e7ca10065aa552265d2bcd004 Loading...

	www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1	ScriptElement	134 B	2023-03-07	2025-06-18
Pretty URL www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:27 Times Seen41854 Hash e18eb9d0972d240f1a5456179bb6523b 65255f106adcff2907a98e295a8e7a38fe2884c4 3d68db2b85d5a2915743399f09dc438963f0c50f68b02df05d47a372661603e8 Loading...

	3.142.138.123/kioscos/kioscobanner3.0/js/Banner.js	ScriptElement	2.7 kB	2023-03-12	2025-04-17
Pretty URL 3.142.138.123/kioscos/kioscobanner3.0/js/Banner.js IP 3.142.138.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:23 Last Seen2025-04-17 06:24 Times Seen22 Hash 6565a68fa531346a0b5600388e926c27 8eb59f338bed5f74b421ff3ccc3fe2ab97e4ae76 e875f995449c00654e414514f83657f209520f2ee286b6276ee2058a2cafb6f8 Loading...

	3.142.138.123/kioscos/kioscobanner3.0/index.php	ScriptElement	2.9 kB	2023-07-10	2025-04-17
Pretty URL 3.142.138.123/kioscos/kioscobanner3.0/index.php IP 3.142.138.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-10 18:46 Last Seen2025-04-17 06:24 Times Seen7 Hash 010bbba8a606a0cfefaa87e40186e134 68bd508ff08fb44cb1a66ae32ed8eb92a270382c 5fcfab71458a8d82d0325e0556d6c598d438e7ac9c80e59c99f057b62f19f7a9 Loading...

	3.142.138.123/kioscos/kioscobanner3.0/js/scroll.js	ScriptElement	201 B	2023-04-01	2025-04-17
Pretty URL 3.142.138.123/kioscos/kioscobanner3.0/js/scroll.js IP 3.142.138.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:22 Last Seen2025-04-17 06:24 Times Seen17 Hash e61d7934e3f2f379550f1891844d1458 98114b3aea5748e12d1c922ddaeeab94d50af3d2 8f34bea834a20a3b858698826c2934a9836edd357c3efc967b3c58dce6e74bf0 Loading...

	www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/endscreen.js	ScriptElement	34 kB	2024-08-13	2024-08-19
Pretty URL www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/endscreen.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 20:21 Last Seen2024-08-19 13:33 Times Seen16 Hash adcd1899c6265974b4f4bb9280bc6c28 57c99da2b1e58098a1787d16e005b82fcedee862 5cf091e1f50e71a99c46d8f02f562d9e68216150a1a817e13d43bb5c92a881cf Loading...

	3.142.138.123/kioscos/kioscobanner3.0/js/modales.js	ScriptElement	6.9 kB	2023-07-10	2025-04-17
Pretty URL 3.142.138.123/kioscos/kioscobanner3.0/js/modales.js IP 3.142.138.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-10 18:46 Last Seen2025-04-17 06:24 Times Seen7 Hash fefa53698ed5315add05ca0a2141ccfc fc9cb96608f6e72721ef9d8c8898401902c94656 9dcdb0ce96ee60bacc7a85295b92326a26ef908c1c0e5b452afd37220fe501a1 Loading...

	www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1	ScriptElement	2.1 kB	2023-10-25	2025-06-18
Pretty URL www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-25 23:30 Last Seen2025-06-18 04:27 Times Seen40175 Hash e795f2b1b495c31028edb86cb4f4e7b5 d5d0d2d9e1538e5869ff9828d64664b94d6de653 02c0ff09b0683b8853beac78e1dd6a3af9a8e10691130f6e1ff99647756e541f Loading...

	www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1	ScriptElement	85 kB	2024-08-19	2024-08-19
Pretty URL www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 13:14 Last Seen2024-08-19 13:14 Times Seen1 Hash 589b47a697e95ebc70fcf42aaa02dc53 e939acd52f929321043a08341f463cb8d9196198 b87b669115ef4c3c5ccb263ed555da0c8a164bc4c734bb14901bb498eaa76f6c Loading...

	www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1	ScriptElement	1.0 kB	2023-06-13	2025-06-18
Pretty URL www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-13 01:22 Last Seen2025-06-18 04:27 Times Seen41853 Hash fe81353f0c3e106bb59598d92fd49a12 cd09955588a1d236a25a76d3f774418a829cb5c4 a366197fa3629365ab26195a99befce51c8f8ec90252df02e0b4cb44bd52d020 Loading...

	www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1	ScriptElement	26 B	2023-03-07	2025-06-18
Pretty URL www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:27 Times Seen41820 Hash 173a08c5d6adc5c93611a599bcb2c717 735a7301e66ae2c3584357f7bf0bf09eefb62df0 271e6368679a21c3416e2a0325db33d6bc445d601c72a49914081b5efd0cdf3f Loading...

	www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__es.js	ScriptElement	547 kB	2024-08-01	2024-08-29
Pretty URL www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__es.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-01 18:45 Last Seen2024-08-29 18:08 Times Seen49 Hash 5f41d26aa9a82c0f70da84ea703bc2cc 0923a2bba6334285f0be6858681bb686f5124210 f3525191eac6fba32b46ad6fbdf4a6c9aebd64406ce39ebbfc47b53369e69ad6 Loading...

	www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1	ScriptElement	126 B	2024-08-07	2024-08-22
Pretty URL www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-07 20:14 Last Seen2024-08-22 17:23 Times Seen898 Hash 505af3f31d0c9fac02d5e2d3463278c8 7c282c06fc1f7ebf8e828bf548fc659ae9913c35 4eaa3919d00e80dea07f920a3774499f20ebc2daa87f993c9b456c5a005e4955 Loading...

	www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1	ScriptElement	13 B	2023-03-07	2025-06-18
Pretty URL www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:27 Times Seen41577 Hash d8fb965e7ead2924508e97e5326bd3b1 fae376d0cb54d4433b7bdc9aba04690cd6cb5d27 57bb660c2fdf4369ff8e37f99b26963dba87c120b80c443ff3d31e030ab3a0f5 Loading...

	www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1	ScriptElement	62 B	2023-12-25	2025-06-18
Pretty URL www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1 IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-25 15:02 Last Seen2025-06-18 03:15 Times Seen631 Hash 5731a7a8be10e70d1115ab738c051267 6de58d8ae276aea60e38964e0633ff98246a7d74 5b50c5021ca25d471f19c4119cc489e0729bdd4e45c53b5999a7f5ee841dfe8b Loading...

	3.142.138.123/kioscos/kioscobanner3.0/js/script.js	ScriptElement	570 B	2023-04-01	2025-04-17
Pretty URL 3.142.138.123/kioscos/kioscobanner3.0/js/script.js IP 3.142.138.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:22 Last Seen2025-04-17 06:24 Times Seen19 Hash fccdb0bbd175fb13c94f463e74118434 4b8252550ec52f3fa466839fd2562ca238c57f0b 43e2e72dad609d9f7fcf2315df0189b03a6535e28d1604583d01fb7b83c420ab Loading...

	www.youtube.com/s/player/410a4f15/www-embed-player.vflset/www-embed-player.js	ScriptElement	336 kB	2024-08-13	2024-08-19
Pretty URL www.youtube.com/s/player/410a4f15/www-embed-player.vflset/www-embed-player.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 21:33 Last Seen2024-08-19 13:33 Times Seen67 Hash 6d173ec72f257225963719077887f3e1 26f871ea7a7f0c9bf8c20e7d7b6f95edf315beef eac1a5776526ed650d1834e73e52890b40ce5123780bf2a44cfbd0de5735be45 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5059ced14247ed8cb9a352b2ca4f937d	210 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 5059ced14247ed8cb9a352b2ca4f937d bacd800e87bf22dfdd634a991390146237c6dc96 89996a66f0693d8623894b5e407c8306bfc8cfdb1d035c3d95ab29239b27c3a0 Loading...

	#2 Eval - 88142921ec77f2173937250a0609736f	345 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 88142921ec77f2173937250a0609736f fb2b2e91dd27b074260f7b84e0da399ac3e66ff3 6be2560ffad2616f205ff766541c33aa00f3a6220f074967f0f5fc54122e5d0f Loading...

	#3 Eval - 01650a4b3a285a2bf1c3b686c4d5350e	133 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 01650a4b3a285a2bf1c3b686c4d5350e 328ae221d4e5c662668f862d3951d6b0e82ad2ce c27659de2a1ba253b9d6d2043f5e48fb568938722709d5b8928f3cc8999d1dac Loading...

	#4 Eval - 5d43ef05e57cdeab7895fe8a3b6ee014	116 B	2024-07-19 01:23	2025-06-18 04:27
Pretty Observations First Seen2024-07-19 01:23 Last Seen2025-06-18 04:27 Times Seen19516 Hash 5d43ef05e57cdeab7895fe8a3b6ee014 19671e4e00cc9b5f8f6a6167c1ea8800ee539aeb b7893a0611b91f5fe47ce3889faf375eddbda47517f4e44c8c338eef6d2c41e5 Loading...

	#5 Eval - 7f448cca89a61f8774008c7cef294a46	159 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 7f448cca89a61f8774008c7cef294a46 a0c03dd070d4d98ad304d7cf921641a46950bdce 3b47fd6e28f9fb20cfabf66a9a7ad79727461d1e80f45784a84ea5cad40050e9 Loading...

	#6 Eval - fa44188e9dbdfb7c901dde8e93dc9dac	213 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash fa44188e9dbdfb7c901dde8e93dc9dac bbd00681ac1e48eb4db509567c91037e17b814aa 4d658fe0772e62fb68b75b1fea633b3acd71adc10f42b3b5f639a32561768b70 Loading...

	#7 Eval - 7694f4a66316e53c8cdd9d9954bd611d	1 B	2023-03-07 01:20	2025-06-18 04:26
Pretty Observations First Seen2023-03-07 01:20 Last Seen2025-06-18 04:26 Times Seen11500 Hash 7694f4a66316e53c8cdd9d9954bd611d 22ea1c649c82946aa6e479e1ffd321e4a318b1b0 8e35c2cd3bf6641bdb0e2050b76932cbb2e6034a0ddacc1d9bea82a6ba57f7cf Loading...

	#8 Eval - 1f51be0dc5971b918e74fcc59935234d	2 B	2023-03-10 14:46	2025-03-30 22:15
Pretty Observations First Seen2023-03-10 14:46 Last Seen2025-03-30 22:15 Times Seen545 Hash 1f51be0dc5971b918e74fcc59935234d e90a8b3ddb5243a1491d5c389f121393de322b7e 0a276e36c919a771e9828242ea83431ceb7d7a8fb3804f75f010b4d555b9371b Loading...

	#9 Eval - c98a92895c977b6ca392a0ce07664f0d	2 B	2023-03-26 14:18	2025-01-23 20:24
Pretty Observations First Seen2023-03-26 14:18 Last Seen2025-01-23 20:24 Times Seen331 Hash c98a92895c977b6ca392a0ce07664f0d b51558c52ea9f97317c9b467ccd78f9f760e1a79 6fa8abd52f226c60c4e5cf3f89297587bbd84c7cf33de06cdc13d59675d3cfa0 Loading...

	#10 Eval - db341325cb123eae94a69292a2914972	2 B	2023-03-07 01:15	2025-05-15 21:23
Pretty Observations First Seen2023-03-07 01:15 Last Seen2025-05-15 21:23 Times Seen299 Hash db341325cb123eae94a69292a2914972 7a4b4f54801d550b0e25dbb82e354b6211d12b13 2996ef92b7e2dd902011acac57b64dfeec0ea081d8fbfe469d0d23dd9b7be9cf Loading...

	#11 Eval - 99051563a8d63df8ea5f54dd5756b8a1	22 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 99051563a8d63df8ea5f54dd5756b8a1 fda6dc404108afe1a5b4d02a58bc8558cdb7e83c 9c6e767a57ed39a34b0014c74ae67d439cfd02aa8d24da64157503e7d9c34a66 Loading...

	#12 Eval - 40d1a4b3e1fc3be3bf6719cbf8ca4758	22 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 40d1a4b3e1fc3be3bf6719cbf8ca4758 77c7bc9f940e81091f75ee1a968eb8c03f4c4265 b261848a02468c3c6351a517a1f192372b9037e7ad4900d7ceca2a7f0cb2d4ec Loading...

	#13 Eval - b17006ae46b1ad0a145f05cca896e03d	89 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash b17006ae46b1ad0a145f05cca896e03d f97980d4d4fb17d373cdc54cdd061c721b61a611 06939d6066d8b6bbd4ef0c4c0085793a0889c680dee9dad7e355ee2060393ae8 Loading...

	#14 Eval - 8d8b85adc4d2474a84fbca1381afb3c7	83 B	2023-03-07 01:02	2025-06-18 04:27
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:27 Times Seen45755 Hash 8d8b85adc4d2474a84fbca1381afb3c7 3815645d5a8680fd3ed4ce5a3b82f8d432448698 3eb8abc484d33a620c974de75babdd2caae4fff7dc8daad7d860dd41c93ee611 Loading...

	#15 Eval - 374927e4892df2f36b079fbce837ee70	28 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 374927e4892df2f36b079fbce837ee70 2fa91b5092879786538225d63bb210b45504929c 537e539015c8d05531845aebe0ea81813f4e821243c51a7f1f5d9fc41d5883a4 Loading...

	#16 Eval - bdae8a558d1998938a59f498a62dd906	2 B	2023-03-10 17:04	2025-03-31 02:42
Pretty Observations First Seen2023-03-10 17:04 Last Seen2025-03-31 02:42 Times Seen159 Hash bdae8a558d1998938a59f498a62dd906 e7a6886142fb7b060a3c5635113d73e9d5c2d180 f5bed5c5ca28475e91a761356d1fc900ee08ae4dc5b9cb2308b28b792ec6b953 Loading...

	#17 Eval - a931635074a5017da74948b67e16c76f	206 B	2023-03-07 01:02	2025-06-18 04:27
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:27 Times Seen45408 Hash a931635074a5017da74948b67e16c76f a6799582ad16a7c1ab8221c166268130df6691d2 1fb437ac78114eda813a7c4d5771b6d3aa34908a5ca3b743d5eb5c79088cf82c Loading...

	#18 Eval - 9d0137bffa0f20d5e8e9f54f2c84cf0a	10 B	2023-03-07 01:02	2025-06-17 02:04
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-17 02:04 Times Seen37081 Hash 9d0137bffa0f20d5e8e9f54f2c84cf0a 39edf6d919f82b9692a2edfecc78427a82567c42 269d4d56785ffc82f3ed05d8ee3b84fc18d7474663ddd06c6fd285165190bb19 Loading...

	#19 Eval - 0b7eedfc81415c1a034b79b5a12ab9a8	2 B	2023-03-08 05:59	2025-01-27 03:42
Pretty Observations First Seen2023-03-08 05:59 Last Seen2025-01-27 03:42 Times Seen231 Hash 0b7eedfc81415c1a034b79b5a12ab9a8 8b2655197e8addac8ffd1250db681408e124d9f4 f63ddcfd6fd537d3b4df2be48a16165f6da67aa128ef02e9cbd653df6fde4289 Loading...

	#20 Eval - c64a5dae48f04e16deab001d4b9dbd80	2 B	2023-03-08 09:42	2025-05-29 05:28
Pretty Observations First Seen2023-03-08 09:42 Last Seen2025-05-29 05:28 Times Seen185 Hash c64a5dae48f04e16deab001d4b9dbd80 a1382f8f61bcba9266e29a3fce9ccd7c9b961459 49e72f36eb565cffdbcc8f08e9d29d128067c85592da711cfb157f62bf27a669 Loading...

	#21 Eval - 61a6f2652a0b6db05139abddb9b96ab7	38 B	2023-03-11 13:53	2025-06-18 04:27
Pretty Observations First Seen2023-03-11 13:53 Last Seen2025-06-18 04:27 Times Seen40111 Hash 61a6f2652a0b6db05139abddb9b96ab7 05548eab56f32db3c8c42fd2487a3f3b3ccf0ee1 cc6e0d6af3dc4f620458aa79c4f4c0631ebc1bd55a148f5e9a06ea8874885831 Loading...

	#22 Eval - 87cbf59dbe0b38b7999dbe35d391222f	495 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 87cbf59dbe0b38b7999dbe35d391222f 3c9593f78802ecdcdbbd1fbc694cf191e8147e61 84055ceb108933d8c4736d4b3c68c9088cf4e789f8f98dad65ba2bd4b08d80d1 Loading...

	#23 Eval - 51792c67c588ce8139b246f015ed8a85	15 B	2024-07-23 18:45	2025-06-17 14:14
Pretty Observations First Seen2024-07-23 18:45 Last Seen2025-06-17 14:14 Times Seen12804 Hash 51792c67c588ce8139b246f015ed8a85 d3148f014e0f4790ff65a8004585d17ed319833f 6f70d853ba1dee4fc189490cfe4b6b1ab59f5853344cd85576bd2a4af2b506fe Loading...

	#24 Eval - 64d8c858156192a16a990983d35fb3f9	15 B	2024-07-23 18:45	2025-06-17 02:04
Pretty Observations First Seen2024-07-23 18:45 Last Seen2025-06-17 02:04 Times Seen12778 Hash 64d8c858156192a16a990983d35fb3f9 1ae03179ebb040c510ecf6f785c0002f21932433 bdfd55577f7056ab007e88fcfe9352e9805fc05f504131193cbe81c001162fd3 Loading...

	#25 Eval - f0e976b756b6afe7f40bca206a2d7150	29 B	2023-03-07 01:02	2025-06-18 04:27
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:27 Times Seen43988 Hash f0e976b756b6afe7f40bca206a2d7150 db9bee9a7bba93a60330ec5ef1334d9c164fcd56 029b84af88c5d6ced58173997a15fa47011e198e5449027d87e2f7b871f332c2 Loading...

