| firefox.settings.services.mozilla.com/v1/ | 143.204.55.115 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 18:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L3w_GIru_WPlS1UIqwI2N94OCyCeFt5TuBbOFMx9UwUlnyfvuk1rdA==
Age: 397
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash490c003436e215e91596f285fcba92f5 0c4c9a5802e7cdb699f4918c252dbdf8431c25ec 9fe6beb1cb3851018168765a243b6de69ec71d30770f8c2dcc57cae7d9978cc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE6BEB1CB3851018168765A243B6DE69EC71D30770F8C2DCC57CAE7D9978CC1"
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6844
Expires: Wed, 28 Sep 2022 20:16:20 GMT
Date: Wed, 28 Sep 2022 18:22:16 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 143.204.55.25 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP143.204.55.25:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ti7j-lNThWds4p2mYtIcV_BBwDIw3Mxgs-Mdgc8ObK5nBNhy3UOIEg==
age: 46430
X-Firefox-Spdy: h2
|
|
| mail.keefort.com.ec/ | 88.99.90.21 | 301 Moved Permanently | 20 B |
IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer | Verdict | Alert | fortinet | Malware | |
GET / HTTP/1.1
Host: mail.keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 18:22:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Upgrade: h2,h2c
Location: https://keefort.com.ec/
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf3d180dc3acdec4058df2c9ddd07ea9c e4f227ebfa27e51f24ed7e3a760750f14b194a1c 41c8d6789deae64ff0a5ba2aa63797a22859b70bc08b0dfa9ca2e8a711ee0d9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41C8D6789DEAE64FF0A5BA2AA63797A22859B70BC08B0DFA9CA2E8A711EE0D9D"
Last-Modified: Wed, 28 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Thu, 29 Sep 2022 00:22:02 GMT
Date: Wed, 28 Sep 2022 18:22:17 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.115 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 17:29:33 GMT
Expires: Wed, 28 Sep 2022 18:25:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2I-IhtdK4QpBhU9Lqn1Z5YAt1HDPnibLzN2tswyTfCgVfCLVxxa7ag==
Age: 3164
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash3526d5ce1381ba26cbc553db057e1915 fe01c920696448e8bf12e6fff877bce8281d34a2 09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2628
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:17 GMT
Last-Modified: Wed, 28 Sep 2022 17:38:29 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
|
|
| keefort.com.ec/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 | 88.99.90.21 | 200 OK | 12 kB |
URL HTTP/2keefort.com.ec/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (43771) Hashe5548800176e913a9084f47a3e1e04f6 eff4604acc5c26ae82a19188de2f98bf5b79d80c a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 11681
x-frame-options: SAMEORIGIN
last-modified: Tue, 12 Jul 2022 20:47:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/themes/hello-elementor/theme.min.css?ver=2.4.2 | 88.99.90.21 | 200 OK | 2.5 kB |
URL HTTP/2keefort.com.ec/wp-content/themes/hello-elementor/theme.min.css?ver=2.4.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (15164), with no line terminators Hash0e91f12d9098c73ecf39752a1b1dc77c c4551299b1f77e8d2a97ea4090b3baa6cead4984 07eeb206e655b8b736a2a25095f34e09a377f64f768e34e1195054601506807f
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.4.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 2538
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:23:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/preloader-plus/assets/css/preloader-plus.min.css?ver=2.2.1 | 88.99.90.21 | 200 OK | 548 B |
URL HTTP/2keefort.com.ec/wp-content/plugins/preloader-plus/assets/css/preloader-plus.min.css?ver=2.2.1 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (1440), with no line terminators Hasheebdc3328ff32b7823dc53c2d8942e8b 303d4481fc1178042bcd6efed142eac6e21d4356 3994e805be6f48d8a588fcdab3a31b3f3d906ab10a8e9bcd2e636487b9d20176
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/preloader-plus/assets/css/preloader-plus.min.css?ver=2.2.1 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 548
x-frame-options: SAMEORIGIN
last-modified: Mon, 25 Apr 2022 15:59:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/themes/hello-elementor/style.min.css?ver=2.4.2 | 88.99.90.21 | 200 OK | 1.9 kB |
URL HTTP/2keefort.com.ec/wp-content/themes/hello-elementor/style.min.css?ver=2.4.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (5854), with no line terminators Hash23fb78ef232a855a82e5f9aee9bbb97f d4460a9089afabc3a4b8c3d88c685bd98b41e7c1 3d5ce1039fc573a8c3fddb4a7cc586531e9c3808bc5ae4d0fa0ace92634e6ea6
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.4.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 1870
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:23:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1 | 88.99.90.21 | 200 OK | 3.5 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (16591) Hash049fef4884cab9115d2cad4d2a8d10be a637bb42c5778b3df7b81658cab981d55012ae96 e4a98b1db9ce04b42cca38c6a32815d793182d7a3bbaf2bc75ecca36273742b1
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 3478
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.10 | 88.99.90.21 | 200 OK | 2.6 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.10 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (10019) Hash0ea81c35141c6a4692506e4fe8d36edb 392c5f96995e66d74c27ed5a42f93169c2f32d18 b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.10 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 2592
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.10 | 88.99.90.21 | 200 OK | 537 B |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.10 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (3815) Hash0fcc3fb80581b1262bb8f36a76f17243 0e5a965b8d96df1a60925bdad7652a978a5c4549 d79d636034fb6dd1ea733172c792f8ad3b4bcf815128970111c2fb111eb270e3
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.10 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 537
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/elementor/css/post-14.css?ver=1650986038 | 88.99.90.21 | 200 OK | 381 B |
URL HTTP/2keefort.com.ec/wp-content/uploads/elementor/css/post-14.css?ver=1650986038 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (1045), with no line terminators Hashff36c7016f0d211fcceef740f3f6765c 31057d057fa2581c999c4a3317e21295d0ae5f44 a05044c44af5b6d326383fab0f302a3b5073a785e5cb0ab7d06d1524dbfae700
GET /wp-content/uploads/elementor/css/post-14.css?ver=1650986038 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 381
x-frame-options: SAMEORIGIN
last-modified: Tue, 26 Apr 2022 15:13:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.10 | 88.99.90.21 | 200 OK | 16 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.10 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (65496) Hash8568edfd37c1f47aa0f996f4e987d798 db76743e493b346d14f96490e1cdd7537ba4ec50 689d3cb42e0f8145825d827010fa48c1cd8d43b38f984cb84110e651ecfc5345
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.10 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 15782
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.5 | 88.99.90.21 | 200 OK | 23 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.5 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (65493) Hash23572c8d817328c245b1fd310cb76199 5c1833774e61845948618ad3c23717a88f631971 986ff71bfde47f936331ba9830cac020e064d5b491893d9661453a1a19724671
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.5 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 23083
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:43:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.12.0 | 88.99.90.21 | 200 OK | 308 B |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.12.0 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (482) Hashc71311e820b2cb84dcaea8c014ad22d1 e4353378e73cf50e44677251f806716af3e3565a 4775682b1094029968fef77866c6edac5887b8e8a3367edc31064fdcb7288489
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.12.0 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 308
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/elementor/css/post-128.css?ver=1650987771 | 88.99.90.21 | 200 OK | 1.1 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/elementor/css/post-128.css?ver=1650987771 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (3984) Hashff4e601adf8628f90b806e1f02c4819d 34ef1071b941bfe2b6662bba5ce69dc984c85114 5b63baa674335ef41e02d168d1cf1f547e305381335279fb3d5d03af012b0458
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/uploads/elementor/css/post-128.css?ver=1650987771 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 1108
x-frame-options: SAMEORIGIN
