lp.bima-up.live/seribu-jadi-5-juta/?cep=13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn&lptoken=161c746b42858171065c
35.202.21.90301 Moved Permanently 166 B URL HTTP/1.1 lp.bima-up.live/seribu-jadi-5-juta/?cep=13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn&lptoken=161c746b42858171065c
IP 35.202.21.90:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /seribu-jadi-5-juta/?cep=13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn&lptoken=161c746b42858171065c HTTP/1.1
Host: lp.bima-up.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 22 Jan 2023 22:25:24 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://lp.bima-up.live/seribu-jadi-5-juta/?cep=13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn&lptoken=161c746b42858171065c
Server: Leadpages
Strict-Transport-Security: max-age=15768000
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10904
Expires: Mon, 23 Jan 2023 01:27:08 GMT
Date: Sun, 22 Jan 2023 22:25:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13772
Expires: Mon, 23 Jan 2023 02:14:56 GMT
Date: Sun, 22 Jan 2023 22:25:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 21:42:33 GMT
content-type: application/json
age: 2571
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6364
Expires: Mon, 23 Jan 2023 00:11:28 GMT
Date: Sun, 22 Jan 2023 22:25:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Cg2x/e/qKIXe6NLXmTXNy/plKqexEZcVr3/4Uzs76JVL4tHMHhoaSQ4Ppg+m+zZ8UZdZgj6MYko=
x-amz-request-id: CY44FNQ37NY9ZRR7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 22:18:36 GMT
age: 408
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 22:25:24 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 931ab52c147226b9f0002d4eff8480e7
c511da378ba8172cb469735f158253774910a04b
25b6916396f64e8a67de932afdc93f9d3af741d67705573c21bb5e38a6849812
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25B6916396F64E8A67DE932AFDC93F9D3AF741D67705573C21BB5E38A6849812"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Mon, 23 Jan 2023 04:25:08 GMT
Date: Sun, 22 Jan 2023 22:25:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 22:17:30 GMT
age: 475
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4241
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Last-Modified: Sun, 22 Jan 2023 21:14:44 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6a7b076a30a5406b12344e01ba2d7ea
17e8497f4041b0c7e6fe4a13cfc5fe634c622fc5
5c82bf44b7ea0d2399d52df26b0ebc574cea4c4ff5d34423d07a1fc20e2e3587
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/nQd1R-k6YuY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nQd1R-k6YuY
IP 142.250.74.131:0
Hash c4557610f669ad1eb4cc18e1d0a7166b
16258c0b760bf7b0375ef2c58c5721af38ea78a2
d9824c9261e45d1e227d7b774065e9da541d903611c6868ec936e0a3b7996c1b
POST /s/gts1d4/nQd1R-k6YuY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
embed.lpcontent.net/leadbars/current/embed.js
34.107.203.240200 OK 16 kB URL HTTP/2 embed.lpcontent.net/leadbars/current/embed.js
IP 34.107.203.240:0
File type ASCII text, with very long lines (28113)
Hash b9f809b10ab66614a668cbe638c8458c
eb21b6e5016f798c3678a98c4a5d7c720b670271
9646fe51c10c2983d666660bfd15689ddffc4bda41170ad0daec76d1877577e6
GET /leadbars/current/embed.js HTTP/1.1
Host: embed.lpcontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
vary: Accept-Encoding
x-cloud-trace-context: 6c9499d1b10d26a29d928c1d70fe0225
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 15839
date: Sun, 22 Jan 2023 22:21:57 GMT
expires: Sun, 22 Jan 2023 22:26:57 GMT
cache-control: public, max-age=300
age: 208
etag: "rvb96Q"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
IP 142.250.74.131:0
Hash b0b969fea7559f298b9dcc459054af08
c5a0f4f5e36efe6c816c5c9a2cd182d41619fa7c
fe970a958cbaec16f4d9c65556d6b656a3530cf00ceb17e55d6f0caf6cf51640
POST /s/gts1d4/FnnVkHgPuNk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-DN42Q62RRE
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-DN42Q62RRE
IP 142.250.74.168:0
File type ASCII text, with very long lines (19574)
Hash 3463eb23fe1da88e5d50156b4350a6ba
c66342294a610b0518d64a7996c78bd233474fd2
576786c2f5a944d81ad12b71c0bb3be5221b7689727e3b34b2b9095efbc69565
GET /gtag/js?id=G-DN42Q62RRE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 22 Jan 2023 22:25:25 GMT
expires: Sun, 22 Jan 2023 22:25:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77121