	#26 Eval - 9acdbc05ab7c5f2b2576422f0400963a	2 B	2023-03-07 12:23	2025-06-16 08:53
Pretty Observations First Seen2023-03-07 12:23 Last Seen2025-06-16 08:53 Times Seen789 Hash 9acdbc05ab7c5f2b2576422f0400963a 143be00a352c9dc9fb12da7791c366233b5e95ff 6fd2a6981e2ee5ba0aeef97b7bfe07df86aebd3b1f3f49a60331dd23be694de2 Loading...

	#27 Eval - 457cdc01ed7376a9f312f3152a2ebfce	77 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 457cdc01ed7376a9f312f3152a2ebfce 9cdda7707f564e86331a910337cb1dfc19eaac87 1c92209c1ce9057dcf21856cc2c5debefc47b5d287bb4a69ddec246e3e5cba4a Loading...

	#28 Eval - e47ed71df8334e4e9657858833b0581e	22 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash e47ed71df8334e4e9657858833b0581e 8893068e3e9f360f3ed3e2af2ed6ee967e4e427b 26f1394ca89bdd7798c0bcbb4d8d9c0acf287ec5ad84127402b4a0bb6790dd9d Loading...

	#29 Eval - 981805af6aa5c42a6531e28454f3eba7	107 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 981805af6aa5c42a6531e28454f3eba7 a55de194fba3ab568365889e4e15e13de59de3e3 cb44d5e66230e89d97cebe813e20e8d4d25890ef37f57a92f8b9cd844510b1f7 Loading...

	#30 Eval - bae3f90cb000352645e35fad60da411c	35 B	2023-03-07 01:02	2025-06-18 04:27
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:27 Times Seen52484 Hash bae3f90cb000352645e35fad60da411c 00023f94c170125b979cb1914925d06ab1abfbce 1e3606d95ce27d593157594820335681a9380f51a96147303cd8000e60a95e12 Loading...

	#31 Eval - 8ce4b16b22b58894aa86c421e8759df3	1 B	2023-03-07 01:02	2025-06-18 04:27
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:27 Times Seen8268 Hash 8ce4b16b22b58894aa86c421e8759df3 13fbd79c3d390e5d6585a21e11ff5ec1970cff0c 8254c329a92850f6d539dd376f4816ee2764517da5e0235514af433164480d7a Loading...

	#32 Eval - 4c62bc4fd3c4e105cb3fb62fb748d59c	203 B	2023-06-16 07:31	2025-06-17 11:03
Pretty Observations First Seen2023-06-16 07:31 Last Seen2025-06-17 11:03 Times Seen37036 Hash 4c62bc4fd3c4e105cb3fb62fb748d59c f6e2d1e74e35ec4c4740ba02e890b98bda11417f 9f4a6a370cd350425d8ac08047e7646116468672e99765ca198e6d463ee5286d Loading...

	#33 Eval - 2c378607f1c9087e51c38232056d668e	249 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 2c378607f1c9087e51c38232056d668e 258ab8c219eca20f09e3e5f63abb39d05e9e510e 21020cbbde61c229f0cb0d0f6725e276a2d6c5b9597129eb7f664468e66914b1 Loading...

	#34 Eval - aec030b99b5f911c7e58cce63ee6b68d	77 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash aec030b99b5f911c7e58cce63ee6b68d 41f5e0b4cba35235044244bddc18ee831c4e14b7 3581f09c0ac9cd985cb95870f0371452f5d0f9bd70fa5838a0690c8f2e844d1e Loading...

	#35 Eval - 1120fbd900038834e1281c96c81678f8	2 B	2023-03-08 04:29	2025-01-21 17:10
Pretty Observations First Seen2023-03-08 04:29 Last Seen2025-01-21 17:10 Times Seen121 Hash 1120fbd900038834e1281c96c81678f8 64242be80ae04093e47344878d90ae294d9ed9e8 0f3b19ef6dc682ae312e3ba333de1cbabebec7eb45bbb1c851b76fb73bf64530 Loading...

	#36 Eval - e338776be8d95f5e8ff908e86c07e630	2 B	2023-03-08 14:34	2025-04-14 14:35
Pretty Observations First Seen2023-03-08 14:34 Last Seen2025-04-14 14:35 Times Seen170 Hash e338776be8d95f5e8ff908e86c07e630 8f1f6845789f8a6754915281c87e7090786c4103 747b9233e1efb60d1714fe557440361e509b62095baaaea3a90cdb10c367d872 Loading...

	#37 Eval - a8372c9b1c262ed598efc607eb573069	335 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash a8372c9b1c262ed598efc607eb573069 8e26e6f3e7fe25354cff0decddb135a1cc2b512e 0b4505de67a9d37d88cb5573256bf4139f27d68b0c64601b6dd52e05db7b6753 Loading...

	#38 Eval - 3cf01c9615532866af40f84a1a78d599	22 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 3cf01c9615532866af40f84a1a78d599 a60e95ac70d854f982e60c15f400adf2dc933a37 ce3cbbfc442b19c7fd659a1ed86e5f5f50141045409cb2bf5cd3208c75ea8530 Loading...

	#39 Eval - 68d7deddbcb3d50119ee8e91755321a1	337 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 68d7deddbcb3d50119ee8e91755321a1 23f7457fc22e03986f9d1ea266a0e69fcb9aecc0 95ff1f3a32debefe07788e87e84837b28c2925b7f9693da7cde013d695d5f5e3 Loading...

	#40 Eval - dcc97799691fbd21c7468a826da5e782	72 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash dcc97799691fbd21c7468a826da5e782 ffb508831f1bb46457ea6c13cf5f9a056eb4174e 5b82d9e197888a47cc883f2c7ae1c39a8daed96e4408ee5a2ce109e6745782ef Loading...

	#41 Eval - 0d80d99d7f209071a284c9ab6d14accf	83 B	2023-03-07 01:02	2025-06-18 04:27
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:27 Times Seen56774 Hash 0d80d99d7f209071a284c9ab6d14accf c91e7389c28a7b35eeb114484808a20cddb8c20e 0cb21d1de060008bab472c15c63e6f15828de601f85deff00d701d26c0f6819a Loading...

	#42 Eval - e358efa489f58062f10dd7316b65649e	1 B	2023-03-07 12:02	2025-06-18 02:32
Pretty Observations First Seen2023-03-07 12:02 Last Seen2025-06-18 02:32 Times Seen10621 Hash e358efa489f58062f10dd7316b65649e 8efd86fb78a56a5145ed7739dcb00c78581c5375 e3b98a4da31a127d4bde6e43033f66ba274cab0eb7eb1c70ec41402bf6273dd8 Loading...

	#43 Eval - d67b9014a832d23684f1ac4a4c8e1f1a	29 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash d67b9014a832d23684f1ac4a4c8e1f1a 94134f3bda9eb098b9833c9ee8be98751a71f03e 5dff663a918927a04043a8753ae392a881c8d18ed1ef28ebe928971ec96e0e03 Loading...

	#44 Eval - 1dc986f8d12e6d2edaab9bca2bb88925	785 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 1dc986f8d12e6d2edaab9bca2bb88925 7d2875ed9f16ce58539eb5bfeb5e45365e66adcb 71eefdf62f13087bc73bc1cb3d4d06907108e4549cb1feb12710f53f675514de Loading...

	#45 Eval - 4cc3513d1622e41b4689bde4c9e138b8	118 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 4cc3513d1622e41b4689bde4c9e138b8 a5d7cfbb7efeb9fffa344055f1913de5182385c2 eb32e1cab1ef092c786bb7f94aef42774dee0c5e1676f7edc3080c5efcf57a96 Loading...

	#46 Eval - d12309f002cb8f0ad1d0ddce9cbd8241	284 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash d12309f002cb8f0ad1d0ddce9cbd8241 d8385a71abcadb1c8d0847d1e4ec24148880f090 5d3ecda371e9ffb986d994aa8b319a981b8c8ad1b32ff7ea7f0e3f3013509fca Loading...

	#47 Eval - 735cc6947456cb910416fead98b9ac1d	96 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 735cc6947456cb910416fead98b9ac1d b504ec3d4e8f2c0c98b253b534c7c42ed801742b 214c59f5958c3a3f6c93e5ed143f4f46c9b901b820fa2fbde2fdc29e6103c895 Loading...

	#48 Eval - eb7ec78e6d207faba07e47e81f243662	266 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash eb7ec78e6d207faba07e47e81f243662 b27683278b59a093386f0f805f8d8fcfedf7b34b 9fdb38d219f3668410cda3dbb508074d592eb07d8c3df4c1165358a32c7f3d78 Loading...

	#49 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	0001-01-01 00:00	2025-06-18 04:49
Pretty Observations First Seen0001-01-01 00:00 Last Seen2025-06-18 04:49 Times Seen4999301 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#50 Eval - 5d44a032652974c3e53644945a95b126	2 B	2023-03-09 01:33	2025-05-29 05:28
Pretty Observations First Seen2023-03-09 01:33 Last Seen2025-05-29 05:28 Times Seen150 Hash 5d44a032652974c3e53644945a95b126 4e694234bf4388a44a497ea591f3a9232cbf6c05 8630c6c9af0730c3e9635a44c97bfb4ac4ff57c449951a60848ac666f5f2de0c Loading...

	#51 Eval - 8d9a336d0d37c84b40a57f01ff874f31	92 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 8d9a336d0d37c84b40a57f01ff874f31 00f24f93ac3e85c95eb091902d691e8d8f77deb4 b84041d7f4323c99e926c28c2aff6ddbfb0d7606903bb45ace799057cb47aad2 Loading...

	#52 Eval - b557f44655d9cae69d8bd8567989db8f	74 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash b557f44655d9cae69d8bd8567989db8f 42de8067a34d34c7299ede4d0983891ea4b1a7e3 7b8177b17ae909193dc78eb882eed9483b3a612e1797be7062067e7a3e82ffd3 Loading...

	#53 Eval - 05b8c74cbd96fbf2de4c1a352702fbf4	6 B	2023-03-07 01:02	2025-06-18 02:12
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 02:12 Times Seen61438 Hash 05b8c74cbd96fbf2de4c1a352702fbf4 320ad267d8d969f285eda5c184f5455bd29c8c95 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba Loading...

	#54 Eval - 22ff125c6e728c317a72cdb129f988e6	299 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 22ff125c6e728c317a72cdb129f988e6 d3d7a11ee6e40edfce789573116ef860e1da03e0 f3d590dab1f168e3891f1c79197b1d176541976c13b81684a545f47a330f392e Loading...

	#55 Eval - fb1c211c65c115b61129eadfa20658b3	301 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash fb1c211c65c115b61129eadfa20658b3 34aa03269a0718ccac627019ec6e8e8656edada7 8e6843c2bf9b8bc66500e72eff3830a165424d9b87e69b2023576e7e71c080a6 Loading...

	#56 Eval - e02cb91b733e7859776f4e639f8d7660	507 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash e02cb91b733e7859776f4e639f8d7660 2b869a49bd056298cc54373f0b96cd177155ae85 f35d5b1373e063da5dfbe15acc4621c8b8aeccd6d715037a49c873fe0d923995 Loading...

	#57 Eval - 28ca55c4c0aa3442a08647ad9e4d9f38	598 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 28ca55c4c0aa3442a08647ad9e4d9f38 6f6870ec0ac8e90f86851036dcce69fcc87b4c39 30f20ecc8bf875d36d033d153fb48c229dfe8fa41730affbae28fae1d076891c Loading...

	#58 Eval - 96d66a4d9708fdb6dd5597f3bbc7d624	195 B	2023-03-08 14:47	2025-06-18 04:14
Pretty Observations First Seen2023-03-08 14:47 Last Seen2025-06-18 04:14 Times Seen45280 Hash 96d66a4d9708fdb6dd5597f3bbc7d624 e10a66fa8a836f6f948941262b70e1fc928a446e 3cabac574ada654802fc1c4518d870f0791a9a3ac31371677e75fb683e47ce89 Loading...

	#59 Eval - 3acd97fff12443fe1aeb0b02dc7f864c	131 B	2024-07-20 23:15	2024-10-17 08:12
Pretty Observations First Seen2024-07-20 23:15 Last Seen2024-10-17 08:12 Times Seen8063 Hash 3acd97fff12443fe1aeb0b02dc7f864c b44d67d34476792d0fa5fb98a7207b87111533bf c15095b8533fa7ed1c0970d5e25eee118d83956d5e8da0a3712034850e3ed576 Loading...

	#60 Eval - 7c057d1ba28f18053589b1f2f87461ac	77 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 7c057d1ba28f18053589b1f2f87461ac f535ea1be3c01843ba0c0752e74a1c29c730f24e 6272a1389dcc5292eceb36bb2bb573110d163217dea4f9da6ead6e292e301ae1 Loading...

	#61 Eval - 2316f4131bc62312621792b172047bbc	75 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 2316f4131bc62312621792b172047bbc 07a1a776382ec134484f9efa5e20d41335a23c88 90629cb9cc81ce2e1f242c893aeafaaeff15cbee6b3b7717cfa06821fd4d6c50 Loading...

	#62 Eval - 09e82f3724572c1c55ec62fe0029db9d	91 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 09e82f3724572c1c55ec62fe0029db9d a9e0f88906ad3c647d79b83de8142ac31acbcacb aabdb5ed96e264cc15b8f6a8a5c2dfcac25f211a2180699ee91a0a55d4a53a62 Loading...

	#63 Eval - 439c8b31e3cbc254b0935e87fa08d058	55 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 439c8b31e3cbc254b0935e87fa08d058 28a37e2b157ad019c07533dc5247aef43f10840c 3e3fa8fe78007eb77e67b4669258640e2f4bae24135a4c2b35c30ccdaa5bd635 Loading...

	#64 Eval - ec7e53845feb375870343182efd0b929	11 B	2024-07-23 18:45	2025-06-17 02:04
Pretty Observations First Seen2024-07-23 18:45 Last Seen2025-06-17 02:04 Times Seen12783 Hash ec7e53845feb375870343182efd0b929 63e71d0c5bcadc37a725d971054eb55e017f6989 a2253e1fad60aa1ccf31416ca8cde6ffaa5af2510733c7186adc04a503346c5b Loading...

	#65 Eval - 952e108649eee4b686c2431edc8fcd17	2 B	2023-03-08 14:22	2025-02-16 16:54
Pretty Observations First Seen2023-03-08 14:22 Last Seen2025-02-16 16:54 Times Seen427 Hash 952e108649eee4b686c2431edc8fcd17 6fdede7befa5cbf3bc6641cf4e8ae6b2ab7a6811 f255add9d085e62f26b00371d90e729e570080e9ba321f3ba169529c33225f89 Loading...

	#66 Eval - 87bdecd122d1a62eb3e9c429ed8cde80	22 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 87bdecd122d1a62eb3e9c429ed8cde80 87a1277171d8e48045147c6e54cf1b1e9e31febd d30b28fd296f7e0291705de95bcc9e2d3557f3317fb20add3e5802ced4508dc7 Loading...

	#67 Eval - 37a6259cc0c1dae299a7866489dff0bd	4 B	2023-03-07 01:02	2025-06-18 04:43
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:43 Times Seen63248 Hash 37a6259cc0c1dae299a7866489dff0bd 2be88ca4242c76e8253ac62474851065032d6833 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Loading...

	#68 Eval - 6588aab7547d0f87caba0b7a93efc9bf	2 B	2023-03-10 14:46	2025-06-01 19:58
Pretty Observations First Seen2023-03-10 14:46 Last Seen2025-06-01 19:58 Times Seen280 Hash 6588aab7547d0f87caba0b7a93efc9bf a13f7c3d18f8a3bd09702426fc6cef749e994864 447885b1653f6b0e14323b44c035aa6ee93f7dfd785496f90076e71785909910 Loading...

	#69 Eval - 8d85f26b5a715e2cf7b0bac9bc27fa50	320 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 8d85f26b5a715e2cf7b0bac9bc27fa50 8e7af0e54d2df21ff0ec6ac09e735c45a9568bc8 2532ae9fa8ed896e8f49d5a814d872077985bb16ef43be5fc4b59f4a2832a996 Loading...

	#70 Eval - 218ad7f43d8c1e34eb055f13e07352d8	458 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 218ad7f43d8c1e34eb055f13e07352d8 b28faece43509e97f0b6a04736656d891ea76773 1679ed8efa7ac8f522d057bb239997e229ea6814f6a4a18d0d6f90df53f65d9f Loading...

	#71 Eval - f465da03521180d47c811a98c793a2d6	9 B	2023-03-07 01:02	2025-06-17 02:04
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-17 02:04 Times Seen37069 Hash f465da03521180d47c811a98c793a2d6 9b76105ff4c8bb84cd630914d772f4cc73df0155 e8183224e440eb4578fd87c4c47735f9ede4c43b1c6ebbdcd7033e98aba6a009 Loading...

	#72 Eval - 69691c7bdcc3ce6d5d8a1361f22d04ac	1 B	2023-03-07 01:15	2025-06-18 02:13
Pretty Observations First Seen2023-03-07 01:15 Last Seen2025-06-18 02:13 Times Seen8627 Hash 69691c7bdcc3ce6d5d8a1361f22d04ac c63ae6dd4fc9f9dda66970e827d13f7c73fe841c 08f271887ce94707da822d5263bae19d5519cb3614e0daedc4c7ce5dab7473f1 Loading...

	#73 Eval - 0d61f8370cad1d412f80b84d143e1257	1 B	2023-03-07 12:12	2025-06-18 04:27
Pretty Observations First Seen2023-03-07 12:12 Last Seen2025-06-18 04:27 Times Seen9214 Hash 0d61f8370cad1d412f80b84d143e1257 32096c2e0eff33d844ee6d675407ace18289357d 6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d Loading...