last-modified: Tue, 26 Apr 2022 15:42:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/elementor/css/global.css?ver=1650987255 | 88.99.90.21 | 200 OK | 5.7 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/elementor/css/global.css?ver=1650987255 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (29171) Hash06dc6da5bf5e8563c759d28ffa42fe6e 6500ec1dd71fb35c2d0451cd806a27b315dc1a8f 7717f3a3fa21fbd58f2152ea95193586d0f8f16d84bc7e4b00f477bf302ad33d
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/uploads/elementor/css/global.css?ver=1650987255 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 5713
x-frame-options: SAMEORIGIN
last-modified: Tue, 26 Apr 2022 15:34:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/elementor/css/post-278.css?ver=1650989575 | 88.99.90.21 | 200 OK | 1.9 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/elementor/css/post-278.css?ver=1650989575 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (15895), with no line terminators Hash2e614f63c5b6854df3fd55bc16836dd8 d23a1d63d2011a30936b890ff30bba1a5764aa50 75b79713f513c049cfea275fc926868b78301cb53cbf1aed16d2b326bccce3fa
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/uploads/elementor/css/post-278.css?ver=1650989575 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 1943
x-frame-options: SAMEORIGIN
last-modified: Tue, 26 Apr 2022 16:12:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.12.0 | 88.99.90.21 | 200 OK | 12 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.12.0 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (55567) Hash63d58fe0821a0b4e6d97b59f11bf5075 4322ee6337c719701d0df065d62c0ab6cc1f6788 596e9beb8d0a9f672f67bab9b0766eb32e004c3e7c04c3b367649ca83008c861
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.12.0 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 12121
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 44.242.32.27 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.242.32.27:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XMBZbdT2aXi9w4HiDk3gKA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VAYQlvNFweQJKNCaxFxQOsAF4Ic=
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.12.0 | 88.99.90.21 | 200 OK | 300 B |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.12.0 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (475) Hash649dae3333e1ded61e25950d84151b58 6615c253809369f92d44c271a24e47797116ab56 6285569997ff721b7f84905715170827d85d8873a6f1e0f2219f0c4b618fbda7
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.12.0 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 300
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.12.0 | 88.99.90.21 | 200 OK | 305 B |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.12.0 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (490) Hashfb8a5770ba193203761b01908d7afd1e 4579989df15ee99dbdcb5b3d7ff6771d3cfb822c 0e2dc8317419353a8c21b991248acf259075734fefcbb1d05f151e467620535f
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.12.0 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 305
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash8eb56ca84ce38713c2575c9d5506eabe 294a9ea859390bfe5d73cf810eefae10bf0f2f5e 6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| keefort.com.ec/wp-content/uploads/elementor/css/post-7.css?ver=1664389330 | 88.99.90.21 | 200 OK | 7.0 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/elementor/css/post-7.css?ver=1664389330 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (39412) Hashcde2fc1433ed8d8980b8449e6f239e57 a6d44457fbce7a600fffdc14cdb63b875ba81c2c 60b0e0ac0fd6ec0fcadf637ef2ee5cc6271de921910bea13d01cbaa82bafc8c2
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/uploads/elementor/css/post-7.css?ver=1664389330 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 6972
x-frame-options: SAMEORIGIN
last-modified: Wed, 28 Sep 2022 18:22:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/preloader-plus//assets/js/preloader-plus.min.js?ver=2.2.1 | 88.99.90.21 | 200 OK | 555 B |
URL HTTP/2keefort.com.ec/wp-content/plugins/preloader-plus//assets/js/preloader-plus.min.js?ver=2.2.1 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (1130) Hash7950121d54233754f83bcc1a09167610 c6f0b8559b09ce97018e1e62f6b483b39ff7ee2d 272ae59f1899d63ee29aefb11473ed48f80bf73d7236d3ca3f0fc2d8c511a95c
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/preloader-plus//assets/js/preloader-plus.min.js?ver=2.2.1 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 555
x-frame-options: SAMEORIGIN
last-modified: Mon, 25 Apr 2022 15:59:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 | 88.99.90.21 | 200 OK | 4.2 kB |
URL HTTP/2keefort.com.ec/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (11126) Hash5629711d7fdd5b28441bac39b851299f 4e0bf2b7383097f7c352023a1b1b1b48a50356b6 44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 4169
x-frame-options: SAMEORIGIN
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/e-gallery/css/e-gallery.min.css?ver=1.2.0 | 88.99.90.21 | 200 OK | 844 B |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/e-gallery/css/e-gallery.min.css?ver=1.2.0 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (3264) Hash822a89612b23b9a53fd40a8393e5d394 a9c863b977bf8b18e10f4f09c180bfb4cd5be099 f2de00c5ebf8246b2fdbe9654b58f43e173402a2898f6822e4d00d5994067997
GET /wp-content/plugins/elementor/assets/lib/e-gallery/css/e-gallery.min.css?ver=1.2.0 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 844
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.27.2 | 88.99.90.21 | 200 OK | 8.0 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.27.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (29514), with no line terminators Hash750689e22300ad7b969b3c9d0301ff00 438a1629b5267f4818adec8df854967fe18360d7 97a8237b6739dcc528ba1b0b76eb795caac15df69e25982869716d0b55b9e85f
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.27.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 8017
x-frame-options: SAMEORIGIN
last-modified: Wed, 20 Apr 2022 20:03:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-js/typed.min.js?ver=1.27.2 | 88.99.90.21 | 200 OK | 1.1 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-js/typed.min.js?ver=1.27.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (2821), with no line terminators Hash8911d7e269e5c4ec633a26d22cc1fd0d dc1b6d69774d2f0833d44f890cd44e088756204a 2ff2788a8834b4751f3b679a312d4dc5b7c201f0baf122f2b23028bf3a122ed5
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ultimate-elementor/assets/min-js/typed.min.js?ver=1.27.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 1138
x-frame-options: SAMEORIGIN
last-modified: Wed, 20 Apr 2022 20:03:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-js/rvticker.min.js?ver=1.27.2 | 88.99.90.21 | 200 OK | 1.3 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-js/rvticker.min.js?ver=1.27.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (4057), with no line terminators Hashc83b390d8a028b791b848b3c87d59dcc bd32a60713dc68f6267c216a267a88149acb6901 0d04681e96cd0eff6c2995bb8bf81cd22e417bb8c96c9290e2fc0f401b664071
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ultimate-elementor/assets/min-js/rvticker.min.js?ver=1.27.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 1336
x-frame-options: SAMEORIGIN
last-modified: Wed, 20 Apr 2022 20:03:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-js/jquery_twentytwenty.min.js?ver=1.27.2 | 88.99.90.21 | 200 OK | 806 B |
URL HTTP/2keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-js/jquery_twentytwenty.min.js?ver=1.27.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (2399), with no line terminators Hash96969f82c5c6d5bc40ca18b4cf61b783 ec869c1d315396468a080031d3454511711642cf 3f05b3c5f97437ed99f5b143ce4a8003e9d72de3fc3d35b35c32da0472b968a6
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ultimate-elementor/assets/min-js/jquery_twentytwenty.min.js?ver=1.27.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 806
x-frame-options: SAMEORIGIN
last-modified: Wed, 20 Apr 2022 20:03:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-js/jquery_event_move.min.js?ver=1.27.2 | 88.99.90.21 | 200 OK | 2.0 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-js/jquery_event_move.min.js?ver=1.27.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (5465), with no line terminators Hash96ef85898a01be73add3d0b4bc3600b0 c9623a854a8830690fb7577a403fb8ac4b7e4cdf 8085f6abe48f830dc3961de1e8f3c879a178a8da846d6b6ef6341297b99b51f1
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ultimate-elementor/assets/min-js/jquery_event_move.min.js?ver=1.27.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 2003
x-frame-options: SAMEORIGIN
last-modified: Wed, 20 Apr 2022 20:03:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/elementor/css/post-477.css?ver=1650987691 | 88.99.90.21 | 200 OK | 601 B |