	#74 Eval - 8c3adbb478016480edec000a6257be6d	57 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 8c3adbb478016480edec000a6257be6d cb5401338f2a25914d1c31d93d3fc1c9d3678fbf 2040676220b7ebb95d0260a5930f330136c01c4bca43631d322ab3d7e4bbc179 Loading...

	#75 Eval - 99c8056c166ef8998f3b275c01ad5c98	130 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 99c8056c166ef8998f3b275c01ad5c98 7fd72feec63adcbaf93b600939967ce278c1a4cd 1abe6ae322ea4ff40c46e61a3c8158acd05f59d90f67f7e6ec3e57116d28867d Loading...

	#76 Eval - db0f617128d842a5c284728deb3c7d47	22 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash db0f617128d842a5c284728deb3c7d47 93784c4bb70cc94b9dabd35497faa5d05db812c5 93d25c861e460a2eb81fe0c7cb991ffc9394dc8a34aa1ee9d8db2b954ca3c3e9 Loading...

	#77 Eval - b3d9c3a0a013d34a5fdc678d85909988	76 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash b3d9c3a0a013d34a5fdc678d85909988 e8f3e3b2fde2a1cd4036e21ea682d045708a2464 6edd75ff6b4d6ef4739de233b6b356024e288dd05bb36c194216dede7bb94475 Loading...

	#78 Eval - 375bcce8b6352943b18a5298897cad51	66 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 375bcce8b6352943b18a5298897cad51 040a624f67b06a2ac1930bd98c5ea8b7189ee3fc 06898832db246a2e4127e4d23e256dc2356c3b02b2e42a6fa343133bee313a4a Loading...

	#79 Eval - cb060f440e7163bb6b0a1d6a7927fffe	1.0 kB	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash cb060f440e7163bb6b0a1d6a7927fffe 22b44b7b55c4fefaee80d7efe319aadb1a6959d8 f2d1c36724bf7cb2ac7dc95405e24060767c74abc2e5f88eaa4643353bc02677 Loading...

	#80 Eval - 219505d4d5ae5b145370ed3cef98cfa3	6 B	2024-07-23 18:45	2025-06-17 02:04
Pretty Observations First Seen2024-07-23 18:45 Last Seen2025-06-17 02:04 Times Seen12806 Hash 219505d4d5ae5b145370ed3cef98cfa3 89498e7304c8074715c729700b3955fc065531b0 d298bd11845e65f3a66d13d3a5ab32c91d5430be6dd23c2bb70ef16c03e21751 Loading...

	#81 Eval - 0612e93d65abcdaeed533a0876474251	2 B	2023-03-13 11:31	2025-04-08 06:11
Pretty Observations First Seen2023-03-13 11:31 Last Seen2025-04-08 06:11 Times Seen366 Hash 0612e93d65abcdaeed533a0876474251 05012c709b290b804b6292a20971b494fa43f96a 7ede48ffa12576a86adadf6f703eae885bd80f63e32293b7382560139c9af990 Loading...

	#82 Eval - 5e650e41b0d7b38383fbc82d13e428db	611 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 5e650e41b0d7b38383fbc82d13e428db 75b5c5d410c55b26997fecf368f76827227ff3a8 31c6beb02621f654fcf75053a7ac5c97ff0399973077da3f9215167b7b5c72a3 Loading...

	#83 Eval - d60c9f32a5a143042042eab457d84056	613 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash d60c9f32a5a143042042eab457d84056 2d0ccb5e74f01e4b6aa2788733bf1f5cd34861cf e8b12ceed31dfaa95fad53567ac6df68fe168ada526877de46664b5c3d4d45e6 Loading...

	#84 Eval - 24cc3dc813f384fde380df619f1525cb	19 B	2023-03-07 01:02	2025-06-18 04:27
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:27 Times Seen48316 Hash 24cc3dc813f384fde380df619f1525cb 56399e3ce57ff98d68c7de98a563e572230dff6b 5421715bbdaf2550e31d10fc28d444310a8fe7147bbddecf0abb490358a1553b Loading...

	#85 Eval - bbe5a9cb6d6ed59f20083aec6b37f599	28 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash bbe5a9cb6d6ed59f20083aec6b37f599 0dda7bfa2926dfd00ba1885e3ef21bb57d5b3e98 5ab34f5d19f633da4d543745410cc929fb2e41682c8066e909927ce94a1767bf Loading...

	#86 Eval - 4e4eb92fdbc86b9e08dcc57af8d23e7d	55 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 4e4eb92fdbc86b9e08dcc57af8d23e7d dff336842832c5d844e5017f659c624ce541b5b9 d8bfe9ad0f202f62cd8e8c09bd673e82da71331700f6129395a9d196bc7a137a Loading...

	#87 Eval - 3384065ba6a517c953c2a6e338672f46	82 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 3384065ba6a517c953c2a6e338672f46 1614480621e3be49e7ebd4fbc1bf242789987237 43cf41bf1f5ce3fe5c267beb59ad77e3275e566d2059f7d074ed5a7c694fcf0b Loading...

	#88 Eval - 16bb1e574278e7f717b0bc49c883c902	132 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 16bb1e574278e7f717b0bc49c883c902 f3f0cfd02a76b528daae96c49858fb6e77666fe1 771e3b2d18ec4361201cccbd48ab6032acf3f1a42c2fa8363b8128c46ad3dfc5 Loading...

	#89 Eval - c90d76e4596f46d08774e752276e1c52	347 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash c90d76e4596f46d08774e752276e1c52 d062f02a5fbbc0f700b486326352175afce0a6de de18ff32c81e23fc317a300ecd7893351ec95654bd6bcff6f3359e18c518377e Loading...

	#90 Eval - fa450f213788d58a425e80309fd05d71	22 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash fa450f213788d58a425e80309fd05d71 9c141ab692e1c0d1b3376674ef010ae2891a3d2e c1179566543305855269c2b0c9ed7de14a544a8aa9798f33c0c7f0ef794f055f Loading...

	#91 Eval - 45cab7d5287eee0132f67c3adb2aed57	34 B	2024-08-14 09:56	2024-08-19 13:22
Pretty Observations First Seen2024-08-14 09:56 Last Seen2024-08-19 13:22 Times Seen110 Hash 45cab7d5287eee0132f67c3adb2aed57 ee27a21de8a4bf6922da8c3e654eda4c3741012b 533c266bdab7bfed638d2284e54146adc50186ce3a8e1c76653d3d636f88a1f0 Loading...

	#92 Eval - 4d9d6c17eeae2754c9b49171261b93bd	2 B	2024-02-13 23:54	2025-06-16 16:17
Pretty Observations First Seen2024-02-13 23:54 Last Seen2025-06-16 16:17 Times Seen443 Hash 4d9d6c17eeae2754c9b49171261b93bd 47fdd9283ded80c62bb5e40ce65b0e49a48675b3 0f1e18bb4143dc4be22e61ea4deb0491c2bf7018c6504ad631038aed5ca4a0ca Loading...

	#93 Eval - 5b8b4bc87cd356143fc29c82aa4961d0	140 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 5b8b4bc87cd356143fc29c82aa4961d0 c11ab39cc8542397ede2d375c18ca81b183dcc5e 5f012fb589f6cb89d5499c927644df32425cda60d32fff59b43a3e609747cf54 Loading...

	#94 Eval - a699dd57cd294dcb522c66e52390fa1e	2 B	2023-03-08 15:47	2025-06-15 12:26
Pretty Observations First Seen2023-03-08 15:47 Last Seen2025-06-15 12:26 Times Seen532 Hash a699dd57cd294dcb522c66e52390fa1e 39e50dc734b3b2e6c68ac67673d5ddba074385e5 10d5ddd74fbcfcf9577cdd9baaf991024dee040014bd43e76a5c2179500e9951 Loading...

	#95 Eval - f5cdb9bd6aedc7f32c17a9873dd96c53	77 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash f5cdb9bd6aedc7f32c17a9873dd96c53 067e7d0d86969e3831b3b2eaf64fef6c231262da 3f96082da4a03b43cde91319fb5b1d9fde08f24624c2d28d70917eb80867410a Loading...

	#96 Eval - 0cc175b9c0f1b6a831c399e269772661	1 B	2023-03-07 01:02	2025-06-17 14:14
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-17 14:14 Times Seen11175 Hash 0cc175b9c0f1b6a831c399e269772661 86f7e437faa5a7fce15d1ddcb9eaeaea377667b8 ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb Loading...

	#97 Eval - e6b0586dceee98a4671d807faea890e7	264 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash e6b0586dceee98a4671d807faea890e7 ed5faa0d987be2113448c6216cc0db2247f27a16 ddbeb1321aa8849b3e2f0e4434e035b8af05b54021a239c360685e27548d2ce7 Loading...

	#98 Eval - 00e58eb279c0b67f25d5fde62d9e2b1c	432 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 00e58eb279c0b67f25d5fde62d9e2b1c 5f6d9a0aeedbcef95472dea5f5cd3da3d338adc0 3358b2b1fe091e018b4550f188ba39e6d21380e3d181651a8fea121cc419097a Loading...

	#99 Eval - c179ac13e0f92b60ab36cd43713ca220	589 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash c179ac13e0f92b60ab36cd43713ca220 e54a2c93230f8daae0e9ddf12d0243c006a30054 f9703e7d06d519cc620f31316d7ab0eb9856ce38b032479430797d46fefde77c Loading...

	#100 Eval - 1d8d5e912302108b5e88c3e77fcad378	2 B	2023-03-07 13:22	2025-05-17 18:16
Pretty Observations First Seen2023-03-07 13:22 Last Seen2025-05-17 18:16 Times Seen190 Hash 1d8d5e912302108b5e88c3e77fcad378 3b15a4ea80087c146ac83727ec872e1daa0d828e 7a5443b6636713baa6350c1cf3ec620b2771a8d411ea3180c5d46b502b9ab77d Loading...

	#101 Eval - dbd5301a98ff9658edcefa159205847f	189 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash dbd5301a98ff9658edcefa159205847f a78e7218123d3ae708d15c25798fff740396361f 5f1054c08666f817b6123065df985b24862eff438bce34f666e7c26038e2ba9e Loading...

	#102 Eval - 17b13ec2b9b17c4f05179dbd8a97f879	297 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 17b13ec2b9b17c4f05179dbd8a97f879 e57c46116359d14d48a3f5f672a5d7b32bbb08bc f0f36f0555a85a9bd6055ff37f568142dd9f3fb0b4120ef886f9d39d3e566936 Loading...

	#103 Eval - 31a50e9f76222042d30982ef8587ab3f	190 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 31a50e9f76222042d30982ef8587ab3f 032e24a05f0ba5b92d586e7f4eab83608c404bf5 17f75ae2d00728dd66b90b8b006344223315dd7e4c228b75a92f395175705ae4 Loading...

	#104 Eval - a5c244fde4e6f1ade71beed5c11edb59	13 B	2024-07-23 18:45	2025-06-17 02:04
Pretty Observations First Seen2024-07-23 18:45 Last Seen2025-06-17 02:04 Times Seen12797 Hash a5c244fde4e6f1ade71beed5c11edb59 6bc634a7f8505a2ce340807aecfa1e50c2a578b3 d561924e4295103128924509bbe71b3eed6625592d75ba3cc35c365189d6081d Loading...

	#105 Eval - b86fc6b051f63d73de262d4c34e3a0a9	2 B	2023-03-10 16:45	2025-05-14 03:23
Pretty Observations First Seen2023-03-10 16:45 Last Seen2025-05-14 03:23 Times Seen248 Hash b86fc6b051f63d73de262d4c34e3a0a9 06d945942aa26a61be18c3e22bf19bbca8dd2b5d 38164fbd17603d73f696b8b4d72664d735bb6a7c88577687fd2ae33fd6964153 Loading...

	#106 Eval - ee52f208c3255195bef835c983aa65a5	127 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash ee52f208c3255195bef835c983aa65a5 86e60156414ed982acc9d7832407cfb1908c9489 4f28aacaff1f217a85b522b3600aaad9b2f058c355334d4a21817f51192fe65a Loading...

	#107 Eval - 6df90942a25ab8888b0b2400d3f598d5	156 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 6df90942a25ab8888b0b2400d3f598d5 ec0aec7dbe2c197932ff0eea3c2bf116e1d06429 08e3f4199fe7e9a15bc99dfc44a2853608841553692fdb0ec6446b2ae1364d36 Loading...

	#108 Eval - 90749cdccc92b64023af65b2c2e09841	52 B	2023-06-30 03:07	2025-01-10 21:02
Pretty Observations First Seen2023-06-30 03:07 Last Seen2025-01-10 21:02 Times Seen37627 Hash 90749cdccc92b64023af65b2c2e09841 c462a67f6bc05d361593fd7bdc0821fc6fbb27b4 23f5d7bca8a3fd67ad081a77c0f5ab552436896346a404b9a58840870ec9eb1d Loading...

	#109 Eval - 5dfbd352986e4187b80a2c4624e8031c	56 B	2024-08-19 13:14	2024-08-19 13:14
Pretty Observations First Seen2024-08-19 13:14 Last Seen2024-08-19 13:14 Times Seen1 Hash 5dfbd352986e4187b80a2c4624e8031c c8e11c904215cf3f056822a86e567cd3e96da4c9 4d5cf782239cff7ac72c15122b0d0a0b74d1ca11408f64a31c3161322fecc753 Loading...

	#110 Eval - d48a24ae9672ee573050e4d3aeeebe4d	29 B	2023-03-07 01:02	2025-06-18 04:27
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:27 Times Seen52746 Hash d48a24ae9672ee573050e4d3aeeebe4d 8f8c4d27852980a1ec5a8b1aba30769001314ec8 53e5b7d706a350fe98d52499058624e15cddc1541f17370f94a899a386c50255 Loading...

	#111 Eval - d2a5c98e0f60af440621021e0580b9cd	783 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash d2a5c98e0f60af440621021e0580b9cd 792b8153f0553ef08bec9d88aab9e3df6b30b317 33a21ba4d6b0a915f8cb3b862f1e5b7ef894d57e2073b97bdd4ff72bc539e30a Loading...

	#112 Eval - 523af537946b79c4f8369ed39ba78605	2 B	2023-03-12 21:29	2025-03-15 07:09
Pretty Observations First Seen2023-03-12 21:29 Last Seen2025-03-15 07:09 Times Seen899 Hash 523af537946b79c4f8369ed39ba78605 4aeb195cd69ed93520b9b4129636264e0cdc0153 70ba33708cbfb103f1a8e34afef333ba7dc021022b2d9aaa583aabb8058d8d67 Loading...

	#113 Eval - 970926b26054a7f5cee7f9f88e52ca48	309 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 970926b26054a7f5cee7f9f88e52ca48 7754ee00d11b1bc3cc5a54ec125e25118a252e53 4d6c65a2f6693c74835ab9dc572a6284abd85f39a671381b778123ed33977f7f Loading...

	#114 Eval - 8010c6f99d141bb114daace506556886	129 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 8010c6f99d141bb114daace506556886 b3116f81bb177486d79304b4f6720722a5e737d3 8cf6e9f9126987dab213622b978350b7c41968630cac38457d5134d549125439 Loading...

	#115 Eval - bd4496eb0285aba06273987971f6063a	35 B	2023-03-07 01:02	2025-06-18 04:20
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-18 04:20 Times Seen38514 Hash bd4496eb0285aba06273987971f6063a 8c7d085c9d54b41debd437430b6852de7f898857 f2a353ed5469812b863c5fbeb58b4d46b864ba4e20a49f57f9c44c7cda45f46b Loading...

	#116 Eval - 122e54f46c9ff971da26f025fc3f3087	150 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 122e54f46c9ff971da26f025fc3f3087 9e69c3527c21172644d99ec0baea21a078a5532c 20e16e7281e0f7f963f1ee3fe04dba5022e0934fa62b22f7c2591d066f24de42 Loading...

	#117 Eval - b402ee13e23957e0df627cf00518e0f7	59 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash b402ee13e23957e0df627cf00518e0f7 9537f4bd6d1bc321a2b8a8af54134f2989aa16e8 4785c24de8e7aaafd3b7ea414151bfe11724c8e58234c01191fecdda6aeab641 Loading...

	#118 Eval - bba112bd1d510269c4c6e0f8ffb1d14d	261 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash bba112bd1d510269c4c6e0f8ffb1d14d f4f54751e5abe8de15aa518be6d57183e8d77fc4 ebc6fbb65e676c2934b00b7bc3b4bcadf8bd949229ee56ea10887ebef0cb2c90 Loading...

	#119 Eval - 82c809f455c04c127b94ea5430e29db6	106 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 82c809f455c04c127b94ea5430e29db6 613edd4d70d5321913f43938a9aedc59f368b898 a297bd37d781a8e0a3634532eb6057487c4b7d9e665ead0df27d194d1cf79ad9 Loading...

	#120 Eval - 7405ceb2813b0f90ace74494d21ef4b8	2 B	2023-03-10 09:11	2025-04-08 06:57
Pretty Observations First Seen2023-03-10 09:11 Last Seen2025-04-08 06:57 Times Seen498 Hash 7405ceb2813b0f90ace74494d21ef4b8 c9b2ef049e2a57bda63fd1cc78251ce6a2187e99 2fe1d324f7166b7b7983b7d13c8925b9d57cf35df31b0617a23c2a63da6557a7 Loading...

	#121 Eval - 25ba42b2fa6e91656d89f5e2a2d5b6ee	154 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 25ba42b2fa6e91656d89f5e2a2d5b6ee 6b4489edcdabde75695f5682a68523b38d82d30e 9f6c1eb9434c24394aaa75adad8ec8f1cb210984442a6e956b90f299ee6e17c4 Loading...

	#122 Eval - 00e099a387e46b6681e536b05f110339	2 B	2023-03-08 15:49	2025-04-26 22:36
Pretty Observations First Seen2023-03-08 15:49 Last Seen2025-04-26 22:36 Times Seen237 Hash 00e099a387e46b6681e536b05f110339 9980e91b52c9bbed80994c5e5a1a130a50d373f8 7c82b7123b94faf8741492a0a4b84c6fefe2ba9e564175fe349f0a65bc9d1235 Loading...

	#123 Eval - 1163bdf61c34ae09e45b442ed8b728c7	282 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 1163bdf61c34ae09e45b442ed8b728c7 5b6f951fe357fef29c5e68e2b389452912d0ca33 df4a8d587542a7533edb1691f7d8f32617c2b0734f849bbd374f31bd99369771 Loading...

	#124 Eval - 3cc13d4d00cd6cf4423caf8231d056a9	215 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 3cc13d4d00cd6cf4423caf8231d056a9 80e7693a6a1cea638ef1e8bea441bd134a3101a7 89f9c96aabcfcace9dd5a1a8c83c9349c98c54d29ec84b3e6b82e74be5f905d7 Loading...

	#125 Eval - 9d6be18b7630b5471510cc89784cb20b	73 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash 9d6be18b7630b5471510cc89784cb20b 21c90176da3c5153da76826b4626de88e8d9f6e1 c4f1cda4a7fdf4e0e18c816ddf0c70879cdd1d67e31bb86d9bec797a3adfd658 Loading...

	#126 Eval - dd6408c912ed065ba2644b247120dfe1	2 B	2023-05-17 13:31	2025-05-04 17:54
Pretty Observations First Seen2023-05-17 13:31 Last Seen2025-05-04 17:54 Times Seen159 Hash dd6408c912ed065ba2644b247120dfe1 c76ee6afb226594f45099a3fc85ac6d3b6442f6a 7f607b65bde0b72ea8f88c38ffe08d785238e098a04990705083f9a174878ed7 Loading...

	#127 Eval - f561787ad48a4bdb2045ff18f1ecb2a7	91 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash f561787ad48a4bdb2045ff18f1ecb2a7 8be26a452465c27bba798f4432a58d349bb9d534 6a2171a29b2bc6e5aa8e989311238ed88688dbbcadf832364e879b1a627591fc Loading...

	#128 Eval - da1434a6c1ba86bb4f73418a91deeea1	77 B	2024-08-08 22:22	2024-08-19 14:09
Pretty Observations First Seen2024-08-08 22:22 Last Seen2024-08-19 14:09 Times Seen118 Hash da1434a6c1ba86bb4f73418a91deeea1 1c44d11ad9305be46d5de74cb1b7dd6bde736c17 95d78b61f28ae8fdb8a51a82ab726a558b917b0d64f3fbae036bf8cb99b355a1 Loading...

HTTP Transactions (124)

URL IP Response Size

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
686480d25645ac2aca7a99974693a82f
55ca9d53bd758d2afc75e8a9b59c656ff26a3f70
8902058e383c2f43751417e1af1d582f7a16ce0b6fc180ab20cbc76c4b00f914

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8902058E383C2F43751417E1AF1D582F7A16CE0B6FC180AB20CBC76C4B00F914"
Last-Modified: Wed, 14 Aug 2024 12:55:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4096
Expires: Thu, 15 Aug 2024 11:07:44 GMT
Date: Thu, 15 Aug 2024 09:59:28 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
90149b127cd563315012f026a9e0544f
1e148905fa524fb8fec15249f30f33085978dc2e
7098a3b23aece2b00e86fd3a23c5e532001a5002b061170d3ed53ddd36bf8f5b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "7098A3B23AECE2B00E86FD3A23C5E532001A5002B061170D3ED53DDD36BF8F5B"
Last-Modified: Tue, 13 Aug 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9903
Expires: Thu, 15 Aug 2024 12:44:31 GMT
Date: Thu, 15 Aug 2024 09:59:28 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
4d209e16679910b467c26590a0073236
ddd59fa6902b498e9c0cfb22e342757f954789d0
9ef3dab56215a67804db0e12d33772a1902f5914b788530717712902a294bcb5

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9EF3DAB56215A67804DB0E12D33772A1902F5914B788530717712902A294BCB5"
Last-Modified: Wed, 14 Aug 2024 21:59:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17396
Expires: Thu, 15 Aug 2024 14:49:25 GMT
Date: Thu, 15 Aug 2024 09:59:29 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
1401eaecc1dc9b318d389cf687018dd9
49eef7150c440fee15deabf064e11a9fefad1845
5b79b468e1cac072d2582b2937241a1f1bee8fdbbc4741818061b6763652523e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5B79B468E1CAC072D2582B2937241A1F1BEE8FDBBC4741818061B6763652523E"
Last-Modified: Tue, 13 Aug 2024 18:57:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3030
Expires: Thu, 15 Aug 2024 10:49:59 GMT
Date: Thu, 15 Aug 2024 09:59:29 GMT
Connection: keep-alive

3.142.138.123/kioscos/kioscobanner3.0/index.php

3.142.138.123

7.7 kB

URL User Request GET
3.142.138.123/kioscos/kioscobanner3.0/index.php
IP
3.142.138.123:0
ASN
#16509 AMAZON-02

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (584), with CRLF line terminators
Size
7.7 kB (7692 bytes)
Hash
3b539b2cc221eee98785b18810c90175
97fd9f4cd47833e4012170234cf5d0e93ec5c456
7d3005c4473c6e85e3bd9047578efebac3608037fa37e1c9be5bcc49e7d6a3a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/index.php HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6; path=/
X-Powered-By: PHP/5.6.8, ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 7692

cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js

104.17.25.14

200 OK

1.9 kB

URL GET HTTP/1.1
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js
IP
104.17.25.14:80
ASN
#13335 CLOUDFLARENET

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
Unicode text, UTF-8 text, with very long lines (3601)
Size
1.9 kB (1891 bytes)
Hash
3eac3c72434a0945b92dd4a01f7b6b4e
7767b356530e39cd76ec259320b0b2774b4097a8
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b

HTTP Headers

GET /ajax/libs/jquery-easing/1.3/jquery.easing.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1891
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03ec1-15b3"
Last-Modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 3059759
Expires: Tue, 05 Aug 2025 09:59:29 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkuKP5lQPA7Z5iOaYf5JFvObhdHzCZwbDmYy5pPDFe0JmjkwY8z3FBYK7DveWs6YW3u560BOrgArfrcCwVxWkip0Mw3JetEhPH5CEq1Pv%2FhW5fm1YM5WoEVSnJ77hO%2FLzN7dCqPH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8b38550c4c4b5688-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Chela+One

142.250.74.138

200 OK

356 B

URL GET HTTP/1.1
fonts.googleapis.com/css?family=Chela+One
IP
142.250.74.138:80
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
ASCII text
Size
356 B (356 bytes)
Hash
27c47d73d5019578653a531aa11c1d68
d101048f6b42e279db0cab25e2e314dd6d185323
1ff33dad48f884137f7f2980829a2e216256005513c5ad99adfb2cdeb20d1f47

HTTP Headers

GET /css?family=Chela+One HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 15 Aug 2024 09:59:29 GMT
Date: Thu, 15 Aug 2024 09:59:29 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

142.250.74.74

200 OK

33 kB

URL GET HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
IP
142.250.74.74:80
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
JavaScript source, ASCII text, with very long lines (32089)
Size
33 kB (33018 bytes)
Hash
397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

HTTP Headers

GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33018
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 10 Aug 2024 03:03:30 GMT
Expires: Sun, 10 Aug 2025 03:03:30 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 456959
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding

3.142.138.123/kioscos/kioscobanner3.0/css/estilos_formularios.css

3.142.138.123

200 OK

2.3 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/css/estilos_formularios.css
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
ASCII text, with CRLF line terminators
Size
2.3 kB (2292 bytes)
Hash
dd7a765f419088062bf4da3f0faf74fc
e964e5cf17a89b11eb3efad652c1191e63b66694
f9e2f76dbd6401f814a3cf2a45a4f8043147079690bf9e4b212a6cf7755c7ec6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/css/estilos_formularios.css HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2024 22:22:39 GMT
Accept-Ranges: bytes
ETag: "80e1959ceccda1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 2292

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ab07625f6a24402156fc3854d417fde
1633cfa8506f3f73fe4a019a2cf4254eea0ff474
6692997e0fbfc87979b265a778ceb69c3911b1189d9bbf78c25fda53efacc54b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ab07625f6a24402156fc3854d417fde
1633cfa8506f3f73fe4a019a2cf4254eea0ff474
6692997e0fbfc87979b265a778ceb69c3911b1189d9bbf78c25fda53efacc54b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ab07625f6a24402156fc3854d417fde
1633cfa8506f3f73fe4a019a2cf4254eea0ff474
6692997e0fbfc87979b265a778ceb69c3911b1189d9bbf78c25fda53efacc54b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c93b6e647ec27572e196dfafab5787d7
d6c14e39be247665a013366816a6a59091b186fe
6fa072bf37438e636d32b6c3a4f21ccd39557b7a935ab1039d98278c4eba40a1

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

142.250.74.74

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
30 kB (30306 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Aug 2024 10:39:40 GMT
expires: Tue, 12 Aug 2025 10:39:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 256790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js

142.250.74.74

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.2/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
JavaScript source, ASCII text, with very long lines (32029)
Size
34 kB (34009 bytes)
Hash
bdc2b7efb1faf219d65edfe253a103e9
4921529fc15b8133f2fe65b3bebf53d1e9ef8579
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9

HTTP Headers

GET /ajax/libs/jquery/1.12.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 34009
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Aug 2024 21:43:21 GMT
expires: Thu, 14 Aug 2025 21:43:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 44169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

3.142.138.123/kioscos/kioscobanner3.0/js/modales.js

3.142.138.123

200 OK

1.4 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/js/modales.js
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.4 kB (1396 bytes)
Hash
fefa53698ed5315add05ca0a2141ccfc
fc9cb96608f6e72721ef9d8c8898401902c94656
9dcdb0ce96ee60bacc7a85295b92326a26ef908c1c0e5b452afd37220fe501a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/js/modales.js HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2024 22:23:48 GMT
Accept-Ranges: bytes
ETag: "0722a82ceccda1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 1396

3.142.138.123/kioscos/kioscobanner3.0/js/validacion.js

3.142.138.123

200 OK

1.3 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/js/validacion.js
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.3 kB (1255 bytes)
Hash
89239fc4ad5a53f50f2632127ef92d08
1ba85f2ca06ec870ffe5e468920e85eef89c9720
1779d20b6195a083e889f8da6c952c302525868078df91afd195bd33039b25ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/js/validacion.js HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2024 22:23:48 GMT
Accept-Ranges: bytes
ETag: "71408c82ceccda1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 1255

3.142.138.123/kioscos/kioscobanner3.0/js/scroll.js

3.142.138.123

200 OK

234 B

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/js/scroll.js
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
234 B (234 bytes)
Hash
e61d7934e3f2f379550f1891844d1458
98114b3aea5748e12d1c922ddaeeab94d50af3d2
8f34bea834a20a3b858698826c2934a9836edd357c3efc967b3c58dce6e74bf0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/js/scroll.js HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2024 22:23:48 GMT
Accept-Ranges: bytes
ETag: "5f8d6882ceccda1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 234

3.142.138.123/kioscos/kioscobanner3.0/js/Banner.js

3.142.138.123

200 OK

617 B

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/js/Banner.js
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
617 B (617 bytes)
Hash
6565a68fa531346a0b5600388e926c27
8eb59f338bed5f74b421ff3ccc3fe2ab97e4ae76
e875f995449c00654e414514f83657f209520f2ee286b6276ee2058a2cafb6f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/js/Banner.js HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2024 22:23:47 GMT
Accept-Ranges: bytes
ETag: "7bd0d881ceccda1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 617

3.142.138.123/kioscos/kioscobanner3.0/js/script.js

3.142.138.123

200 OK

426 B

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/js/script.js
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
426 B (426 bytes)
Hash
fccdb0bbd175fb13c94f463e74118434
4b8252550ec52f3fa466839fd2562ca238c57f0b
43e2e72dad609d9f7fcf2315df0189b03a6535e28d1604583d01fb7b83c420ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/js/script.js HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2024 22:23:48 GMT
Accept-Ranges: bytes
ETag: "b1604f82ceccda1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 426

3.142.138.123/kioscos/kioscobanner3.0/css/estilos.css

3.142.138.123

200 OK

3.8 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/css/estilos.css
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
ASCII text, with CRLF line terminators
Size
3.8 kB (3767 bytes)
Hash
df4c9597280d16b33a87d46943760280
6239b478046ece68a6aac415683c42e9ca51d1a5
5e4a24e8dca88cd516f91b0e50b8a8e3e09ebd5dfad797a0861c8f4ec4b796d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/css/estilos.css HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2024 22:22:39 GMT
Accept-Ranges: bytes
ETag: "80e1959ceccda1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 3767

3.142.138.123/kioscos/kioscobanner3.0/imagenes/laptop.png

3.142.138.123

200 OK

646 B

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/laptop.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
646 B (646 bytes)
Hash
879232cdc865f71c368d2a754dc97c8a
d54d3226814912d8642b1319e8e654793319ba25
1762911b8b39067c6a31d181e100f7439ce1e9d1a5bfa89a09e5d168d63cb592

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/laptop.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:33 GMT
Accept-Ranges: bytes
ETag: "5f48179ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 646

3.142.138.123/kioscos/kioscobanner3.0/imagenes/emoresa.png

3.142.138.123

200 OK

785 B

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/emoresa.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced
Size
785 B (785 bytes)
Hash
04d739814f840d8b838051e7ca82078b
29d29afa5b17d847e8da193ae3142e9221f5c267
567284fcaf74dd8416801a5d95305b669f910f2ca977b4f5a6681d6d8f995487

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/emoresa.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:27 GMT
Accept-Ranges: bytes
ETag: "125cea75ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 785

3.142.138.123/kioscos/kioscobanner3.0/imagenes/tarjeta.png

3.142.138.123

200 OK

1.7 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/tarjeta.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced
Size
1.7 kB (1665 bytes)
Hash
98f064e83460b9c3dfbc12e067c3b0b5
a5768a0a2f21b5e490ee3c8adb4e6645f33347fc
350e932a10d56e0772302101f679327ee36c44ff1b8b3507ab0e5f1c5e7044eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/tarjeta.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:41 GMT
Accept-Ranges: bytes
ETag: "aa697ececcda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 1665

3.142.138.123/kioscos/kioscobanner3.0/imagenes/correopersona.png

3.142.138.123

200 OK

1.6 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/correopersona.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced
Size
1.6 kB (1624 bytes)
Hash
fb1ad7a071038d71a741aebf4dc35fa0
c3c519c2148451b841f0a212608ffbe9c3aa07dc
04021b8a9d31e5303bd1124424f81dacdefc1b7bd81e513b4d76abb68078ba16

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/correopersona.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:26 GMT
Accept-Ranges: bytes
ETag: "a3c01275ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 1624

3.142.138.123/kioscos/kioscobanner3.0/imagenes/nombre_usuario.png

3.142.138.123

200 OK

1.3 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/nombre_usuario.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced
Size
1.3 kB (1274 bytes)
Hash
04bc06d99fb8b7db096c6d6f4b690953
765753b922d02cbeade4a7fb78fd39c91baaf879
c88e06019e4489e8847e9e5be701680f341311257aa82e9d363563d07907226f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/nombre_usuario.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:36 GMT
Accept-Ranges: bytes
ETag: "50254d7bceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 1274

3.142.138.123/kioscos/kioscobanner3.0/imagenes/earth.png

3.142.138.123

200 OK

2.6 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/earth.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
2.6 kB (2599 bytes)
Hash
3e999a710b8331d442ebcb5296154796
6b437b38ba980321b67e0b2ba6e58a41a0d63a65
7166110a84aff2462aaf392ee06f48b7098c63f1c892de8c775b4fee40427bc5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/earth.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:27 GMT
Accept-Ranges: bytes
ETag: "e19fc375ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 2599

3.142.138.123/kioscos/kioscobanner3.0/imagenes/computer.png

3.142.138.123

200 OK

1.2 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/computer.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
1.2 kB (1166 bytes)
Hash
1171ba0b6d9307aedf62f455eb4210c7
95bb9c8473683d839c77ecac6cd8baecd4d39c8c
24ef3005ae13066bfac0f6be8c476c3c6ca914134bc721b0e62a1fa9dbd55008

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/computer.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:25 GMT
Accept-Ranges: bytes
ETag: "f9768874ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 1166

3.142.138.123/kioscos/kioscobanner3.0/imagenes/phone.png

3.142.138.123

200 OK

1.1 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/phone.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced
Size
1.1 kB (1103 bytes)
Hash
cad9df50f62d0e5aaf12a401a8374f2c
18af8bafae5ee9bed18363412fbe709561925697
04cf7c1b91f716de93bedd8add9c7a3081d869cdddb1865677bc0d75118ff240

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/phone.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:37 GMT
Accept-Ranges: bytes
ETag: "e0202f7cceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 1103

3.142.138.123/kioscos/kioscobanner3.0/imagenes/correcto.png

3.142.138.123

200 OK

12 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/correcto.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 674 x 543, 8-bit/color RGBA, non-interlaced
Size
12 kB (12345 bytes)
Hash
5f2bf7b3832f61b1d3c90423f484706d
d443e1dd78ad2069876663a83b3eb241dbd043e0
5ee1a67d35ef86c439718f5eecc5cda54e8ad3ce39d6a3b037aefc8bc7640d3f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/correcto.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:25 GMT
Accept-Ranges: bytes
ETag: "d091f574ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 12345

3.142.138.123/kioscos/kioscobanner3.0/imagenes/arriba.png

3.142.138.123

200 OK

1.1 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/arriba.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
1.1 kB (1091 bytes)
Hash
ec27ab0ebb244f6af86ec87e72b78a9c
7f76e83d6e345494d111186c70140b172f7fd61d
747094d3f7c4c7f65187735e60f33be92f84053e57f9361e23102a12d9d39cde