URL HTTP/2keefort.com.ec/wp-content/uploads/elementor/css/post-477.css?ver=1650987691 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (2588), with no line terminators Hashd6906ffd8cc30ac79629a56cfb9bdf6e ba717ca75ff2d612bff45f9970849155a4a5e5df 8ba4e13612a0ec9c0cc6de12b24266d6c5a66b6f1731ea0110777712eeec00f5
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/uploads/elementor/css/post-477.css?ver=1650987691 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 601
x-frame-options: SAMEORIGIN
last-modified: Tue, 26 Apr 2022 15:41:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/Monkey_Toquilla-768x575.jpg | 88.99.90.21 | 200 OK | 33 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/Monkey_Toquilla-768x575.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 768x575, components 3\012- data Hash817d3a17d673ac99c97ad75425a75183 c7b512ac33ef6d07b2256f5024620d9216b6cf9d 442ce8cf86f0de3f067320ad606e8ad39d908c7e54db5c9fc2ec166f807d450d
GET /wp-content/uploads/2022/04/Monkey_Toquilla-768x575.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 33429
x-frame-options: SAMEORIGIN
last-modified: Thu, 21 Apr 2022 19:40:43 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.27.2 | 88.99.90.21 | 200 OK | 55 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.27.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (65536), with no line terminators Hash813c5559b8c2d302fd3de18e6bd28763 c3f48f5d4701e11bbff95bed5d672e37dcbbb426 8fb9857907d0d49a9f7ff741a7a54e032894bddb68167675d3070b176969154b
GET /wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.27.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: text/css
content-length: 54765
x-frame-options: SAMEORIGIN
last-modified: Wed, 20 Apr 2022 20:03:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 | 88.99.90.21 | 200 OK | 31 kB |
URL HTTP/2keefort.com.ec/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (65447) Hash9640915738503451aa21181699feab5b c053eaf36ef0da96619706b3abda326305063bd6 f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 30908
x-frame-options: SAMEORIGIN
last-modified: Tue, 20 Jul 2021 21:49:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/e-gallery/js/e-gallery.min.js?ver=1.2.0 | 88.99.90.21 | 200 OK | 4.6 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/e-gallery/js/e-gallery.min.js?ver=1.2.0 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (15310) Hashcb97a1bb1fb2f5c1ed82c6d224b7571f 5c1d84e20bec1f2e284df081fdc3441c68b7e5e2 ed7dedfbd4d5c99a553fd5d68931bbfa52fca1bfac227d3f8d6e94d16473f5e7
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/lib/e-gallery/js/e-gallery.min.js?ver=1.2.0 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 4609
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 | 88.99.90.21 | 200 OK | 5.0 kB |
URL HTTP/2keefort.com.ec/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (15660) Hashe6624e0b978e6ddba476be41aaaa82df 822e920d8233072110ed7c8a7f379e5b13209b18 dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 5009
x-frame-options: SAMEORIGIN
last-modified: Tue, 24 May 2022 20:28:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/porfile3.jpg | 88.99.90.21 | 200 OK | 37 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/porfile3.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 900x900, components 3\012- data Hash617e53cbe3133c79d7825352498cb594 0ed7182d6cc3c837aac3b520cb9b52a12b7e644b 6659342047757df8f09f1f2ee4f01a5aaa6e56e9031d9f4736a682d6f6695d43
GET /wp-content/uploads/2022/04/porfile3.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 37339
x-frame-options: SAMEORIGIN
last-modified: Fri, 22 Apr 2022 15:10:42 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/SIST1-1-1024x1024.jpg | 88.99.90.21 | 200 OK | 66 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/SIST1-1-1024x1024.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x1024, components 3\012- data Hash8611d742b252ef237874c045cf4c5b02 70ea7c84e54bb23de76a42ee0e2f1c51c4bceea5 36b128b8a40deb1485c6f6e15e77de80b5fbd9e7e8c4737019d8aaa218bca044
GET /wp-content/uploads/2022/04/SIST1-1-1024x1024.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 66036
x-frame-options: SAMEORIGIN
last-modified: Wed, 20 Apr 2022 18:00:34 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-includes/js/imagesloaded.min.js?ver=4.1.4 | 88.99.90.21 | 200 OK | 1.8 kB |
URL HTTP/2keefort.com.ec/wp-includes/js/imagesloaded.min.js?ver=4.1.4 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (5477) Hash951ae46ca55ec7b0e401e2074bdf8b54 64bbbdc28a351b26cab9c230e134ca8eb4d4f83e fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 1834
x-frame-options: SAMEORIGIN
last-modified: Sun, 14 Jun 2020 00:23:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/porfile1.jpg | 88.99.90.21 | 200 OK | 29 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/porfile1.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 900x900, components 3\012- data Hashe1f6de0869f4bb3889cb9d7d1dd2c213 2504f83b92482c013754093a0dfebe58e93c3605 c48fb2c3c2a69f91a025b10649619aac059df1de32e57f60c46bc6ea56e388a6
GET /wp-content/uploads/2022/04/porfile1.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 29317
x-frame-options: SAMEORIGIN
last-modified: Fri, 22 Apr 2022 14:28:08 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/lib/infinitescroll/jquery.infinitescroll.min.js?ver=1.27.2 | 88.99.90.21 | 200 OK | 12 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/ultimate-elementor/assets/lib/infinitescroll/jquery.infinitescroll.min.js?ver=1.27.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (21132), with no line terminators Hash7f295e629f2b5da7dc40b365a052f8b2 eebcd68b783c8caf27e23dd9e42cb09c576fcc44 f82a336cd04c8e77b0116f00b368ca6ea19cbf9688dd40ff4e463d57a1dba5bf
GET /wp-content/plugins/ultimate-elementor/assets/lib/infinitescroll/jquery.infinitescroll.min.js?ver=1.27.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 11956
x-frame-options: SAMEORIGIN
last-modified: Wed, 20 Apr 2022 20:03:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.5 | 88.99.90.21 | 200 OK | 1.9 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.5 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (6595), with no line terminators Hashc8ebb5b680f4fa05c2502a56875e03f7 96542e309834bb6dfddaf3d1efce6d75ceff5e18 76a0021ccb778baeadd50f182e2c4055a36527e1fc70341f82136a2e60eeb442
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.5 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 1895
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:43:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/porfile4.jpg | 88.99.90.21 | 200 OK | 28 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/porfile4.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 900x900, components 3\012- data Hash5d2c08202fc87182e571524cb59f6b88 59b12bd7fb68fb3a86196e017f1b8f313be175b1 4877b51ad8e8d20222bface223aaea81e2d40edb75f7a1b80241a2b41aedd984
GET /wp-content/uploads/2022/04/porfile4.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 27909
x-frame-options: SAMEORIGIN
last-modified: Fri, 22 Apr 2022 15:05:44 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.0.10 | 88.99.90.21 | 200 OK | 18 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.0.10 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeUnicode text, UTF-8 text, with very long lines (47304), with LF, NEL line terminators Hash90cc8c96fd88fe7f7916caf297a69f1d fb32f7836aedd995cdc9e8e3e121b1dd2a0a0335 90f39e0b647c6f23dd7bcb4859774adc1defa990196d2d286e001446e9b22f30
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.0.10 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 18084
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 | 88.99.90.21 | 200 OK | 6.9 kB |
URL HTTP/2keefort.com.ec/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeUnicode text, UTF-8 text, with very long lines (8189) Hash7e2b78a6e8a9b90385330755ee1cf3e5 684c325f39d45e42ae44a9e42f5e9fe4fb0b909c 43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 6914
x-frame-options: SAMEORIGIN
last-modified: Tue, 24 May 2022 20:28:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 | 88.99.90.21 | 200 OK | 3.5 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (10725) Hash7cfd02f91cb9e6033a4c4f712d90e6c7 b7da7a7aac93f699cb245b50b0c4449cad5036f2 397327e595ffa0aadde96cdac849edd1db5ef2f5a956f5e33876ce70f4d1ac26
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 3510
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/SIST2-1-1024x1024.jpg | 88.99.90.21 | 200 OK | 72 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/SIST2-1-1024x1024.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x1024, components 3\012- data Hashf105b849ad8184c6371905f888355b46 5615c5b374b4d1ed3c16a4343947013337ab96f4 b99cfbc9d9d4942e0c0a383ac9510dcd58b8b0f9e47f5db60702a529d529d756
GET /wp-content/uploads/2022/04/SIST2-1-1024x1024.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 71874
x-frame-options: SAMEORIGIN