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/arriba.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:21 GMT
Accept-Ranges: bytes
ETag: "ed77f72ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 1091

3.142.138.123/kioscos/kioscobanner3.0/imagenes/smartphone.png

3.142.138.123

200 OK

1.1 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/smartphone.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
1.1 kB (1143 bytes)
Hash
f0993cacbc0e28d0e24faf8cba03e92f
5442510f0bd04ccb047f8ed031fede99c976cbe6
ab8a4597e174e56d80839e166c5e1438016c3d0160849dd4b3800087f6ee9667

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/smartphone.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:41 GMT
Accept-Ranges: bytes
ETag: "b1be27ececcda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 1143

fonts.googleapis.com/css?family=Catamaran|Handlee|Quicksand|Work+Sans

142.250.74.138

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Catamaran|Handlee|Quicksand|Work+Sans
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
gzip compressed data, max compression
Size
1.1 kB (1148 bytes)
Hash
30196ddaee175a6cfd38dcb457210355
f23a7bf8825ecdf8ecb6a30a6cbac670df6644c5
7098031f760ebc8ec9416eb1b563ca19ba4a944c28d7e5316257e8c0b54b36c4

HTTP Headers

GET /css?family=Catamaran|Handlee|Quicksand|Work+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Aug 2024 09:59:30 GMT
date: Thu, 15 Aug 2024 09:59:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ab07625f6a24402156fc3854d417fde
1633cfa8506f3f73fe4a019a2cf4254eea0ff474
6692997e0fbfc87979b265a778ceb69c3911b1189d9bbf78c25fda53efacc54b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dcca914ab332e61ff2b0192fadaecf7c
74c1cdc8406478903dec5392b51775e9a225fb33
91865f082144ab7246cfa0e613be439a5a246489372439510353cba69af4d68c

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

3.142.138.123/kioscos/kioscobanner3.0/imagenes/logo.png

3.142.138.123

200 OK

15 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/logo.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 884 x 272, 8-bit/color RGBA, non-interlaced
Size
15 kB (15278 bytes)
Hash
cb24e728c10c079608869de8c2043206
d299bb922041d7111aff82990c22b663a43de682
9f0a8f9248315a1cf10fc00da1723766d563f75c8b4e976be4ebad39a95d9aa0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/logo.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:34 GMT
Accept-Ranges: bytes
ETag: "531fe479ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 15278

3.142.138.123/kioscos/kioscobanner3.0/imagenes/menubar.png

3.142.138.123

200 OK

539 B

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/menubar.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
539 B (539 bytes)
Hash
1821cab16d7457dad94386b894fd9218
64c392327b909777404c94bf0aa56c4a1186e8c0
a38722ae3b314b31fd97f366a2edf8fe62967051eaa1f13622863f45243967cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/menubar.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:35 GMT
Accept-Ranges: bytes
ETag: "ec58bc7aceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 539

3.142.138.123/kioscos/kioscobanner3.0/imagenes/delete.png

3.142.138.123

200 OK

3.3 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/delete.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 256 x 256, 8-bit gray+alpha, non-interlaced
Size
3.3 kB (3326 bytes)
Hash
13fd291b1e3f18c2dd405b89cc27ae30
ef1136a32e6b373112824a888420eb9134e9a47a
45a394706b17c65bfcc09b9481b589df7e04f58ba2f0b19fea162299c3fd3300

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/delete.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:26 GMT
Accept-Ranges: bytes
ETag: "14976075ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 3326

3.142.138.123/kioscos/kioscobanner3.0/imagenes/Error.png

3.142.138.123

200 OK

16 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/Error.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
16 kB (15479 bytes)
Hash
cca5cc75851ef5408bc1e8b4f83b90cd
aae4cb2390ac559686d7c8489b8e3c64aee2b371
442520d7143498215553ea38fa244ab2d02d52dee172f00a9781e49594f760c4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/Error.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:28 GMT
Accept-Ranges: bytes
ETag: "3ad8976ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 15479

ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

142.250.74.74

200 OK

33 kB

URL GET HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
IP
142.250.74.74:80
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
JavaScript source, ASCII text, with very long lines (32089)
Size
33 kB (33018 bytes)
Hash
397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

HTTP Headers

GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33018
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 10 Aug 2024 03:03:30 GMT
Expires: Sun, 10 Aug 2025 03:03:30 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 456960
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding

cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js

104.17.25.14

200 OK

1.9 kB

URL GET HTTP/1.1
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js
IP
104.17.25.14:80
ASN
#13335 CLOUDFLARENET

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
Unicode text, UTF-8 text, with very long lines (3601)
Size
1.9 kB (1891 bytes)
Hash
3eac3c72434a0945b92dd4a01f7b6b4e
7767b356530e39cd76ec259320b0b2774b4097a8
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b

HTTP Headers

GET /ajax/libs/jquery-easing/1.3/jquery.easing.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 15 Aug 2024 09:59:30 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1891
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03ec1-15b3"
Last-Modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 3059760
Expires: Tue, 05 Aug 2025 09:59:30 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1nXiS46jhXWBgRa4Gb0iRltsV9OySvZxtYqJjWDkIbQc61R3hqw%2BBbe77GkNcwTI5teZADWKVrJXS%2B0M1bmcCA6TSWGfR9raDLhRgvyyOCWvcX7Xnc7YmjS1yDHTdMJ%2B4RwN0pS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8b3855104f915688-OSL
alt-svc: h3=":443"; ma=86400

3.142.138.123/kioscos/kioscobanner3.0/imagenes/logo2.png

3.142.138.123

200 OK

99 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/logo2.png
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
PNG image data, 2526 x 594, 8-bit/color RGBA, non-interlaced
Size
99 kB (99114 bytes)
Hash
0d3cf8d6ee7257b6f1feeccc3857c99b
a5b5aa1808dda14251cf6d3cef40bab582957df9
9454fbda8dde35a48cfbef700bf303357f0023fe20901a49f7bc563d6710a9ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/logo2.png HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 02 Jul 2024 22:23:34 GMT
Accept-Ranges: bytes
ETag: "41c4217aceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:29 GMT
Content-Length: 99114

3.142.138.123/kioscos/kioscobanner3.0/js/scroll.js

3.142.138.123

200 OK

234 B

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/js/scroll.js
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
234 B (234 bytes)
Hash
e61d7934e3f2f379550f1891844d1458
98114b3aea5748e12d1c922ddaeeab94d50af3d2
8f34bea834a20a3b858698826c2934a9836edd357c3efc967b3c58dce6e74bf0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/js/scroll.js HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2024 22:23:48 GMT
Accept-Ranges: bytes
ETag: "5f8d6882ceccda1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:30 GMT
Content-Length: 234

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
20f29d79156ce6e076ffc03423170212
42848421099a36aa9d89589eedaa66d475bbc3f3
f0aac7512893e26edfb16b570f2ea6223a1bf2e0d61acb473acb9bfe1dc1da6e

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
20f29d79156ce6e076ffc03423170212
42848421099a36aa9d89589eedaa66d475bbc3f3
f0aac7512893e26edfb16b570f2ea6223a1bf2e0d61acb473acb9bfe1dc1da6e

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dcca914ab332e61ff2b0192fadaecf7c
74c1cdc8406478903dec5392b51775e9a225fb33
91865f082144ab7246cfa0e613be439a5a246489372439510353cba69af4d68c

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/pontanosans/v17/qFdW35GdgYR8EzR6oBLDHa3wyRf8W8eBM6XLOXLMrcGGpg.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/pontanosans/v17/qFdW35GdgYR8EzR6oBLDHa3wyRf8W8eBM6XLOXLMrcGGpg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11276, version 1.0
Size
11 kB (11276 bytes)
Hash
af8a8cb094df8e2f5cac833ed3ec567d
8d7aee8998e9783ac79b1ddac76e3c2b8b34e6f3
8b45f07d1d6df249be6ffe3b88f0777536b3ae60170e3ac958658b09e1d898f8

HTTP Headers

GET /s/pontanosans/v17/qFdW35GdgYR8EzR6oBLDHa3wyRf8W8eBM6XLOXLMrcGGpg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.142.138.123
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Aug 2024 05:08:14 GMT
expires: Fri, 15 Aug 2025 05:08:14 GMT
cache-control: public, max-age=31536000
age: 17476
last-modified: Wed, 27 Sep 2023 15:41:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22432, version 1.0
Size
22 kB (22432 bytes)
Hash
cfd6d958f6802c9f4f64c05575b70801
7f0644e43c42902b466b66723aad8a95ba094b0c
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c

HTTP Headers

GET /s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.142.138.123
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Aug 2024 03:01:35 GMT
expires: Sun, 10 Aug 2025 03:01:35 GMT
cache-control: public, max-age=31536000
age: 457075
last-modified: Wed, 01 May 2024 20:31:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
77619f0113a62e8c4c44f195901b385c
1e1a5e3768ca683e66667aa14efa7042df57ee2f
520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942"
Last-Modified: Mon, 12 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6500
Expires: Thu, 15 Aug 2024 11:47:50 GMT
Date: Thu, 15 Aug 2024 09:59:30 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
77619f0113a62e8c4c44f195901b385c
1e1a5e3768ca683e66667aa14efa7042df57ee2f
520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942"
Last-Modified: Mon, 12 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6500
Expires: Thu, 15 Aug 2024 11:47:50 GMT
Date: Thu, 15 Aug 2024 09:59:30 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
77619f0113a62e8c4c44f195901b385c
1e1a5e3768ca683e66667aa14efa7042df57ee2f
520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942"
Last-Modified: Mon, 12 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6500
Expires: Thu, 15 Aug 2024 11:47:50 GMT
Date: Thu, 15 Aug 2024 09:59:30 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
77619f0113a62e8c4c44f195901b385c
1e1a5e3768ca683e66667aa14efa7042df57ee2f
520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942"
Last-Modified: Mon, 12 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6500
Expires: Thu, 15 Aug 2024 11:47:50 GMT
Date: Thu, 15 Aug 2024 09:59:30 GMT
Connection: keep-alive

3.142.138.123/kioscos/kioscobanner3.0/imagenes/Banner1.jpg

3.142.138.123

200 OK

113 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/Banner1.jpg
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 960x720, components 3
Size
113 kB (113195 bytes)
Hash
2ac74b9994b6b75519675b15852cd368
0920d09b003904f90c70bd691cb9f1c594c35dc0
01816a3cdade7c2ebecace0e1c67245aeceb2e3d421520fff497ce76c674e3f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/Banner1.jpg HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/css/estilos.css
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 02 Jul 2024 22:23:22 GMT
Accept-Ranges: bytes
ETag: "3837dd72ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:30 GMT
Content-Length: 113195

www.google.com/recaptcha/api.js?hl=es

142.250.74.164

200 OK

1.0 kB

URL GET HTTP/2
www.google.com/recaptcha/api.js?hl=es
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint78:90:10:00:62:E9:32:D2:E2:99:72:73:B5:44:27:CB:98:2E:AD:29
ValidityTue, 30 Jul 2024 12:50:13 GMT - Tue, 22 Oct 2024 12:50:12 GMT

File type
gzip compressed data
Size
1.0 kB (1039 bytes)
Hash
8362facb0f1a652437c4f8f8cde6c6b9
2ee9ec42440cc3c93e8bf1360b9e4a11ffe2f2ee
0cbfb929f32ca3d4a4b8155bd3cfd81948c80cb4ab7c24a1b56c9883c1b69625

HTTP Headers

GET /recaptcha/api.js?hl=es HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Thu, 15 Aug 2024 09:59:30 GMT
date: Thu, 15 Aug 2024 09:59:30 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__es.js

142.250.74.35

200 OK

216 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__es.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (639)
Size
216 kB (215812 bytes)
Hash
5f41d26aa9a82c0f70da84ea703bc2cc
0923a2bba6334285f0be6858681bb686f5124210
f3525191eac6fba32b46ad6fbdf4a6c9aebd64406ce39ebbfc47b53369e69ad6

HTTP Headers

GET /recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__es.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://3.142.138.123
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 215812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Aug 2024 16:18:09 GMT
expires: Tue, 12 Aug 2025 16:18:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 236482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1

216.58.211.14

200 OK

88 kB

URL GET HTTP/2
www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
HTML document, ASCII text, with very long lines (58090)
Size
88 kB (87581 bytes)
Hash
c8e946054acc6028dbe0a35f249afc5e
44227ada566f17ac7071101e3ebe36ad11de2d96
f40adb93c5950110e22725f9b0ac4436bfde804b2ea07e96b813094b76110a39

HTTP Headers

GET /embed/c8UgcYzGw8E?autoplay=1&mute=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 15 Aug 2024 09:59:30 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'nonce-RuG-55ICwf1xXU4N5Q948g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script'
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=X9CFdTUH2JY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=bpxC2hZ6X0k; Domain=.youtube.com; Expires=Tue, 11-Feb-2025 09:59:30 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D; Domain=.youtube.com; Expires=Tue, 11-Feb-2025 09:59:30 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

3.142.138.123/favicon.ico

3.142.138.123

404 Not Found

1.2 kB

URL GET HTTP/1.1
3.142.138.123/favicon.ico
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
HTML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:30 GMT
Content-Length: 1245

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Aug 2024 00:57:49 GMT
expires: Fri, 15 Aug 2025 00:57:49 GMT
cache-control: public, max-age=31536000
age: 32502
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Aug 2024 21:23:03 GMT
expires: Sat, 09 Aug 2025 21:23:03 GMT
cache-control: public, max-age=31536000
age: 477388
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.youtube.com/s/player/410a4f15/www-embed-player.vflset/www-embed-player.js

216.58.211.14

200 OK

100 kB

URL GET HTTP/3
www.youtube.com/s/player/410a4f15/www-embed-player.vflset/www-embed-player.js
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JavaScript source, ASCII text, with very long lines (809)
Size
100 kB (99693 bytes)
Hash
6d173ec72f257225963719077887f3e1
26f871ea7a7f0c9bf8c20e7d7b6f95edf315beef
eac1a5776526ed650d1834e73e52890b40ce5123780bf2a44cfbd0de5735be45

HTTP Headers

GET /s/player/410a4f15/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99693
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Aug 2024 07:20:24 GMT
expires: Wed, 13 Aug 2025 07:20:24 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Aug 2024 04:17:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 182347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/base.js

216.58.211.14

200 OK

770 kB

URL GET HTTP/3
www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/base.js
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JavaScript source, ASCII text, with very long lines (534)
Size
770 kB (770365 bytes)
Hash
a730faaed986c6214c384d96e6b12b89
b22cf16c395284da9d55a4819833e6c03fb31720
ce1fa41a949ab70c3d6cf79cdeca6ce66e757b03c2a7bb37ffe8332fb7a6a554

HTTP Headers

GET /s/player/410a4f15/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 770365
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Aug 2024 07:29:21 GMT
expires: Wed, 13 Aug 2025 07:29:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Aug 2024 04:17:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 181810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

216.58.207.202

200 OK

0 B

URL OPTIONS HTTP/2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 15 Aug 2024 09:59:32 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/js/th/-0TfInu9ra9zkah2wyCD78KX7EDwI16Gf6-9m2UuzfU.js

142.250.74.164

200 OK

21 kB

URL GET HTTP/3
www.google.com/js/th/-0TfInu9ra9zkah2wyCD78KX7EDwI16Gf6-9m2UuzfU.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JavaScript source, ASCII text, with very long lines (53615)
Size
21 kB (20978 bytes)
Hash
569ce42b984674dbb65bda2ee07d6122
1a38eb73f0d4c12ed763542bbf30aa05e83d25af
fb44df227bbdadaf7391a876c32083efc297ec40f0235e867fafbd9b652ecdf5

HTTP Headers

GET /js/th/-0TfInu9ra9zkah2wyCD78KX7EDwI16Gf6-9m2UuzfU.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20978
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Aug 2024 02:58:39 GMT
expires: Sun, 10 Aug 2025 02:58:39 GMT
cache-control: public, max-age=31536000
age: 457253
last-modified: Mon, 29 Jul 2024 15:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

216.58.207.202

200 OK

43 kB

URL OPTIONS HTTP/2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
JSON text data
Size
43 kB (43204 bytes)
Hash
871c07e3e3c1ff9dd666d02fbfc99c56
474b2e5d6e7847a3c7b4990921f608b213782904
f6ef4561e6ae3a08d4d251dea5f73efb43e5da736643ad81d94f5e75254cdacb

HTTP Headers

POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 15 Aug 2024 09:59:32 GMT
server: ESF
cache-control: private
content-length: 43204
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.youtube.com/youtubei/v1/player?prettyPrint=false

216.58.211.14

200 OK

31 kB

URL POST HTTP/3
www.youtube.com/youtubei/v1/player?prettyPrint=false
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JSON text data
Size
31 kB (30619 bytes)
Hash
39993e39baf72becf00abf13c4106541
385f709ef5628d72246e20c29c17bf2f276cd60a
493508b57f6517279a7e419a9fed3269e2398accef3ab26295668b4f4910e5cc

HTTP Headers

POST /youtubei/v1/player?prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgticHhDMmhaNlgwayiCo_e1BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240812.01.00
Content-Length: 2924
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 15 Aug 2024 09:59:32 GMT
server: scaffolding on HTTPServer2
content-length: 30619
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
669543805b473ad49af2ab3a009f7c67
a260c6a808234019b9b6be38391f63e6b4fc6424
4c952d73702457386107510ddaa0da8f8e41b383dd2b74adb36f7ee13e349f7e

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open+Sans|Raleway

142.250.74.138

200 OK

4.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans|Raleway
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
gzip compressed data, max compression
Size
4.0 kB (4039 bytes)
Hash
96725b58e31393a724f97d614bc92295
3b6229d56275e9d6a675c25456b4194070e04a5f
0bf09d826b9a2b27faa17fdaba2339478031c56bef329ce91486629f8bc9196b