last-modified: Wed, 20 Apr 2022 18:00:35 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 | 88.99.90.21 | 200 OK | 3.0 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (12198), with no line terminators Hashcfea3c51880820f2962a7773fbc864f9 45aa7ddc9b0c4201097d0df36791ab346470b734 12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 2993
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.5 | 88.99.90.21 | 200 OK | 42 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.5 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeUnicode text, UTF-8 text, with very long lines (39674), with LF, NEL line terminators Hashe3b2de77fc1d70f8455af1ba6b9b05cf 028add19566627b0e7ea644c6b921c5519562e00 0ce37a146378e4b7677250bacfdc3367e5eadb1538238d839200f0e26af42548
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.5 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 41648
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:43:33 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/logo_original_1000.gif | 88.99.90.21 | 200 OK | 63 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/logo_original_1000.gif IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeGIF image data, version 89a, 540 x 540\012- data Hash043983d167394579ced37280aa7eea19 0206c706da74b8c7a435b52d3f226e7ab85277ff 5500b01df9af5f469d8af0b781739a8e4c4929f2a2848964f5cd41c6021902b6
GET /wp-content/uploads/2022/04/logo_original_1000.gif HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/gif
content-length: 63099
x-frame-options: SAMEORIGIN
last-modified: Mon, 25 Apr 2022 17:32:02 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/SIST3-1-1024x1024.jpg | 88.99.90.21 | 200 OK | 82 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/SIST3-1-1024x1024.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x1024, components 3\012- data Hash3faaf3592fcd29fd7617c8458faff7ab 30ebb0442ed4c44e6c92ba23180b78a279cc58e6 7e616206895c805143782dae2806428d1bed59c096828c4532ee9a13e79182f8
GET /wp-content/uploads/2022/04/SIST3-1-1024x1024.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 82355
x-frame-options: SAMEORIGIN
last-modified: Wed, 20 Apr 2022 18:00:36 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.0.10 | 88.99.90.21 | 200 OK | 1.1 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.0.10 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (2638) Hash5ab573bc8bff73373b7a8c05cceb3e9f 34cca7e8751773a29fb4e6f5af3dd0a958f9b60b 827a8ed9594b0b4d02ae7be36062aff80a5bcd106244dbc00890400a6b675fea
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.0.10 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 1120
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 | 88.99.90.21 | 200 OK | 36 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (65280) Hashf2f239cb6e82311cd197aa5888632811 e2376a981fa3bf8e7e36e86b979f3a3ea6443d29 c4ceac2088d1b38f5263c50bdfb2e54ed643186248b3a81c5850214b55336e4d
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 35491
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.0.10 | 88.99.90.21 | 200 OK | 32 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.0.10 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeUnicode text, UTF-8 text, with very long lines (47239), with LF, NEL line terminators Hash84c5d15000542c761a81057c4fa44dd9 59315a8b33a2f7affe2cb9bd3d16b7a6903529d7 502c734a07c43d5392da7225bdb6e28aa520e2cf7808fde58a9209da7d6457d6
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.0.10 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 31706
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashe2875a9e06f892f0d4fa46c0f98a1c49 9c0e332f55a592367b602494642ee2127699b543 74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| keefort.com.ec/wp-content/uploads/2022/04/ban1.jpg | 88.99.90.21 | 200 OK | 92 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/ban1.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1067x443, components 3\012- data Hash1474f198b6d090c208648cd09733cc83 251e23da4990467ed4c1d95dd86f36ceed6ab4e6 08d0d990a16ed7ab299de714e0176fec50a8bd189de105eb635aa3b3b7931b80
GET /wp-content/uploads/2022/04/ban1.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/wp-content/uploads/elementor/css/post-7.css?ver=1664389330
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 91898
x-frame-options: SAMEORIGIN
last-modified: Wed, 27 Apr 2022 21:41:17 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/ban6.jpg | 88.99.90.21 | 200 OK | 88 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/ban6.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1067x443, components 3\012- data Hashb9a38549af0587178d65a94772017fd5 70ea9d6932b1b71678ec5c13810f5acc3da69473 ed40988562fb3ad0dece21f61441ae79bb05bbf892c54233606a483d2f4e8284
GET /wp-content/uploads/2022/04/ban6.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/wp-content/uploads/elementor/css/post-7.css?ver=1664389330
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 87712
x-frame-options: SAMEORIGIN
last-modified: Wed, 27 Apr 2022 21:41:19 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/ban4.jpg | 88.99.90.21 | 200 OK | 61 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/ban4.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1067x443, components 3\012- data Hash33bec1d6d2287195cf9e9d91c7cb6525 befd84a9fa6edff8ffac0b126edca10c0fce25e7 27ec25dc9b2028fb8c437091b9f4e62539ae06afd39a8683c01fd72bc4da4c3b
GET /wp-content/uploads/2022/04/ban4.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/wp-content/uploads/elementor/css/post-7.css?ver=1664389330
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 61304
x-frame-options: SAMEORIGIN
last-modified: Wed, 27 Apr 2022 21:41:19 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/ban2.jpg | 88.99.90.21 | 200 OK | 88 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/ban2.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1067x443, components 3\012- data Hashca84faf8446684b03e9631d865786bf4 06d9d5fbe63bf2af6b8012a1deffedda99cf0bd2 99436f8e37b0b4746d70e741d6516ce06f79e96af1e78992e9a9b26281f5bc5e
GET /wp-content/uploads/2022/04/ban2.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/wp-content/uploads/elementor/css/post-7.css?ver=1664389330
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 88269
x-frame-options: SAMEORIGIN
last-modified: Wed, 27 Apr 2022 21:41:20 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/ban3.jpg | 88.99.90.21 | 200 OK | 78 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/ban3.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1068x443, components 3\012- data Hash25350905f23b1bee2867e271f1489439 d055d0c6d9a735286576d867ad4c3e830034dd88 5695403936593a08505da1f76355581df291e2416734735e7d3b4df29c8a7539
GET /wp-content/uploads/2022/04/ban3.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/wp-content/uploads/elementor/css/post-7.css?ver=1664389330
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 77514
x-frame-options: SAMEORIGIN
last-modified: Wed, 27 Apr 2022 21:41:20 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/ban5.jpg | 88.99.90.21 | 200 OK | 66 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/ban5.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1067x443, components 3\012- data Hash29631b3e0c75e5e7c00c8cf8f20b161d d89f7c93b098aed96e1dc0a7e0d2c8e18bb82a3b 2e8670997078322cdfb9e0488c85c0463b1eae0fdc912eeddace92c62be769c6
GET /wp-content/uploads/2022/04/ban5.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/wp-content/uploads/elementor/css/post-7.css?ver=1664389330
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 66349
x-frame-options: SAMEORIGIN
last-modified: Wed, 27 Apr 2022 21:41:18 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.9.1 | 88.99.90.21 | 200 OK | 84 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.9.1 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeWeb Open Font Format (Version 2), TrueType, length 84384, version 1.0\012- data Hash39c01512d658d563a264041101fc48cf d58f4484f3d5ce3179766030978e26c1ce805f96 592ae329d50413fb8f61112a94ac638ee7e1dd07ce079b660bf9ab1fd5d49b31
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.9.1 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://keefort.com.ec/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: font/woff2
content-length: 84384
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashfc82211401f793132f7d43c2fd253af5 605d8371709b5d2a41967fd390c34fa649f89ea3 b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 | 88.99.90.21 | 200 OK | 14 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeWeb Open Font Format (Version 2), TrueType, length 13576, version 330.-16253\012- data Hash9efb86976bd53e159166c12365f61e25 830f8653e5f4a5331ac0b47c5701f65fe9f1bb32 86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.12.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: font/woff2
content-length: 13576
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 | 88.99.90.21 | 200 OK | 76 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeWeb Open Font Format (Version 2), TrueType, length 76084, version 330.-16253\012- data Hashf6121be597a72928f54e7ab5b95512a1 b2c74520c3f506efbfefca867918e5ae28bd5222 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.12.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: font/woff2
content-length: 76084
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 | 88.99.90.21 | 200 OK | 76 kB |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeWeb Open Font Format (Version 2), TrueType, length 75936, version 330.-16253\012- data Hash822d94f19fe57477865209e1242a3c63 f356aa2e4d9b7245985d312d3bfba180f774e3b7 8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://keefort.com.ec/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.12.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: font/woff2
content-length: 75936
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:32:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashfc82211401f793132f7d43c2fd253af5 605d8371709b5d2a41967fd390c34fa649f89ea3 b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 | 142.250.74.163 | 200 OK | 19 kB |
URL HTTP/2fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data Hash19007b17e56daa60133bce9e9b352a95 bac1384caeae5762e7a1d8c18037f69c8cd21bc4 fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://keefort.com.ec
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:03:17 GMT
expires: Tue, 26 Sep 2023 20:03:17 GMT
cache-control: public, max-age=31536000
age: 166741
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15764, version 1.0\012- data Hash603b8950590bf833546eee7cbc79944a ebbde06eb829868c5f689afe2d48377608be1e7b 0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
GET /s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://keefort.com.ec
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:40:20 GMT
expires: Thu, 21 Sep 2023 19:40:20 GMT
cache-control: public, max-age=31536000
age: 600118
last-modified: Wed, 11 May 2022 19:24:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashfc82211401f793132f7d43c2fd253af5 605d8371709b5d2a41967fd390c34fa649f89ea3 b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://keefort.com.ec
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 18:14:12 GMT
expires: Mon, 25 Sep 2023 18:14:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 259686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 | 88.99.90.21 | 200 OK | 472 B |
URL HTTP/2keefort.com.ec/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
Hasheb2f3cc13b8ab763c5f346d6fc23054d 1768cc61721a6a6624c1ccbf2c874342f53abd99 3faee940dd222a051862bc2a4e090ecd2cc1f2ead8b1a5c84e10241f31461c5f
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: application/javascript
content-length: 7157
x-frame-options: SAMEORIGIN
last-modified: Mon, 10 Jan 2022 20:43:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashfc82211401f793132f7d43c2fd253af5 605d8371709b5d2a41967fd390c34fa649f89ea3 b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://keefort.com.ec
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 600490
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2 | 142.250.74.163 | 200 OK | 29 kB |
URL HTTP/2fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 29436, version 1.0\012- data Hash4e29aceac72b453671f585e88f69c24a 35115af67eca17e02698954f1533b69515ecbbf9 b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699
GET /s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://keefort.com.ec
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 06:29:51 GMT
expires: Fri, 22 Sep 2023 06:29:51 GMT
cache-control: public, max-age=31536000
age: 561147
last-modified: Mon, 11 Jul 2022 20:56:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/04/kf-logs-8.png | 88.99.90.21 | 200 OK | 11 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/kf-logs-8.png IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typePNG image data, 737 x 693, 8-bit colormap, non-interlaced\012- data Hash80e82993d48ae633aa504dc63db84d50 4228c5b43595f3e81b56c99aa03eb8b38cb99c13 bd5fc7ff5e6166653259ab940e0eea1811a78ef5e37cfbfaeca229ffadb358a1
GET /wp-content/uploads/2022/04/kf-logs-8.png HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/png
content-length: 10876
x-frame-options: SAMEORIGIN
last-modified: Thu, 21 Apr 2022 14:17:05 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/redhatdisplay/v14/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 | 142.250.74.163 | 200 OK | 29 kB |
URL HTTP/2fonts.gstatic.com/s/redhatdisplay/v14/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 28964, version 1.0\012- data Hash4b9f3c6c8298eda8f3d47b63aa300277 7ced89a14b86a7ba68a3c91af1d0741132fddaff 1dbe80d2c777c173f7f7b2fe368fbdd6b3de977c9e02548b03d15cc441a80a69
GET /s/redhatdisplay/v14/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://keefort.com.ec
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 22:14:34 GMT
expires: Tue, 26 Sep 2023 22:14:34 GMT
cache-control: public, max-age=31536000
age: 158864
last-modified: Mon, 15 Aug 2022 17:54:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/09/KF-LOGO_1-1-1024x1024.jpg | 88.99.90.21 | 200 OK | 215 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/09/KF-LOGO_1-1-1024x1024.jpg IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x1024, components 3\012- data Size215 kB (215411 bytes) Hashe5006a8eefecc0a98d48a88bc2da8d07 c691f39b66ca8154d991907c180bf7a1004a1b75 f54de2b18ecd9dd1fd37116b97818f3892189e55287fc57616013c72c20123f2
GET /wp-content/uploads/2022/09/KF-LOGO_1-1-1024x1024.jpg HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/jpeg
content-length: 215411
x-frame-options: SAMEORIGIN
last-modified: Wed, 28 Sep 2022 14:56:28 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/racingsansone/v13/sykr-yRtm7EvTrXNxkv5jfKKyDCAKHDn.woff2 | 142.250.74.163 | 200 OK | 22 kB |
URL HTTP/2fonts.gstatic.com/s/racingsansone/v13/sykr-yRtm7EvTrXNxkv5jfKKyDCAKHDn.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 21808, version 1.0\012- data Hash7310cea5631533dd1d4de6f53a35ee44 834e4ad53f2574b4fd9ee7af4a6c8f5f5f8f585b ff62fbe5cd16b3b5530b055525079a7e4348d4295f8262e52546ec154bdcc8b7
GET /s/racingsansone/v13/sykr-yRtm7EvTrXNxkv5jfKKyDCAKHDn.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://keefort.com.ec
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21808
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 00:51:02 GMT
expires: Fri, 22 Sep 2023 00:51:02 GMT
cache-control: public, max-age=31536000
age: 581476
last-modified: Wed, 27 Apr 2022 16:30:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hasheb2f3cc13b8ab763c5f346d6fc23054d 1768cc61721a6a6624c1ccbf2c874342f53abd99 3faee940dd222a051862bc2a4e090ecd2cc1f2ead8b1a5c84e10241f31461c5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| keefort.com.ec/wp-content/uploads/2022/01/favicon-300x300.png | 88.99.90.21 | 200 OK | 16 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/01/favicon-300x300.png IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data Hash92f868a79c6e404b87b1757b72927ed5 9321c17a27566a7490446ee84b0f5fbd69f636bd 8465a09a6dd4efbbd2ab579e9f401b315760b874cae1651915847d0639111855
GET /wp-content/uploads/2022/01/favicon-300x300.png HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/png
content-length: 16165
x-frame-options: SAMEORIGIN
last-modified: Tue, 11 Jan 2022 19:09:54 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/wp-content/uploads/2022/01/favicon-150x150.png | 88.99.90.21 | 200 OK | 7.2 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/01/favicon-150x150.png IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typePNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Hash71d4855577fd0931936df89dbb03ce5f 3ca8b32a0d713652accd974836f029efab591705 dce25703c78daab9e2237c15d666d524972bfc5257c59c6b2020f0a2b71b6416
GET /wp-content/uploads/2022/01/favicon-150x150.png HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/png
content-length: 7152
x-frame-options: SAMEORIGIN
last-modified: Tue, 11 Jan 2022 19:09:54 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashbe52dbe2d47697a7f007d69c486b77b4 fe445ea87749e97423e7865bc559ad78f672a62d 65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash7f6c1bbbde940ad17ceda150b7b1664d 7273da22f182d9540784068537cc678ec27800d3 4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4364fa358f76c1635458dab5d598f857 d15fc7359711b1651235fa1be66accc03fe26c1c 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5188
Expires: Wed, 28 Sep 2022 19:48:47 GMT
Date: Wed, 28 Sep 2022 18:22:19 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4364fa358f76c1635458dab5d598f857 d15fc7359711b1651235fa1be66accc03fe26c1c 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5188