HTTP Headers

GET /css?family=Open+Sans|Raleway HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Aug 2024 09:59:30 GMT
date: Thu, 15 Aug 2024 09:59:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
669543805b473ad49af2ab3a009f7c67
a260c6a808234019b9b6be38391f63e6b4fc6424
4c952d73702457386107510ddaa0da8f8e41b383dd2b74adb36f7ee13e349f7e

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.211.14

200 OK

0 B

URL OPTIONS HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 15 Aug 2024 09:59:32 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.youtube.com/api/stats/qoe?fmt=243&cpn=R8ShaBYV4Z8XRRom&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&cl=662321128&seq=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&event=streamingstats&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&qclc=ChBSOFNoYUJZVjRaOFhSUm9tEAE&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.029:B,0.333:B,0.333:B&cat=streaming&cmt=0.029:0.000,0.333:0.000&vfs=0.333:243:243::r&view=0.333:70:15&bwe=0.333:130000&vis=0.333:0&bh=0.333:0.000

216.58.211.14

204 No Content

0 B

URL POST HTTP/3
www.youtube.com/api/stats/qoe?fmt=243&cpn=R8ShaBYV4Z8XRRom&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&cl=662321128&seq=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&event=streamingstats&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&qclc=ChBSOFNoYUJZVjRaOFhSUm9tEAE&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.029:B,0.333:B,0.333:B&cat=streaming&cmt=0.029:0.000,0.333:0.000&vfs=0.333:243:243::r&view=0.333:70:15&bwe=0.333:130000&vis=0.333:0&bh=0.333:0.000
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/stats/qoe?fmt=243&cpn=R8ShaBYV4Z8XRRom&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&cl=662321128&seq=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&event=streamingstats&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&qclc=ChBSOFNoYUJZVjRaOFhSUm9tEAE&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.029:B,0.333:B,0.333:B&cat=streaming&cmt=0.029:0.000,0.333:0.000&vfs=0.333:243:243::r&view=0.333:70:15&bwe=0.333:130000&vis=0.333:0&bh=0.333:0.000 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgticHhDMmhaNlgwayiCo_e1BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240812.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1723715972184&flash=0&frm=2&u_tz&u_his=4&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C70%2C15&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Thu, 15 Aug 2024 09:59:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.211.14

200 OK

0 B

URL OPTIONS HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 15 Aug 2024 09:59:32 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

216.58.207.202

200 OK

0 B

URL POST HTTP/2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 15 Aug 2024 09:59:32 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/endscreen.js

216.58.211.14

200 OK

8.4 kB

URL GET HTTP/3
www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/endscreen.js
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JavaScript source, ASCII text, with very long lines (607)
Size
8.4 kB (8352 bytes)
Hash
adcd1899c6265974b4f4bb9280bc6c28
57c99da2b1e58098a1787d16e005b82fcedee862
5cf091e1f50e71a99c46d8f02f562d9e68216150a1a817e13d43bb5c92a881cf

HTTP Headers

GET /s/player/410a4f15/player_ias.vflset/en_US/endscreen.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 8352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Aug 2024 07:39:12 GMT
expires: Wed, 13 Aug 2025 07:39:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Aug 2024 04:17:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 181220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/captions.js

216.58.211.14

200 OK

25 kB

URL GET HTTP/3
www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/captions.js
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JavaScript source, ASCII text, with very long lines (589)
Size
25 kB (24978 bytes)
Hash
21d17794a96767348e0f2e45555d77b7
20fef8c97095b715166eea45c9fc829ad2caba5f
9375ba83bb62570f86eaed68365ad09127e59358c1a90fefd36a363d5f6b6cf5

HTTP Headers

GET /s/player/410a4f15/player_ias.vflset/en_US/captions.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 24978
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Aug 2024 07:39:12 GMT
expires: Wed, 13 Aug 2025 07:39:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Aug 2024 04:17:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 181220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.211.14

200 OK

131 B

URL OPTIONS HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1099
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 15 Aug 2024 09:59:32 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.211.14

200 OK

131 B

URL OPTIONS HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 417
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 15 Aug 2024 09:59:32 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

216.58.207.202

200 OK

114 B

URL POST HTTP/2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
JSON text data
Size
114 B (114 bytes)
Hash
f718a1419efcd1b1c6caaad3a28439c6
d12ffaaa4f56c5c1e48c285fc5bc9822ade2d477
b1010445f164d78273b3327a5f73dbd583412931ea9853bea8ba94a57ea6618d

HTTP Headers

POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 903
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 15 Aug 2024 09:59:32 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6379c04fd5da0356c22a48bc9e063cd2
79fd1359f787a3b71bc61c34f834b9de195ede06
b8e58f4d1e3bf4a6c4d381595741f38fea5b73aa6aa7f4a03006192f2b9a53cd

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6379c04fd5da0356c22a48bc9e063cd2
79fd1359f787a3b71bc61c34f834b9de195ede06
b8e58f4d1e3bf4a6c4d381595741f38fea5b73aa6aa7f4a03006192f2b9a53cd

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=yw&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=23&initcwndbps=2191250&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&mt=1723715603&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AGtxev0wRQIgGkCb8Vcwh9khBpr4Q5RCxZgKyWcEV4kVGPfeYdfU5HoCIQCWGbrAmKu0el8PhtDuFbWjUVAqb6loPkt9Yp4IgyNGOg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&range=0-94503&rn=1&rbuf=0&pot=IljyrvKolBMjKrHJhseR5prqv8Oaz7zCldmT15vtnfGXn7DEu8exybjhpta7zbfGlf20xr_itOyn-bTZhfe1_J3MuuzCy7rZxv677LP8t8e3ybrJ1522i8Hq&ump=1&srfvp=1

91.90.45.172

200 OK

1.4 kB

URL POST HTTP/1.1
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=yw&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=23&initcwndbps=2191250&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&mt=1723715603&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AGtxev0wRQIgGkCb8Vcwh9khBpr4Q5RCxZgKyWcEV4kVGPfeYdfU5HoCIQCWGbrAmKu0el8PhtDuFbWjUVAqb6loPkt9Yp4IgyNGOg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&range=0-94503&rn=1&rbuf=0&pot=IljyrvKolBMjKrHJhseR5prqv8Oaz7zCldmT15vtnfGXn7DEu8exybjhpta7zbfGlf20xr_itOyn-bTZhfe1_J3MuuzCy7rZxv677LP8t8e3ybrJ1522i8Hq&ump=1&srfvp=1
IP
91.90.45.172:443
ASN
#50304 Blix Solutions AS

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.googlevideo.com
Fingerprint77:61:E7:0C:BA:C3:82:EE:C2:02:67:B6:9F:13:3E:1B:40:7E:DE:81
ValidityTue, 16 Jul 2024 14:35:03 GMT - Tue, 24 Sep 2024 14:35:02 GMT

File type
data
Size
1.4 kB (1429 bytes)
Hash
11e98188292d16d3527a5ec0370a9783
f9ebf4f07bdcfa0ec24d8b89d1a96cc40422967d
6f9f18eebafc89675c9c9ef2fd2915691236dd675cf4fedeab645b35e8daac81

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=yw&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=23&initcwndbps=2191250&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&mt=1723715603&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AGtxev0wRQIgGkCb8Vcwh9khBpr4Q5RCxZgKyWcEV4kVGPfeYdfU5HoCIQCWGbrAmKu0el8PhtDuFbWjUVAqb6loPkt9Yp4IgyNGOg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&range=0-94503&rn=1&rbuf=0&pot=IljyrvKolBMjKrHJhseR5prqv8Oaz7zCldmT15vtnfGXn7DEu8exybjhpta7zbfGlf20xr_itOyn-bTZhfe1_J3MuuzCy7rZxv677LP8t8e3ybrJ1522i8Hq&ump=1&srfvp=1 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 15 Aug 2024 09:59:32 GMT
Expires: Thu, 15 Aug 2024 09:59:32 GMT
Cache-Control: private, max-age=21300
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0

rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=yw&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=23&initcwndbps=2191250&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&mt=1723715603&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AGtxev0wRQIgGkCb8Vcwh9khBpr4Q5RCxZgKyWcEV4kVGPfeYdfU5HoCIQCWGbrAmKu0el8PhtDuFbWjUVAqb6loPkt9Yp4IgyNGOg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&range=0-72806&rn=2&rbuf=0&pot=IlgYGhgcfqfJnlt9bHN7UnBeVXdwe1Z2f215Y3FZd0V9K1pwUXNbfVJVTGJReV1yf0leclVWXlhNTV5tb0NfSHd4UFgof1BtLEpRWFlIXXNdfVB9PSlcPyte&ump=1&srfvp=1

91.90.45.172

200 OK

1.4 kB

URL POST HTTP/1.1
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=yw&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=23&initcwndbps=2191250&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&mt=1723715603&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AGtxev0wRQIgGkCb8Vcwh9khBpr4Q5RCxZgKyWcEV4kVGPfeYdfU5HoCIQCWGbrAmKu0el8PhtDuFbWjUVAqb6loPkt9Yp4IgyNGOg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&range=0-72806&rn=2&rbuf=0&pot=IlgYGhgcfqfJnlt9bHN7UnBeVXdwe1Z2f215Y3FZd0V9K1pwUXNbfVJVTGJReV1yf0leclVWXlhNTV5tb0NfSHd4UFgof1BtLEpRWFlIXXNdfVB9PSlcPyte&ump=1&srfvp=1
IP
91.90.45.172:443
ASN
#50304 Blix Solutions AS

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.googlevideo.com
Fingerprint77:61:E7:0C:BA:C3:82:EE:C2:02:67:B6:9F:13:3E:1B:40:7E:DE:81
ValidityTue, 16 Jul 2024 14:35:03 GMT - Tue, 24 Sep 2024 14:35:02 GMT

File type
data
Size
1.4 kB (1390 bytes)
Hash
0339eecd90f739602903aa6d5b2af1ba
fd55b284b426408765037bb03646af4c32984f26
4e7b9393cef1e7c8e07780b8ec30bd63fd335a4ea7a58789a00b1372da490695

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=yw&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=23&initcwndbps=2191250&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&mt=1723715603&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AGtxev0wRQIgGkCb8Vcwh9khBpr4Q5RCxZgKyWcEV4kVGPfeYdfU5HoCIQCWGbrAmKu0el8PhtDuFbWjUVAqb6loPkt9Yp4IgyNGOg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&range=0-72806&rn=2&rbuf=0&pot=IlgYGhgcfqfJnlt9bHN7UnBeVXdwe1Z2f215Y3FZd0V9K1pwUXNbfVJVTGJReV1yf0leclVWXlhNTV5tb0NfSHd4UFgof1BtLEpRWFlIXXNdfVB9PSlcPyte&ump=1&srfvp=1 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 15 Aug 2024 09:59:32 GMT
Expires: Thu, 15 Aug 2024 09:59:32 GMT
Cache-Control: private, max-age=21300
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6379c04fd5da0356c22a48bc9e063cd2
79fd1359f787a3b71bc61c34f834b9de195ede06
b8e58f4d1e3bf4a6c4d381595741f38fea5b73aa6aa7f4a03006192f2b9a53cd

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.youtube.com/generate_204?5AFXIQ

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
www.youtube.com/generate_204?5AFXIQ
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /generate_204?5AFXIQ HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 15 Aug 2024 09:59:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.youtube.com/youtubei/v1/next?prettyPrint=false

216.58.211.14

200 OK

6.6 kB

URL POST HTTP/3
www.youtube.com/youtubei/v1/next?prettyPrint=false
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JSON text data
Size
6.6 kB (6623 bytes)
Hash
33db693ae3aca1cac1851709c13a5294
fac4bb1a4aaa4d879ff09cd8caf2d4002ccf99ee
b9fa5beb36d7638b34ccc7c39f79ea8ee0436d07971b80f8a571b0bf87c06062

HTTP Headers

POST /youtubei/v1/next?prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgticHhDMmhaNlgwayiCo_e1BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240812.01.00
Content-Length: 2585
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 15 Aug 2024 09:59:33 GMT
server: scaffolding on HTTPServer2
content-length: 6623
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.211.14

200 OK

0 B

URL OPTIONS HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 15 Aug 2024 09:59:33 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.211.14

200 OK

131 B

URL OPTIONS HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 411
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 15 Aug 2024 09:59:33 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

216.58.211.14

200 OK

31 B

URL POST HTTP/3
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JSON text data
Size
31 B (31 bytes)
Hash
5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

HTTP Headers

POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1723715973099
Content-Type: application/json
X-Goog-Visitor-Id: CgticHhDMmhaNlgwayiCo_e1BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240812.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1723715972184&flash=0&frm=2&u_tz&u_his=3&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C70%2C15&vis=1&wgl=true&ca_type=image
Content-Length: 16814
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 15 Aug 2024 09:59:33 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8be7ec46b9672f80c548418a6dd4b8b0
8128bee83a5bf3b091d07795d1fc27091fbbe697
f57c750b44e9a70650a3bf1b8f7b1b3e50a18e7c2123b6c48978d363fc6ad05b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8be7ec46b9672f80c548418a6dd4b8b0
8128bee83a5bf3b091d07795d1fc27091fbbe697
f57c750b44e9a70650a3bf1b8f7b1b3e50a18e7c2123b6c48978d363fc6ad05b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rr2---sn-5goeenez.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&rrc=80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&cms_redirect=yes&cmsv=e&mh=yw&mm=29&mn=sn-5goeenez&ms=rdu&mt=1723714789&mv=u&mvi=2&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRAIgfm7iZaIrUwuUJTxla_7MY9OTnGyArMOwAYwZ2cQCBlMCIHBfB2y4QPSSHV7m7ysgfVQ-HNRtsWMITueFNCQOOjlr&range=0-72806&rn=3&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1

74.125.111.7

200 OK

1.5 kB

URL POST HTTP/1.1
rr2---sn-5goeenez.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&rrc=80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&cms_redirect=yes&cmsv=e&mh=yw&mm=29&mn=sn-5goeenez&ms=rdu&mt=1723714789&mv=u&mvi=2&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRAIgfm7iZaIrUwuUJTxla_7MY9OTnGyArMOwAYwZ2cQCBlMCIHBfB2y4QPSSHV7m7ysgfVQ-HNRtsWMITueFNCQOOjlr&range=0-72806&rn=3&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1
IP
74.125.111.7:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.c.docs.google.com
Fingerprint6C:53:8D:31:BE:19:4F:5B:40:5F:DD:1A:A7:8A:B4:32:3A:6F:0F:DF
ValidityTue, 16 Jul 2024 14:34:06 GMT - Tue, 24 Sep 2024 14:34:05 GMT

File type
data
Size
1.5 kB (1502 bytes)
Hash
767577056bf8bed4f9103e006dcd03cb
6823c6d8226e26a7c9d052d8db1711d0f7989350
a5e5c0ca05110931a15927837fab1607d2904d1736d691e1a0b402830c23c18d

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&rrc=80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&cms_redirect=yes&cmsv=e&mh=yw&mm=29&mn=sn-5goeenez&ms=rdu&mt=1723714789&mv=u&mvi=2&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRAIgfm7iZaIrUwuUJTxla_7MY9OTnGyArMOwAYwZ2cQCBlMCIHBfB2y4QPSSHV7m7ysgfVQ-HNRtsWMITueFNCQOOjlr&range=0-72806&rn=3&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-5goeenez.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 15 Aug 2024 09:59:33 GMT
Expires: Thu, 15 Aug 2024 09:59:33 GMT
Cache-Control: private, max-age=21299
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0

rr2---sn-5goeenez.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&rrc=80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&cms_redirect=yes&cmsv=e&mh=yw&mm=29&mn=sn-5goeenez&ms=rdu&mt=1723714789&mv=u&mvi=2&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRgIhAPSm3SGy440Iwhm1243AAHGpkqQimDA6qbByTR_SXgBVAiEAhEW2ORZzJ01QKwPi70FNi9SGDy93A43Ih3Gt6Qv1_NM%3D&range=0-94503&rn=4&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1

74.125.111.7

200 OK

1.5 kB

URL POST HTTP/1.1
rr2---sn-5goeenez.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&rrc=80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&cms_redirect=yes&cmsv=e&mh=yw&mm=29&mn=sn-5goeenez&ms=rdu&mt=1723714789&mv=u&mvi=2&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRgIhAPSm3SGy440Iwhm1243AAHGpkqQimDA6qbByTR_SXgBVAiEAhEW2ORZzJ01QKwPi70FNi9SGDy93A43Ih3Gt6Qv1_NM%3D&range=0-94503&rn=4&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1
IP
74.125.111.7:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.c.docs.google.com
Fingerprint6C:53:8D:31:BE:19:4F:5B:40:5F:DD:1A:A7:8A:B4:32:3A:6F:0F:DF
ValidityTue, 16 Jul 2024 14:34:06 GMT - Tue, 24 Sep 2024 14:34:05 GMT

File type
data
Size
1.5 kB (1535 bytes)
Hash
7cb45bcf50faf41f1bf88b84ba404418
2e31d7d5e3865fa7e0d79e206ca2992a5e27ea81
2076a64ec52b2fae9a4053cc797178d0f672e1f40f176d4b98e54091438fda0b

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&rrc=80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&cms_redirect=yes&cmsv=e&mh=yw&mm=29&mn=sn-5goeenez&ms=rdu&mt=1723714789&mv=u&mvi=2&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRgIhAPSm3SGy440Iwhm1243AAHGpkqQimDA6qbByTR_SXgBVAiEAhEW2ORZzJ01QKwPi70FNi9SGDy93A43Ih3Gt6Qv1_NM%3D&range=0-94503&rn=4&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-5goeenez.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 15 Aug 2024 09:59:33 GMT
Expires: Thu, 15 Aug 2024 09:59:33 GMT
Cache-Control: private, max-age=21299
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0

yt3.ggpht.com/zvLJFiX6xhfelgNEerD5OXYWyo7d1FoybmrPyKM1AsR_-QnmBv_k_Zo8fUix99NIQdAzIAjUaC4=s88-c-k-c0x00ffffff-no-rj