Expires: Wed, 28 Sep 2022 19:48:47 GMT
Date: Wed, 28 Sep 2022 18:22:19 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4364fa358f76c1635458dab5d598f857 d15fc7359711b1651235fa1be66accc03fe26c1c 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5188
Expires: Wed, 28 Sep 2022 19:48:47 GMT
Date: Wed, 28 Sep 2022 18:22:19 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4364fa358f76c1635458dab5d598f857 d15fc7359711b1651235fa1be66accc03fe26c1c 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5188
Expires: Wed, 28 Sep 2022 19:48:47 GMT
Date: Wed, 28 Sep 2022 18:22:19 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4364fa358f76c1635458dab5d598f857 d15fc7359711b1651235fa1be66accc03fe26c1c 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5188
Expires: Wed, 28 Sep 2022 19:48:47 GMT
Date: Wed, 28 Sep 2022 18:22:19 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6139c878a7d2bd32c61fc8287996eb5b 9c4692ea64832895fbd107d91f879728b6a440c7 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 74001
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash62e68c3cd08dd94d910507512a67e85f 3d4fa8701f17e8818c25584ef5f04bfbee8440cd 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:39:01 GMT
age: 74598
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4b794c6812cb546de0295e087ebe66a7 a54803cca7d3c509c195f65961e1110c8ec56f55 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 74021
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashea3890e460356d6ecc3ba4e405ac2e9e b383135e2ebc23fe80eb0d594b198cb8c89327a5 8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yprErfM7s7P7jJPJT-HQZ2Z_AAN4946Tjwyn1g4r7yiA6IF0yLdQTQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 05:22:11 GMT
age: 46808
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashad84ed0c5b2090df7996007514cf1984 651600f2ef18cecc2e38370069bbb5e1d86f68e0 a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 73935
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png | 34.120.237.76 | 200 OK | 14 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashaa5cad224dbddd71881bd07255beb4da bc214d60be395d4cf753216ff8f9691c33d25e75 82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 74176
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 366621
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:48:31 GMT
expires: Sat, 23 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 495228
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6b7324a1c5e2da0a6abe72001c8b37fe 1538cb7c20c9fd164dd1e610b6fd1227a06e31d3 7247eec98a236f82a0eaf6bdafa8a0c25023c0b8b86832a44cfcdc52aafeafa3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6ab8b69fade235ccf1a15d2cac6dd95e 37c426c0e6940920c4478855c6bb610731edd316 025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.doubleclick.net/instream/ad_status.js | 216.58.207.230 | 200 OK | 29 B |
URL HTTP/2static.doubleclick.net/instream/ad_status.js IP216.58.207.230:0
Hash1fa71744db23d0f8df9cce6719defcb7 e4be9b7136697942a036f97cf26ebaf703ad2067 eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 18:18:02 GMT
expires: Wed, 28 Sep 2022 18:33:02 GMT
cache-control: public, max-age=900
age: 257
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| googleads.g.doubleclick.net/pagead/id | 142.250.74.98 | 302 Found | 0 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/id IP142.250.74.98:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 28 Sep 2022 18:22:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash11b1f146fa6fa4a88b1efc65b548fb73 f3f12e14f8f66a2e7c43015c394af199e4a94e06 74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash11b1f146fa6fa4a88b1efc65b548fb73 f3f12e14f8f66a2e7c43015c394af199e4a94e06 74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.106:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 28 Sep 2022 18:22:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6ab8b69fade235ccf1a15d2cac6dd95e 37c426c0e6940920c4478855c6bb610731edd316 025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.youtube.com/iframe_api | 142.250.74.174 | 200 OK | 29 kB |
URL HTTP/2www.youtube.com/iframe_api IP142.250.74.174:0
File typeASCII text, with very long lines (509) Hash8e0c15df4b4d4134ea94fc8d93ea5f9f bc08a2e00d4e4d9a00cc57abd7ba4ab8ffb7ac0c 82a135967446b10940b5d11e595dfb2a1d3e856582de23224a4efb24f8acdf2b
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Wed, 28 Sep 2022 18:22:18 GMT
date: Wed, 28 Sep 2022 18:22:18 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=amiNooGRNtg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=OAAjtj_5pz0; Domain=.youtube.com; Expires=Mon, 27-Mar-2023 18:22:18 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+974; expires=Fri, 27-Sep-2024 18:22:18 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5e01e4cfb215a3f052b4c716bc77c1a6 6e63b3e883051319571310c44b87591f0312d83f aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash5be6f8def8b013c735911758dc3f60f0 9ad67fc687b291e3a3b98dfda0c93390d031cd33 67a5ea09db0ff6ee0f9d9feaf41d72299ceced1f4a8c5d8f7bc5e182e32a0d9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js | 142.250.74.164 | 200 OK | 14 kB |
URL HTTP/2www.google.com/js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js IP142.250.74.164:0
File typeASCII text, with very long lines (35947) Hashe50215251e55ca26c783e2e9b382e4a9 80a0845ea0b8569e6b04532c7f958ba759b4f207 85041f26f46486b46c2b91fa99da2e214250de0ec79a3c6edb94c73f7fc9243f
GET /js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14149
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 07:45:40 GMT
expires: Mon, 25 Sep 2023 07:45:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 15:00:00 GMT
content-type: text/javascript
age: 297399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.106 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.106:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hashb244a122fdbf8975203c9fbe71ea6ca5 ed6d94e5f9eaf30cf1a704f76ea19f2a62247a65 29e288c321591d840cf48f46a9e77c770403f11f950ca6e4b970c65501dd3e88
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 28 Sep 2022 18:22:19 GMT
server: ESF
cache-control: private
content-length: 30723
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash11b1f146fa6fa4a88b1efc65b548fb73 f3f12e14f8f66a2e7c43015c394af199e4a94e06 74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| keefort.com.ec/wp-content/uploads/2022/04/22-768x576.png | 88.99.90.21 | 200 OK | 184 kB |
URL HTTP/2keefort.com.ec/wp-content/uploads/2022/04/22-768x576.png IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size184 kB (184100 bytes) Hash874af2684b0813c4a81194283f968aaa 3bfd257b58c50d0181e76641a2254ab47d22c491 d8810b9e6cb32490f33637e35e311cd1a8e3d74f7a81fb40cb467f4a6f1280c7
GET /wp-content/uploads/2022/04/22-768x576.png HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:17 GMT
content-type: image/png
content-length: 757446
x-frame-options: SAMEORIGIN
last-modified: Wed, 20 Apr 2022 20:18:01 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashd82a474dbb7f66ba5b1f0021fd2a0d30 c6da00410a9fa18014a9c704eaa4720409c26896 d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash5be6f8def8b013c735911758dc3f60f0 9ad67fc687b291e3a3b98dfda0c93390d031cd33 67a5ea09db0ff6ee0f9d9feaf41d72299ceced1f4a8c5d8f7bc5e182e32a0d9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6e67a273cf654ce424c0e887c404a926 9570d52f9eabad77312b46f4d8bb5c3cb27d3c6f 2a0296addab707b4c7835cf4392e656714a320264f6102f0e6cb9bdfc7fce857
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6e67a273cf654ce424c0e887c404a926 9570d52f9eabad77312b46f4d8bb5c3cb27d3c6f 2a0296addab707b4c7835cf4392e656714a320264f6102f0e6cb9bdfc7fce857
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&mh=xc&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1440000&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&mt=1664388604&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAJRkm9FdZIRbER5jasDOV4or76qw3Q-4WU0PtWKJ5xN2AiBviTBTqDgRC8M90bTc5InhpYtt5osW7ddIMiPx5rrkTA%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&range=0-465&rn=1&rbuf=0 | 91.90.45.172 | 200 OK | 1.1 kB |
URL HTTP/1.1rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&mh=xc&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1440000&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&mt=1664388604&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAJRkm9FdZIRbER5jasDOV4or76qw3Q-4WU0PtWKJ5xN2AiBviTBTqDgRC8M90bTc5InhpYtt5osW7ddIMiPx5rrkTA%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&range=0-465&rn=1&rbuf=0 IP91.90.45.172:0 ASN#50304 Blix Solutions AS
File typeASCII text, with very long lines (1114), with no line terminators Hashc35dc9dbbb0d49833e30ec74d00cef93 c79623da83057dda8ff9e127c4255c2f0f964959 bfb8e9e21849ce48da9c2b5e3ea2adf447c01b1457dcb11dc9ccbf837fdc1458
GET /videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&mh=xc&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1440000&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&mt=1664388604&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAJRkm9FdZIRbER5jasDOV4or76qw3Q-4WU0PtWKJ5xN2AiBviTBTqDgRC8M90bTc5InhpYtt5osW7ddIMiPx5rrkTA%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&range=0-465&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 28 Sep 2022 18:22:20 GMT
Expires: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1114
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&mh=xc&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1440000&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&mt=1664388604&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAJRkm9FdZIRbER5jasDOV4or76qw3Q-4WU0PtWKJ5xN2AiBviTBTqDgRC8M90bTc5InhpYtt5osW7ddIMiPx5rrkTA%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&range=0-383&rn=2&rbuf=0 | 91.90.45.172 | 200 OK | 1.0 kB |
URL HTTP/1.1rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&mh=xc&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1440000&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&mt=1664388604&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAJRkm9FdZIRbER5jasDOV4or76qw3Q-4WU0PtWKJ5xN2AiBviTBTqDgRC8M90bTc5InhpYtt5osW7ddIMiPx5rrkTA%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&range=0-383&rn=2&rbuf=0 IP91.90.45.172:0 ASN#50304 Blix Solutions AS
File typeASCII text, with very long lines (1011), with no line terminators Hashb31ec8485b26a2202da083e63383ed3d a9b6d4f24d93a97f12e861878ecccd02fa3885f3 9a50acbe7e08ad67b638bc74d5cabdd7aa80bbfc8f7663671a46733489b505e3
GET /videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&mh=xc&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1440000&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&mt=1664388604&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAJRkm9FdZIRbER5jasDOV4or76qw3Q-4WU0PtWKJ5xN2AiBviTBTqDgRC8M90bTc5InhpYtt5osW7ddIMiPx5rrkTA%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&range=0-383&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 28 Sep 2022 18:22:20 GMT
Expires: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1011
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6e67a273cf654ce424c0e887c404a926 9570d52f9eabad77312b46f4d8bb5c3cb27d3c6f 2a0296addab707b4c7835cf4392e656714a320264f6102f0e6cb9bdfc7fce857
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 28 Sep 2022 18:22:20 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash01ef80f37d0fde22def99efdcc772bb7 cefdedbe92b84c3e964d7b6babea513b96697b56 5e9fad4127c2635746772004a939504cc3f2e26d17efb6e58af49eea268db9e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash01ef80f37d0fde22def99efdcc772bb7 cefdedbe92b84c3e964d7b6babea513b96697b56 5e9fad4127c2635746772004a939504cc3f2e26d17efb6e58af49eea268db9e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | 200 OK | 114 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:0
File typeJSON data\012- , ASCII text, with no line terminators Hash235417f36053d449906cf9c612572f05 9cfd810fc25a77a222aee733e243a60557d3faae 086bbc16d99fcf31b777d003b3eb79c799c5b8399edbc43ccc10a92b700022a8
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1226
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 28 Sep 2022 18:22:20 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=xc&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1664389094&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKZCeD6rjxFcHxdi_94G8dbWCjzi8WCrBf-HZyBCzOccAiANGqMyA8DwQUcLWu8PxGmqMNV6uvi4Lj7ayepY0gz19g%3D%3D&range=0-465&rn=3&rbuf=0 | 74.125.111.70 | 200 OK | 1.1 kB |
URL HTTP/1.1rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=xc&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1664389094&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKZCeD6rjxFcHxdi_94G8dbWCjzi8WCrBf-HZyBCzOccAiANGqMyA8DwQUcLWu8PxGmqMNV6uvi4Lj7ayepY0gz19g%3D%3D&range=0-465&rn=3&rbuf=0 IP74.125.111.70:0
File typeASCII text, with very long lines (1117), with no line terminators Hasheb871b7827a34305ffd225535c6cbe3d 9cd46a9cae39a67ed84292e5246e8efa64b248a8 1095f64cb194ddb513e48b60bab416442fd8695be9f49377b20b7f539ee4fa7a
GET /videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=xc&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1664389094&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKZCeD6rjxFcHxdi_94G8dbWCjzi8WCrBf-HZyBCzOccAiANGqMyA8DwQUcLWu8PxGmqMNV6uvi4Lj7ayepY0gz19g%3D%3D&range=0-465&rn=3&rbuf=0 HTTP/1.1
Host: rr1---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 28 Sep 2022 18:22:20 GMT
Expires: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1117
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=xc&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1664389094&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIga0gxYsfKh6n6OO15lvVe52_HOsApmIlTjuYnhRM91lMCIHV2Kro-wJr6PKtbjJPXOchSCcHNrmVSrsIxqWrPOKqF&range=0-383&rn=4&rbuf=0 | 74.125.111.70 | 200 OK | 1.0 kB |
URL HTTP/1.1rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=xc&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1664389094&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIga0gxYsfKh6n6OO15lvVe52_HOsApmIlTjuYnhRM91lMCIHV2Kro-wJr6PKtbjJPXOchSCcHNrmVSrsIxqWrPOKqF&range=0-383&rn=4&rbuf=0 IP74.125.111.70:0
File typeASCII text, with very long lines (1021), with no line terminators Hashf56cd6281dbad6ec690f8e35d2119c97 54650e725b10a9ce18b92ba7055e7213280f6bd2 8e4a5bd8ad48e5a61a17e80e1b01d4806351c7d8c163369ab59d7235d7eb7a56
GET /videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=xc&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1664389094&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIga0gxYsfKh6n6OO15lvVe52_HOsApmIlTjuYnhRM91lMCIHV2Kro-wJr6PKtbjJPXOchSCcHNrmVSrsIxqWrPOKqF&range=0-383&rn=4&rbuf=0 HTTP/1.1
Host: rr1---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 28 Sep 2022 18:22:20 GMT
Expires: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1021
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash01ef80f37d0fde22def99efdcc772bb7 cefdedbe92b84c3e964d7b6babea513b96697b56 5e9fad4127c2635746772004a939504cc3f2e26d17efb6e58af49eea268db9e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=xc&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1664389094&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgfSdDw4jCBLeqiBLc7DmTpHj24bp_YgfVeATrB469VkcCIBEeN3Hmv6Y7LjSJ2BOaueH8VGdh5rkKI5YHzNnXPOUc&range=0-465&rn=7&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= | 74.125.111.70 | 200 OK | 1.3 kB |
URL HTTP/1.1rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=xc&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1664389094&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgfSdDw4jCBLeqiBLc7DmTpHj24bp_YgfVeATrB469VkcCIBEeN3Hmv6Y7LjSJ2BOaueH8VGdh5rkKI5YHzNnXPOUc&range=0-465&rn=7&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= IP74.125.111.70:0
File typeASCII text, with very long lines (1262), with no line terminators Hash56d10f692f7be24740455e4b76797802 eeb27fd6fa2e358ba485c463a71ed41547011a50 ffece72c793e8a3726ce4f7b150f2f41eaad0cc1dc6605ac41ce085319d3e7b4
GET /videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=xc&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1664389094&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgfSdDw4jCBLeqiBLc7DmTpHj24bp_YgfVeATrB469VkcCIBEeN3Hmv6Y7LjSJ2BOaueH8VGdh5rkKI5YHzNnXPOUc&range=0-465&rn=7&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= HTTP/1.1
Host: rr1---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 28 Sep 2022 18:22:20 GMT
Expires: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1262
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| yt3.ggpht.com/GtDFTpofl0vTOD6YjGj45IxyYRZwYBFVSGP751pOoCH-_eDgOylJPIDTrdo9O8BoMCOwemHB=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 3.1 kB |
URL HTTP/2yt3.ggpht.com/GtDFTpofl0vTOD6YjGj45IxyYRZwYBFVSGP751pOoCH-_eDgOylJPIDTrdo9O8BoMCOwemHB=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data Hashaafceb6238ef18971f4ebc1ba83bb343 4ce7fb9cb8c32c197f349e2cba5a10acb34d3640 c2d214e398ab73b505db77275aa204ab8c11b4ff0e19bcc945d15f17351c7a2b
GET /GtDFTpofl0vTOD6YjGj45IxyYRZwYBFVSGP751pOoCH-_eDgOylJPIDTrdo9O8BoMCOwemHB=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Thu, 29 Sep 2022 18:22:20 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:22:20 GMT
server: fife
content-length: 3143
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashd82a474dbb7f66ba5b1f0021fd2a0d30 c6da00410a9fa18014a9c704eaa4720409c26896 d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr1---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=xc&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1664389056&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSPgU4JfXKR1Ofo6FRwZQMHvZdu8OVI3oV1AwCXdxgfgCIDXwCkKxs1jOAfuQnu_KJb8HTcB0kTUv5TZ6UdNrqBew&range=0-383&rn=6&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= | 74.125.8.102 | 200 OK | 384 B |