142.250.74.65

200 OK

3.1 kB

URL GET HTTP/3
yt3.ggpht.com/zvLJFiX6xhfelgNEerD5OXYWyo7d1FoybmrPyKM1AsR_-QnmBv_k_Zo8fUix99NIQdAzIAjUaC4=s88-c-k-c0x00ffffff-no-rj
IP
142.250.74.65:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintA6:0A:39:C6:7C:75:70:95:1C:CC:6E:1F:5D:AF:3C:FD:47:BB:4D:A0
ValidityTue, 30 Jul 2024 12:49:08 GMT - Tue, 22 Oct 2024 12:49:07 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 88x88, components 3
Size
3.1 kB (3130 bytes)
Hash
b0e78422fb943cbfe4049a204ed4835a
03f89e1b82af63bbbd72bc3bb4928209b5e8c463
9ed9025aa46f4ffaea2275b0261af0e218f8b627d7afcda3737d268783a6d525

HTTP Headers

GET /zvLJFiX6xhfelgNEerD5OXYWyo7d1FoybmrPyKM1AsR_-QnmBv_k_Zo8fUix99NIQdAzIAjUaC4=s88-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3130
x-xss-protection: 0
date: Thu, 15 Aug 2024 09:59:33 GMT
expires: Fri, 16 Aug 2024 09:59:33 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8be7ec46b9672f80c548418a6dd4b8b0
8128bee83a5bf3b091d07795d1fc27091fbbe697
f57c750b44e9a70650a3bf1b8f7b1b3e50a18e7c2123b6c48978d363fc6ad05b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Aug 2024 09:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=0-72806&rn=5&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1

74.125.8.5

200 OK

73 kB

URL POST HTTP/1.1
rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=0-72806&rn=5&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1
IP
74.125.8.5:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.c.docs.google.com
Fingerprint6C:53:8D:31:BE:19:4F:5B:40:5F:DD:1A:A7:8A:B4:32:3A:6F:0F:DF
ValidityTue, 16 Jul 2024 14:34:06 GMT - Tue, 24 Sep 2024 14:34:05 GMT

File type
data
Size
73 kB (72900 bytes)
Hash
10ce29c16db845c9c20fd05ef3ed0a74
10987e826fbd2f016a91532f02d96b3d4b1eee4b
0cdc4c978f2ef78a3a49dabbb4c1908e6d6e750d9e6f626ca00b64a940606a7f

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=0-72806&rn=5&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1 HTTP/1.1
Host: rr5---sn-oj5hn5-55.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 22 Sep 2023 16:16:31 GMT
Content-Type: application/vnd.yt-ump
Date: Thu, 15 Aug 2024 09:59:33 GMT
Expires: Thu, 15 Aug 2024 09:59:33 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0

rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIgOjPnkr_wzKSbtLqMKB6BqUoGQxLmoVXlSK0g6Y1yHwgCIQC32Tr3qbIBjWo5_GZwnUlR2h5lWYUM67yWB1ulxO90Yw%3D%3D&range=0-94503&rn=6&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1

74.125.8.5

200 OK

95 kB

URL POST HTTP/1.1
rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIgOjPnkr_wzKSbtLqMKB6BqUoGQxLmoVXlSK0g6Y1yHwgCIQC32Tr3qbIBjWo5_GZwnUlR2h5lWYUM67yWB1ulxO90Yw%3D%3D&range=0-94503&rn=6&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1
IP
74.125.8.5:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.c.docs.google.com
Fingerprint6C:53:8D:31:BE:19:4F:5B:40:5F:DD:1A:A7:8A:B4:32:3A:6F:0F:DF
ValidityTue, 16 Jul 2024 14:34:06 GMT - Tue, 24 Sep 2024 14:34:05 GMT

File type
data
Size
95 kB (94565 bytes)
Hash
7583957f574e8f7c98b98d11908fe591
10f739fa2853db72255eef92e838af53c03f5322
f2a2322a1b510dc8dd79b204ca9cb4f4f2e22692eebeefb8ac7a925546dfbdb7

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIgOjPnkr_wzKSbtLqMKB6BqUoGQxLmoVXlSK0g6Y1yHwgCIQC32Tr3qbIBjWo5_GZwnUlR2h5lWYUM67yWB1ulxO90Yw%3D%3D&range=0-94503&rn=6&rbuf=0&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1 HTTP/1.1
Host: rr5---sn-oj5hn5-55.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Fri, 22 Sep 2023 16:03:08 GMT
Content-Type: application/vnd.yt-ump
Date: Thu, 15 Aug 2024 09:59:33 GMT
Expires: Thu, 15 Aug 2024 09:59:33 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0

www.youtube.com/ptracking?html5=1&video_id=c8UgcYzGw8E&cpn=R8ShaBYV4Z8XRRom&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ptk=youtube_none&pltype=contentugc

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
www.youtube.com/ptracking?html5=1&video_id=c8UgcYzGw8E&cpn=R8ShaBYV4Z8XRRom&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ptk=youtube_none&pltype=contentugc
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ptracking?html5=1&video_id=c8UgcYzGw8E&cpn=R8ShaBYV4Z8XRRom&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ptk=youtube_none&pltype=contentugc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgticHhDMmhaNlgwayiCo_e1BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240812.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1723715972184&flash=0&frm=2&u_tz&u_his=3&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C70%2C15&vis=1&wgl=true&ca_type=image
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Thu, 15 Aug 2024 09:59:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=0.04&fmt=243&fs=0&rt=1.255&euri=http%3A%2F%2F3.142.138.123%2F&lact=1337&cl=662321128&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&epm=1&hl=en_US&cr=NO&len=3954.521&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&rtn=9&afmt=251&size=70%3A15&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=0.04&fmt=243&fs=0&rt=1.255&euri=http%3A%2F%2F3.142.138.123%2F&lact=1337&cl=662321128&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&epm=1&hl=en_US&cr=NO&len=3954.521&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&rtn=9&afmt=251&size=70%3A15&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/stats/playback?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=0.04&fmt=243&fs=0&rt=1.255&euri=http%3A%2F%2F3.142.138.123%2F&lact=1337&cl=662321128&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&epm=1&hl=en_US&cr=NO&len=3954.521&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&rtn=9&afmt=251&size=70%3A15&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgticHhDMmhaNlgwayiCo_e1BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240812.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1723715972184&flash=0&frm=2&u_tz&u_his=3&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C70%2C15&vis=1&wgl=true&ca_type=image
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Thu, 15 Aug 2024 09:59:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=72807-154188&rn=7&rbuf=4232&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1

74.125.8.5

200 OK

420 kB

URL POST HTTP/3
rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=72807-154188&rn=7&rbuf=4232&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1
IP
74.125.8.5:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.c.docs.google.com
Fingerprint6C:53:8D:31:BE:19:4F:5B:40:5F:DD:1A:A7:8A:B4:32:3A:6F:0F:DF
ValidityTue, 16 Jul 2024 14:34:06 GMT - Tue, 24 Sep 2024 14:34:05 GMT

File type
data
Size
420 kB (420243 bytes)
Hash
a3bbeb3261e98ae487368983a67189ac
0a4fbb2d0326106c4c9eb43dfea7c37d7073e47d
53e56becf205a6dac576126faf2ccf76f651aee8560214e7b76d0c30d4656215

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=72807-154188&rn=7&rbuf=4232&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1 HTTP/1.1
Host: rr5---sn-oj5hn5-55.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
last-modified: Fri, 22 Sep 2023 16:16:31 GMT
content-type: application/vnd.yt-ump
date: Thu, 15 Aug 2024 09:59:33 GMT
expires: Thu, 15 Aug 2024 09:59:33 GMT
cache-control: private, max-age=21299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0

3.142.138.123/kioscos/kioscobanner3.0/ping.php

3.142.138.123

200 OK

139 B

URL POST HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/ping.php
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
da20695291e12a1c7f4fd4a162a9f150
d5f3e82c79a53aad13dc66a80b89e9b9cbc07d37
6a40393b3c41f020cd173a3bdf14677fe57a60e34421e932844803dd01a86ebf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /kioscos/kioscobanner3.0/ping.php HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 12
Origin: http://3.142.138.123
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/5.6.8, ASP.NET
Date: Thu, 15 Aug 2024 09:59:35 GMT
Content-Length: 139

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.211.14

200 OK

0 B

URL OPTIONS HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 15 Aug 2024 09:59:36 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=3.017&fmt=243&fs=0&rt=4.305&euri=http%3A%2F%2F3.142.138.123%2F&lact=4386&cl=662321128&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&epm=1&hl=en_US&cr=NO&len=3954.521&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&afmt=251&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE

216.58.211.14

204 No Content

0 B

URL POST HTTP/3
www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=3.017&fmt=243&fs=0&rt=4.305&euri=http%3A%2F%2F3.142.138.123%2F&lact=4386&cl=662321128&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&epm=1&hl=en_US&cr=NO&len=3954.521&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&afmt=251&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/stats/atr?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=3.017&fmt=243&fs=0&rt=4.305&euri=http%3A%2F%2F3.142.138.123%2F&lact=4386&cl=662321128&mos=1&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&epm=1&hl=en_US&cr=NO&len=3954.521&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&afmt=251&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgticHhDMmhaNlgwayiCo_e1BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240812.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1723715972184&flash=0&frm=2&u_tz&u_his=3&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C70%2C15&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 1962
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Thu, 15 Aug 2024 09:59:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.211.14

200 OK

131 B

URL OPTIONS HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 589
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 15 Aug 2024 09:59:36 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

3.142.138.123/kioscos/kioscobanner3.0/imagenes/Banner2.jpg

3.142.138.123

200 OK

43 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/Banner2.jpg
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 960x720, components 3
Size
43 kB (43346 bytes)
Hash
06fb27b1e42f547ff1741a7aa8d32b9d
c160173bf9086f966cff8f9b9f17f7b959cfa25d
28518056ab9b797ca69cc1b65fb5ce715c830a2f3b3e9d34fd5b496b4644d381

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/Banner2.jpg HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/css/estilos.css
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 02 Jul 2024 22:23:22 GMT
Accept-Ranges: bytes
ETag: "6298f072ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:39 GMT
Content-Length: 43346

3.142.138.123/kioscos/kioscobanner3.0/ping.php

3.142.138.123

200 OK

139 B

URL POST HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/ping.php
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
da20695291e12a1c7f4fd4a162a9f150
d5f3e82c79a53aad13dc66a80b89e9b9cbc07d37
6a40393b3c41f020cd173a3bdf14677fe57a60e34421e932844803dd01a86ebf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /kioscos/kioscobanner3.0/ping.php HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 12
Origin: http://3.142.138.123
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/5.6.8, ASP.NET
Date: Thu, 15 Aug 2024 09:59:40 GMT
Content-Length: 139

www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=7.755&fmt=243&fs=0&rt=9.001&euri=http%3A%2F%2F3.142.138.123%2F&lact=9083&cl=662321128&state=playing&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=NO&len=3954.521&rtn=19&afmt=251&idpj=-3&ldpj=-12&rti=9&size=70%3A15&st=0&et=7.755&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=7.755&fmt=243&fs=0&rt=9.001&euri=http%3A%2F%2F3.142.138.123%2F&lact=9083&cl=662321128&state=playing&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=NO&len=3954.521&rtn=19&afmt=251&idpj=-3&ldpj=-12&rti=9&size=70%3A15&st=0&et=7.755&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/stats/watchtime?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=7.755&fmt=243&fs=0&rt=9.001&euri=http%3A%2F%2F3.142.138.123%2F&lact=9083&cl=662321128&state=playing&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=NO&len=3954.521&rtn=19&afmt=251&idpj=-3&ldpj=-12&rti=9&size=70%3A15&st=0&et=7.755&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgticHhDMmhaNlgwayiCo_e1BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240812.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1723715972184&flash=0&frm=2&u_tz&u_his=3&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C70%2C15&vis=1&wgl=true&ca_type=image
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Thu, 15 Aug 2024 09:59:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.youtube.com/api/stats/qoe?fmt=243&afmt=251&cpn=R8ShaBYV4Z8XRRom&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&cl=662321128&seq=2&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&event=streamingstats&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&qclc=ChBSOFNoYUJZVjRaOFhSUm9tEAI&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.339:251;CggKA2RyYxIBMQ::i&ctmp=itr:t.655;&user_intent=0&bh=1.250:2.466,10.001:17.945&cmt=1.250:0.040,2.001:0.763,10.001:8.761&vps=1.250:PL,10.001:PL&bwm=10.001:875465:1.938&bwe=10.001:2717420&df=10.001:0

216.58.211.14

204 No Content

0 B

URL POST HTTP/3
www.youtube.com/api/stats/qoe?fmt=243&afmt=251&cpn=R8ShaBYV4Z8XRRom&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&cl=662321128&seq=2&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&event=streamingstats&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&qclc=ChBSOFNoYUJZVjRaOFhSUm9tEAI&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.339:251;CggKA2RyYxIBMQ::i&ctmp=itr:t.655;&user_intent=0&bh=1.250:2.466,10.001:17.945&cmt=1.250:0.040,2.001:0.763,10.001:8.761&vps=1.250:PL,10.001:PL&bwm=10.001:875465:1.938&bwe=10.001:2717420&df=10.001:0
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/stats/qoe?fmt=243&afmt=251&cpn=R8ShaBYV4Z8XRRom&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60171%2C67155%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C19202%2C9950%2C2196%2C9996%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C14041%2C3760%2C12945%2C10607%2C321%2C148%2C2%2C2126%2C14%2C1322%2C4205%2C1823%2C3186%2C2912%2C7568%2C328%2C14%2C142%2C4092%2C1768%2C604%2C4073%2C2150%2C439%2C5905&cl=662321128&seq=2&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&event=streamingstats&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&qclc=ChBSOFNoYUJZVjRaOFhSUm9tEAI&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.339:251;CggKA2RyYxIBMQ::i&ctmp=itr:t.655;&user_intent=0&bh=1.250:2.466,10.001:17.945&cmt=1.250:0.040,2.001:0.763,10.001:8.761&vps=1.250:PL,10.001:PL&bwm=10.001:875465:1.938&bwe=10.001:2717420&df=10.001:0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgticHhDMmhaNlgwayiCo_e1BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240812.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1723715972184&flash=0&frm=2&u_tz&u_his=3&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C70%2C15&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Thu, 15 Aug 2024 09:59:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIgOjPnkr_wzKSbtLqMKB6BqUoGQxLmoVXlSK0g6Y1yHwgCIQC32Tr3qbIBjWo5_GZwnUlR2h5lWYUM67yWB1ulxO90Yw%3D%3D&range=272412-990841&rn=11&rbuf=17946&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1

74.125.8.5

200 OK

726 kB

URL POST HTTP/3
rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIgOjPnkr_wzKSbtLqMKB6BqUoGQxLmoVXlSK0g6Y1yHwgCIQC32Tr3qbIBjWo5_GZwnUlR2h5lWYUM67yWB1ulxO90Yw%3D%3D&range=272412-990841&rn=11&rbuf=17946&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1
IP
74.125.8.5:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.c.docs.google.com
Fingerprint6C:53:8D:31:BE:19:4F:5B:40:5F:DD:1A:A7:8A:B4:32:3A:6F:0F:DF
ValidityTue, 16 Jul 2024 14:34:06 GMT - Tue, 24 Sep 2024 14:34:05 GMT

File type
data
Size
726 kB (726417 bytes)
Hash
af22c6fb53468b10e97eb64919182d2f
6938c4f69f0ee045e0fa38ce7cfed6bc39b6dcd4
62e4987bec3605620a9d2eae6cc020557e0b432667a39fab26e4030b424ab685

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIgOjPnkr_wzKSbtLqMKB6BqUoGQxLmoVXlSK0g6Y1yHwgCIQC32Tr3qbIBjWo5_GZwnUlR2h5lWYUM67yWB1ulxO90Yw%3D%3D&range=272412-990841&rn=11&rbuf=17946&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1 HTTP/1.1
Host: rr5---sn-oj5hn5-55.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
last-modified: Fri, 22 Sep 2023 16:03:08 GMT
content-type: application/vnd.yt-ump
date: Thu, 15 Aug 2024 09:59:42 GMT
expires: Thu, 15 Aug 2024 09:59:42 GMT
cache-control: private, max-age=21290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0

3.142.138.123/kioscos/kioscobanner3.0/ping.php

3.142.138.123

200 OK

139 B

URL POST HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/ping.php
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
da20695291e12a1c7f4fd4a162a9f150
d5f3e82c79a53aad13dc66a80b89e9b9cbc07d37
6a40393b3c41f020cd173a3bdf14677fe57a60e34421e932844803dd01a86ebf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /kioscos/kioscobanner3.0/ping.php HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 12
Origin: http://3.142.138.123
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/5.6.8, ASP.NET
Date: Thu, 15 Aug 2024 09:59:45 GMT
Content-Length: 139

3.142.138.123/kioscos/kioscobanner3.0/imagenes/Banner3.jpg

3.142.138.123

200 OK

106 kB

URL GET HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/imagenes/Banner3.jpg
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 960x720, components 3
Size
106 kB (105732 bytes)
Hash
358715fde9b9266e33fed227f9a2e591
a6926be614bbda1d2e49921f800fa55a7a39dcb5
9e5f54c3e215540baecf90d5b41e8257e02d4d383535f3696b11b7f94e5a598a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/Banner3.jpg HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/css/estilos.css
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 02 Jul 2024 22:23:22 GMT
Accept-Ranges: bytes
ETag: "8ed71373ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:48 GMT
Content-Length: 105732