URL HTTP/1.1rr1---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=xc&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1664389056&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSPgU4JfXKR1Ofo6FRwZQMHvZdu8OVI3oV1AwCXdxgfgCIDXwCkKxs1jOAfuQnu_KJb8HTcB0kTUv5TZ6UdNrqBew&range=0-383&rn=6&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= IP74.125.8.102:0
File typeWebM\012- EBML file, creator webmB\20\012- data Hashdde02572c17260ce54164929af14cff2 8b2beecbac8f7f881cda4ddcc5730c2703f89e22 9178bcae59bf38569126586755457d6709347213ae3a6b002259fb6f5a1975bb
GET /videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=xc&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1664389056&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSPgU4JfXKR1Ofo6FRwZQMHvZdu8OVI3oV1AwCXdxgfgCIDXwCkKxs1jOAfuQnu_KJb8HTcB0kTUv5TZ6UdNrqBew&range=0-383&rn=6&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= HTTP/1.1
Host: rr1---sn-5hne6nzs.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 17 Mar 2022 21:49:41 GMT
Content-Type: audio/webm
Date: Wed, 28 Sep 2022 18:22:20 GMT
Expires: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 384
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr1---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=xc&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1664389056&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSEWRq8k7Fn9d3tNn_MX1zN7nmVe0LbRfMPE2NcmIe1ECIH0QfkukYWDx5300aFQpswebBADQMz0zJ6cpxG7jB-F6&range=0-465&rn=8&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= | 74.125.8.102 | 200 OK | 466 B |
URL HTTP/1.1rr1---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=xc&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1664389056&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSEWRq8k7Fn9d3tNn_MX1zN7nmVe0LbRfMPE2NcmIe1ECIH0QfkukYWDx5300aFQpswebBADQMz0zJ6cpxG7jB-F6&range=0-465&rn=8&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= IP74.125.8.102:0
File typeWebM\012- EBML file, creator webmB\20\012- data Hash2931e612d1a5a7198300b82508743d92 f2806afb3d19e54b69119e1e647003ee086f3c20 963e597019d84338687396bbd4908b308b61b211824addaaf3f943bfdf95a23f
GET /videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=video%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=8522443&dur=79.453&lmt=1647553813622525&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6219224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAK6bXGXkKpsHApmfQ1sNt4BJx4dUdvqVaAY0d7UYQ2nxAiBKt0w0RmRBgRk0_a2kWyQpTGrz8kGrE8GS2s4vIv-VOw%3D%3D&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=xc&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1664389056&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSEWRq8k7Fn9d3tNn_MX1zN7nmVe0LbRfMPE2NcmIe1ECIH0QfkukYWDx5300aFQpswebBADQMz0zJ6cpxG7jB-F6&range=0-465&rn=8&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= HTTP/1.1
Host: rr1---sn-5hne6nzs.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 17 Mar 2022 21:50:13 GMT
Content-Type: video/webm
Date: Wed, 28 Sep 2022 18:22:20 GMT
Expires: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 466
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| yt3.ggpht.com/GtDFTpofl0vTOD6YjGj45IxyYRZwYBFVSGP751pOoCH-_eDgOylJPIDTrdo9O8BoMCOwemHB=s88-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 4.3 kB |
URL HTTP/2yt3.ggpht.com/GtDFTpofl0vTOD6YjGj45IxyYRZwYBFVSGP751pOoCH-_eDgOylJPIDTrdo9O8BoMCOwemHB=s88-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 88x88, components 3\012- data Hash01bf177000cf8bc6eebc125e916be624 9f51af46d7372d9fd8b09db58b0f78b7e366df6e 57747417dce8552ebe89046cd68ea97fd201e411efb6bd59c9642eb990923c68
GET /GtDFTpofl0vTOD6YjGj45IxyYRZwYBFVSGP751pOoCH-_eDgOylJPIDTrdo9O8BoMCOwemHB=s88-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Thu, 29 Sep 2022 18:22:20 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:22:20 GMT
server: fife
content-length: 4268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| rr1---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=xc&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1664389056&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSPgU4JfXKR1Ofo6FRwZQMHvZdu8OVI3oV1AwCXdxgfgCIDXwCkKxs1jOAfuQnu_KJb8HTcB0kTUv5TZ6UdNrqBew&range=384-36238&rn=9&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= | 74.125.8.102 | 200 OK | 36 kB |
URL HTTP/1.1rr1---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=xc&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1664389056&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSPgU4JfXKR1Ofo6FRwZQMHvZdu8OVI3oV1AwCXdxgfgCIDXwCkKxs1jOAfuQnu_KJb8HTcB0kTUv5TZ6UdNrqBew&range=384-36238&rn=9&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= IP74.125.8.102:0
Hash8541eab0469db4414e3f1cfb06679eeb 03397f94d0f436b42ad96d008fd18275f1d89a8b b917a27cb0b7e72be32ab2f2dd41ff3d85c31485eb4b01e7fa5cdeea3493299e
GET /videoplayback?expire=1664410940&ei=25A0Y4umOe2Dv_IP1-WeWA&ip=91.90.42.154&id=o-AKhuVi1QrMzPF8cBSNL1uxFws2jWV0jjmGXvPH08iYAL&itag=250&source=youtube&requiressl=yes&spc=yR2vp7YOXJSAkkeGz_cwmkuFQZ3Dl3g&vprv=1&mime=audio%2Fwebm&ns=skD5Q4OoT7SdLzFZP8vfo14I&gir=yes&clen=36239&dur=79.481&lmt=1647553781505738&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6218224&n=xRziB_-VPpJJgQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcGyWWeXAoZbPc3VU_x_9awzZ6GIq1mPIzYDJPfPm54QCICncyLRZhf7eGTRD4Dm8-c4JDq_TmjuVFBBBpiG9EW7q&alr=yes&cpn=Ry1wLfGFnNE8oAtK&cver=1.20220925.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=xc&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1664389056&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSPgU4JfXKR1Ofo6FRwZQMHvZdu8OVI3oV1AwCXdxgfgCIDXwCkKxs1jOAfuQnu_KJb8HTcB0kTUv5TZ6UdNrqBew&range=384-36238&rn=9&rbuf=0&pot=D4JPPzzEzGKMgnRLpkrJ-pqvUQP5-_t7hJTol3RNoNz5J_mhXf_VQJt-NvEfiJi6e-x3aJKy8xEZVaHhhxNes9q2cOk_V1vlaP24dg6wwAoamlPH7aaluvQ1CmOtyjJ6FU4ZvXbg0mk= HTTP/1.1
Host: rr1---sn-5hne6nzs.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 17 Mar 2022 21:49:41 GMT
Content-Type: audio/webm
Date: Wed, 28 Sep 2022 18:22:20 GMT
Expires: Wed, 28 Sep 2022 18:22:20 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 35855
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash59163c799f3d48e74abdd285ee615119 883e61d46ef6c09013724aa7b8f560272ee08574 e1bafc575ff4274b210bee481a8e73c065de5bc14ddf46c269ef91eda0df8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8621
x-amzn-requestid: 5a828651-41c2-4aa0-931d-6522098a8438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASUWEYvIAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffdb5-5ace75523a98a9237fabca8f;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:05:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2a-Ip86QEcmn31zRYLuD9dtCXduTOd0OZO0JdpfbTvJK7Z7wRGxEaQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:21:35 GMT
age: 72050
etag: "883e61d46ef6c09013724aa7b8f560272ee08574"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| keefort.com.ec/ | 88.99.90.21 | 200 OK | 0 B |
IP88.99.90.21:0 ASN#24940 Hetzner Online GmbH
Analyzer | Verdict | Alert | fortinet | Malware | |
GET / HTTP/1.1
Host: keefort.com.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:16 GMT
content-type: text/html; charset=UTF-8
link: <https://keefort.com.ec/wp-json/>; rel="https://api.w.org/", <https://keefort.com.ec/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://keefort.com.ec/>; rel=shortlink
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| s.w.org/images/core/emoji/14.0.0/svg/1f60d.svg | 192.0.77.48 | 200 OK | 0 B |
URL HTTP/2s.w.org/images/core/emoji/14.0.0/svg/1f60d.svg IP192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f60d.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:22:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Questrial%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRed+Hat+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDosis%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRacing+Sans+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.0.2 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Questrial%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRed+Hat+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDosis%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRacing+Sans+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.0.2 IP142.250.74.10:0
GET /css?family=Questrial%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRed+Hat+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDosis%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRacing+Sans+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://keefort.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 18:22:18 GMT
date: Wed, 28 Sep 2022 18:22:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|