3.142.138.123/kioscos/kioscobanner3.0/ping.php

3.142.138.123

200 OK

139 B

URL POST HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/ping.php
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
da20695291e12a1c7f4fd4a162a9f150
d5f3e82c79a53aad13dc66a80b89e9b9cbc07d37
6a40393b3c41f020cd173a3bdf14677fe57a60e34421e932844803dd01a86ebf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /kioscos/kioscobanner3.0/ping.php HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 12
Origin: http://3.142.138.123
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/5.6.8, ASP.NET
Date: Thu, 15 Aug 2024 09:59:50 GMT
Content-Length: 139

www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=17.765&fmt=243&fs=0&rt=19.003&euri=http%3A%2F%2F3.142.138.123%2F&lact=19084&cl=662321128&state=playing&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=NO&len=3954.521&rtn=29&afmt=251&idpj=-3&ldpj=-12&rti=19&size=70%3A15&st=7.755&et=17.765&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=17.765&fmt=243&fs=0&rt=19.003&euri=http%3A%2F%2F3.142.138.123%2F&lact=19084&cl=662321128&state=playing&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=NO&len=3954.521&rtn=29&afmt=251&idpj=-3&ldpj=-12&rti=19&size=70%3A15&st=7.755&et=17.765&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/stats/watchtime?ns=yt&el=embedded&cpn=R8ShaBYV4Z8XRRom&ver=2&cmt=17.765&fmt=243&fs=0&rt=19.003&euri=http%3A%2F%2F3.142.138.123%2F&lact=19084&cl=662321128&state=playing&volume=100&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240812.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=NO&len=3954.521&rtn=29&afmt=251&idpj=-3&ldpj=-12&rti=19&size=70%3A15&st=7.755&et=17.765&muted=1&docid=c8UgcYzGw8E&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&plid=AAYfteY74-3HMYPq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fc8UgcYzGw8E%3Fautoplay%3D1%26mute%3D1&of=4XKpUj-jEd5dOTKZWLr0FQ&vm=CAEQABgEOjJBSHFpSlRKRUgzcVVlNUdOVVFEMk5iRkRpRWp4Z1FxNkcyTk45NFJhR19rWWhGalJZZ2JiQU9BckJGdDFLTlozZ3l3RzNwc1NTaktoeW5UaEJlSk9xUE5MUnBoeEhTYkZLZzdJM2NrQmlQcktKMzhQXy1xWHV3OW9KVXRfV2hpeFY4cFB4aVRMcXpSOFFTNVpzQ2xDaFE HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgticHhDMmhaNlgwayiCo_e1BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240812.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1723715972184&flash=0&frm=2&u_tz&u_his=3&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C70%2C15&vis=1&wgl=true&ca_type=image
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Thu, 15 Aug 2024 09:59:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

3.142.138.123/kioscos/kioscobanner3.0/ping.php

3.142.138.123

200 OK

139 B

URL POST HTTP/1.1
3.142.138.123/kioscos/kioscobanner3.0/ping.php
IP
3.142.138.123:80
ASN
#16509 AMAZON-02

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php

File type
ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
da20695291e12a1c7f4fd4a162a9f150
d5f3e82c79a53aad13dc66a80b89e9b9cbc07d37
6a40393b3c41f020cd173a3bdf14677fe57a60e34421e932844803dd01a86ebf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /kioscos/kioscobanner3.0/ping.php HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 12
Origin: http://3.142.138.123
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/5.6.8, ASP.NET
Date: Thu, 15 Aug 2024 09:59:55 GMT
Content-Length: 139

3.142.138.123/kioscos/kioscobanner3.0/imagenes/Banner4.jpg

3.142.138.123

38 kB

URL
3.142.138.123/kioscos/kioscobanner3.0/imagenes/Banner4.jpg
IP
3.142.138.123:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 662x307, components 3
Size
38 kB (37783 bytes)
Hash
d95ff347d5b515e35829b9710a257253
9ce7220c4a11cda31cf91409496fe8da33d7ee00
6237502aa649b9529b1c8706c704fda8abb3b1debdc1875ebe5b2a8690681c71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kioscos/kioscobanner3.0/imagenes/Banner4.jpg HTTP/1.1
Host: 3.142.138.123
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/kioscos/kioscobanner3.0/css/estilos.css
Cookie: PHPSESSID=svie8um0ckblvgkctf2ifukkn6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 02 Jul 2024 22:23:22 GMT
Accept-Ranges: bytes
ETag: "add11a73ceccda1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 15 Aug 2024 09:59:57 GMT
Content-Length: 37783

www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

216.58.211.14

200 OK

31 B

URL POST HTTP/3
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JSON text data
Size
31 B (31 bytes)
Hash
5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

HTTP Headers

POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1723715998662
Content-Type: application/json
X-Goog-Visitor-Id: CgticHhDMmhaNlgwayiCo_e1BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgHg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240812.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1723715971605&flash=0&frm=2&u_tz&u_his=3&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C70%2C15&vis=1&wgl=true&ca_type=image
Content-Length: 972
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 15 Aug 2024 09:59:58 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIgOjPnkr_wzKSbtLqMKB6BqUoGQxLmoVXlSK0g6Y1yHwgCIQC32Tr3qbIBjWo5_GZwnUlR2h5lWYUM67yWB1ulxO90Yw%3D%3D&range=94504-272411&rn=8&rbuf=4413&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1

74.125.8.5

200 OK

178 kB

URL POST HTTP/3
rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIgOjPnkr_wzKSbtLqMKB6BqUoGQxLmoVXlSK0g6Y1yHwgCIQC32Tr3qbIBjWo5_GZwnUlR2h5lWYUM67yWB1ulxO90Yw%3D%3D&range=94504-272411&rn=8&rbuf=4413&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1
IP
74.125.8.5:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.c.docs.google.com
Fingerprint6C:53:8D:31:BE:19:4F:5B:40:5F:DD:1A:A7:8A:B4:32:3A:6F:0F:DF
ValidityTue, 16 Jul 2024 14:34:06 GMT - Tue, 24 Sep 2024 14:34:05 GMT

File type
data
Size
178 kB (177971 bytes)
Hash
8cbf90f792cc50466f0b71b711b29bad
589ccdabf5913eb8dd7a51e37bc1fffc96273b81
078f5a6797afe2a8edce12979a56d17dd2ca470fa6eb5a9a5fe1e6baed79d17f

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&mime=video%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=75307291&dur=3954.466&lmt=1695398588380105&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=531F224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAKR0rnD2BL-3w9e6ez35BAYx_WmamgRnOFR7iq9K6hsPAiApqm466QMyIFryOwBjigjW2jkhAK4GmsC-32s9Lu5rsg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIgOjPnkr_wzKSbtLqMKB6BqUoGQxLmoVXlSK0g6Y1yHwgCIQC32Tr3qbIBjWo5_GZwnUlR2h5lWYUM67yWB1ulxO90Yw%3D%3D&range=94504-272411&rn=8&rbuf=4413&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1 HTTP/1.1
Host: rr5---sn-oj5hn5-55.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
last-modified: Fri, 22 Sep 2023 16:03:08 GMT
content-type: application/vnd.yt-ump
date: Thu, 15 Aug 2024 09:59:33 GMT
expires: Thu, 15 Aug 2024 09:59:33 GMT
cache-control: private, max-age=21299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0

yt3.ggpht.com/zvLJFiX6xhfelgNEerD5OXYWyo7d1FoybmrPyKM1AsR_-QnmBv_k_Zo8fUix99NIQdAzIAjUaC4=s68-c-k-c0x00ffffff-no-rj

142.250.74.65

200 OK

2.4 kB

URL GET HTTP/2
yt3.ggpht.com/zvLJFiX6xhfelgNEerD5OXYWyo7d1FoybmrPyKM1AsR_-QnmBv_k_Zo8fUix99NIQdAzIAjUaC4=s68-c-k-c0x00ffffff-no-rj
IP
142.250.74.65:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintA6:0A:39:C6:7C:75:70:95:1C:CC:6E:1F:5D:AF:3C:FD:47:BB:4D:A0
ValidityTue, 30 Jul 2024 12:49:08 GMT - Tue, 22 Oct 2024 12:49:07 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 68x68, components 3
Size
2.4 kB (2426 bytes)
Hash
e39c48211dac285cad4646d231f948af
87f8bd53e51132d5e2ff3d69d01851b417bc625d
1ba7a984ce73a4cc5c8db97c1c2c38c888dc5f32ac69c3838fc0b609d9c051f0

HTTP Headers

GET /zvLJFiX6xhfelgNEerD5OXYWyo7d1FoybmrPyKM1AsR_-QnmBv_k_Zo8fUix99NIQdAzIAjUaC4=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 2426
x-xss-protection: 0
date: Thu, 15 Aug 2024 09:59:32 GMT
expires: Fri, 16 Aug 2024 09:59:32 GMT
cache-control: public, max-age=86400, no-transform
age: 0
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Fira+Sans

142.250.74.138

200 OK

2.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Fira+Sans
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
ASCII text, with very long lines (2281), with no line terminators
Size
2.2 kB (2225 bytes)
Hash
0033b5e6cfe28ace3fe5183fff42928d
078c3f4ad2c8264d28d7fa31254c170deeb597bb
6e68e17f334900fd2ad8ae706b53f9a99a5b492d9b2c8b8603aeafcfc78df3ec

HTTP Headers

GET /css?family=Fira+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Aug 2024 09:59:30 GMT
date: Thu, 15 Aug 2024 09:59:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=154189-314857&rn=9&rbuf=9486&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1

74.125.8.5

200 OK

161 kB

URL POST HTTP/3
rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=154189-314857&rn=9&rbuf=9486&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1
IP
74.125.8.5:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.c.docs.google.com
Fingerprint6C:53:8D:31:BE:19:4F:5B:40:5F:DD:1A:A7:8A:B4:32:3A:6F:0F:DF
ValidityTue, 16 Jul 2024 14:34:06 GMT - Tue, 24 Sep 2024 14:34:05 GMT

File type
data
Size
161 kB (160764 bytes)
Hash
c8a026222c1abb4263d4e3c460f04dc8
4a2a17d751082486f320ad9312351a7cbb0d0555
f37a5ce7fb03b6d23b8ee8b2341d868d6a991a6c9ec2f51287f536192ef478ef

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=154189-314857&rn=9&rbuf=9486&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1 HTTP/1.1
Host: rr5---sn-oj5hn5-55.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
last-modified: Fri, 22 Sep 2023 16:16:31 GMT
content-type: application/vnd.yt-ump
date: Thu, 15 Aug 2024 09:59:33 GMT
expires: Thu, 15 Aug 2024 09:59:33 GMT
cache-control: private, max-age=21299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0

rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=596695-1052211&rn=12&rbuf=24826&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1

74.125.8.5

200 OK

456 kB

URL POST HTTP/3
rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=596695-1052211&rn=12&rbuf=24826&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1
IP
74.125.8.5:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.c.docs.google.com
Fingerprint6C:53:8D:31:BE:19:4F:5B:40:5F:DD:1A:A7:8A:B4:32:3A:6F:0F:DF
ValidityTue, 16 Jul 2024 14:34:06 GMT - Tue, 24 Sep 2024 14:34:05 GMT

File type
data
Size
456 kB (455612 bytes)
Hash
daeba65980a7333ddfea4c4e9936f74c
86bec32d88b41cabf7304db9849023bd92bb6ed5
be2c4f1cfad66a8813b433427487b7dfb21a2629b84dfc79190f26100e64c9bb

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=596695-1052211&rn=12&rbuf=24826&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1 HTTP/1.1
Host: rr5---sn-oj5hn5-55.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
last-modified: Fri, 22 Sep 2023 16:16:31 GMT
content-type: application/vnd.yt-ump
date: Thu, 15 Aug 2024 09:59:48 GMT
expires: Thu, 15 Aug 2024 09:59:48 GMT
cache-control: private, max-age=21284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0

www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/remote.js

216.58.211.14

200 OK

121 kB

URL GET HTTP/3
www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/remote.js
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JavaScript source, ASCII text, with very long lines (543)
Size
121 kB (120847 bytes)
Hash
b98a22487ac02c039c99602876d1972a
9e5b569d57053c14b506b987ac495e6b2acd8c5b
1b88aa48ac2d0a3cdca3725b9dec657bc4cf5a774c492412e4300dde1950db0b

HTTP Headers

GET /s/player/410a4f15/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33656
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Aug 2024 07:29:21 GMT
expires: Wed, 13 Aug 2025 07:29:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Aug 2024 04:17:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 181811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/embed.js

216.58.211.14

200 OK

68 kB

URL GET HTTP/3
www.youtube.com/s/player/410a4f15/player_ias.vflset/en_US/embed.js
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JavaScript source, ASCII text, with very long lines (3391)
Size
68 kB (67764 bytes)
Hash
8e211f141e5328418be41a23102f62ab
883b670378bae8a5c1cc60fe5ec28078f2404724
bad0e523af56d8645e53575cdc1defd4f1a4b81e59249f416e0af5d621a50fcf

HTTP Headers

GET /s/player/410a4f15/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 20603
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Aug 2024 07:29:21 GMT
expires: Wed, 13 Aug 2025 07:29:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Aug 2024 04:17:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 181811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?family=Pontano+Sans

142.250.74.138

200 OK

803 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Pontano+Sans
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
http://3.142.138.123/kioscos/kioscobanner3.0/index.php
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
ASCII text, with very long lines (819), with no line terminators
Size
803 B (803 bytes)
Hash
dc0bd176e38116a67b8023539cc03e85
eb6881050bee8343744155d362f40b5db6efb4e7
1c77f0043694e33c9d98e422fb2533c5d3483a3bf56e8b88341702102bbed656

HTTP Headers

GET /css?family=Pontano+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.142.138.123/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Aug 2024 09:59:30 GMT
date: Thu, 15 Aug 2024 09:59:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.youtube.com/s/player/410a4f15/www-player.css

216.58.211.14

200 OK

385 kB

URL GET HTTP/3
www.youtube.com/s/player/410a4f15/www-player.css
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type

Size
385 kB (385083 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/player/410a4f15/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48479
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Aug 2024 07:20:24 GMT
expires: Wed, 13 Aug 2025 07:20:24 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Aug 2024 04:17:57 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 182347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=314858-596694&rn=10&rbuf=14655&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1

74.125.8.5

200 OK

282 kB

URL POST HTTP/3
rr5---sn-oj5hn5-55.googlevideo.com/videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=314858-596694&rn=10&rbuf=14655&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1
IP
74.125.8.5:443
ASN
#15169 GOOGLE

Requested by
https://www.youtube.com/embed/c8UgcYzGw8E?autoplay=1&mute=1
Certificate
IssuerGoogle Trust Services
Subject*.c.docs.google.com
Fingerprint6C:53:8D:31:BE:19:4F:5B:40:5F:DD:1A:A7:8A:B4:32:3A:6F:0F:DF
ValidityTue, 16 Jul 2024 14:34:06 GMT - Tue, 24 Sep 2024 14:34:05 GMT

File type
data
Size
282 kB (281932 bytes)
Hash
4e45769313a3558505ad3df57b2474a8
e1ddd5658d3427ed7bb9aac77b964c333a94f233
cb78e8765b045f2110687081cf175b73eb16e87e995883276a106e4ccc6d4743

HTTP Headers

POST /videoplayback?expire=1723737572&ei=hNG9ZpP5HN-Ov_IPh67T8Ac&ip=91.90.42.154&id=o-AKmmkViJL25X8GX0XgGZiI6MNbVWx--GDT42Ris5pA7o&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AQmm2ewBRC9Hssv48VkTO8xFav99xL1CouUuT8RQGe7B4BbTIgwlz4OCG8gQukJ6OP6JZuvUNEEY8IVw&spc=Mv1m9tXyhx1nIiOztnhCGSon1KCJqs2cVAky4y_bHPTJQt46-XAcD8WLuq8b&vprv=1&svpuc=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=QexDkGp9FksmCDHwvOIrHDwQ&rqh=1&gir=yes&clen=59928742&dur=3954.521&lmt=1695399391242210&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5318224&n=GRsfEXxj06b7cg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cxtags%2Cmime%2Cns%2Crqh%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgBOJWLJL7RjKm6Ps9f8his1QAoqmzptUyIDqybbc8C2gCIQDeetEqtn9dpdSkEEvWPLWHdblQxm9hHgIYxl444MAsvg%3D%3D&alr=yes&cpn=R8ShaBYV4Z8XRRom&cver=1.20240812.01.00&cm2rm=sn-capm-vnae7e,sn-5gos77l&rrc=80,80&fexp=24350516,24350517,24350551,24350557,24350561,24350565&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=yw&mm=34&mn=sn-oj5hn5-55&ms=ltu&mt=1723715280&mv=u&mvi=5&pl=23&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AGtxev0wRQIhAOjfb7eTtwWL0Qb-RrR5YQeYHNTwxPqghlUDWlNvPfrRAiBwAvPlgLhb6dN68wtYseX_-IPiexETeKnuyFQkL6Mjnw%3D%3D&range=314858-596694&rn=10&rbuf=14655&pot=MpgBhAOAVw3d_huEPymgOjDCq75Jdn8br0oqY3-EoldovrGKjtEk1hg2RGRLywaQqUdM14sq_mFgMrmDJH9uJsVape5e-b4XEe2nT-twmG5njb2-Dn3We1OpYxyFtgEKovXcrI6y3E5eGIWW0_mQdje4Cq0MguqMQsvT21rhKHbM9oiI3Pz23C-UxwOQ4GtysDX-XY_b71g8sKs=&ump=1&srfvp=1 HTTP/1.1
Host: rr5---sn-oj5hn5-55.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
last-modified: Fri, 22 Sep 2023 16:16:31 GMT
content-type: application/vnd.yt-ump
date: Thu, 15 Aug 2024 09:59:39 GMT
expires: Thu, 15 Aug 2024 09:59:39 GMT
cache-control: private, max-age=21293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (157)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by