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
34.107.203.240200 OK 15 kB URL HTTP/2 static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
IP 34.107.203.240:0
File type ASCII text, with very long lines (58749)
Hash f42272a0f636e716204c0bec503ba28c
2dfd630f7b31d442fb25aca978b26c0efe377481
3ede591eca234ade8e54d107d4b391129bdedff614876fd513ab94aaa0b7e7d4
GET /fonts/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
vary: Accept-Encoding
x-cloud-trace-context: dd8f98e0d0027c334bb00a2c35d7520a
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14628
date: Sun, 08 Jan 2023 08:11:06 GMT
expires: Mon, 08 Jan 2024 08:11:06 GMT
cache-control: public, max-age=31536000
age: 1260859
etag: "rvb96Q"
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6a7b076a30a5406b12344e01ba2d7ea
17e8497f4041b0c7e6fe4a13cfc5fe634c622fc5
5c82bf44b7ea0d2399d52df26b0ebc574cea4c4ff5d34423d07a1fc20e2e3587
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ba95d27eb0f182a28fca7654533b0858
e9a92cfe5cb0860e6544f3df92e23d3b818e3608
69c2f7d7f78ffbab0262d53d5dcf4a0fe6e5886d23a575fa069e4b752c5f57d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 22:25:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 08:20:02 GMT
Expires: Sun, 29 Jan 2023 08:20:01 GMT
Etag: "e9a92cfe5cb0860e6544f3df92e23d3b818e3608"
Cache-Control: max-age=553475,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78dbb4959a570b39-OSL
ocsp.pki.goog/s/gts1d4/nQd1R-k6YuY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nQd1R-k6YuY
IP 142.250.74.131:0
Hash c4557610f669ad1eb4cc18e1d0a7166b
16258c0b760bf7b0375ef2c58c5721af38ea78a2
d9824c9261e45d1e227d7b774065e9da541d903611c6868ec936e0a3b7996c1b
POST /s/gts1d4/nQd1R-k6YuY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
IP 142.250.74.131:0
Hash b0b969fea7559f298b9dcc459054af08
c5a0f4f5e36efe6c816c5c9a2cd182d41619fa7c
fe970a958cbaec16f4d9c65556d6b656a3530cf00ceb17e55d6f0caf6cf51640
POST /s/gts1d4/FnnVkHgPuNk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/dBfU4CvKImw
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dBfU4CvKImw
IP 142.250.74.131:0
Hash ac4437ea13c46e1af05f0428e6e6720a
2111a12f703b8ba6bb7edaeb5d36cddbbfafb080
e27daa118349c3e5deeaa36912922b4e7dbfbc9d85ceebd7796f3a3ae960f2f4
POST /s/gts1d4/dBfU4CvKImw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.center.io/center.js
216.239.38.21200 OK 5.4 kB IP 216.239.38.21:0
File type ASCII text, with very long lines (566)
Hash 276609e3cfacad7622ab02bcd80a5f75
26fbc873773aada776b4cb2120a63130754f79ee
2037635942b2f0bde97187a1e26846a90f1c3e4944d5673b1be2a8d4376f2f9c
GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-cloud-trace-context: 24c95f4078334791da14b98cddf73e06
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Sun, 22 Jan 2023 22:21:57 GMT
expires: Sun, 22 Jan 2023 22:26:57 GMT
cache-control: public, max-age=300
age: 208
etag: "OMWYXg"
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bb5fac1f289cb91381d3d1a07094b179
df6f8fe7a21efb35290d24f2b8b0fe809cae8d33
34472778a647b2db33e669d8582b510d94d9e0d355d77c73d643b7495b0f6997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bb5fac1f289cb91381d3d1a07094b179
df6f8fe7a21efb35290d24f2b8b0fe809cae8d33
34472778a647b2db33e669d8582b510d94d9e0d355d77c73d643b7495b0f6997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bb5fac1f289cb91381d3d1a07094b179
df6f8fe7a21efb35290d24f2b8b0fe809cae8d33
34472778a647b2db33e669d8582b510d94d9e0d355d77c73d643b7495b0f6997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.149.93.186101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.93.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r+Dkre6GxtFMYbIdy4Zaww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MaUcVU+YQeUtQj5tx4vZcjM5Gjk=
js.center.io/identify.html
216.239.38.21200 OK 2.0 kB URL HTTP/2 js.center.io/identify.html
IP 216.239.38.21:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (612)
Hash c16ca7cb44a55621b5a53b8d3066ef99
9d19d037b0f6c1c12aa6cc3e378e13093272b0d3
9fb2d501b3b8e18a65f3eff4634517306fe997abb6dc3d821216bf33e3e91f3a
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: a80f6187e2210fd772ba44dc218cde4f
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Sun, 22 Jan 2023 22:23:06 GMT
expires: Sun, 22 Jan 2023 22:28:06 GMT
cache-control: public, max-age=300
age: 139
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a742f5dbcc87af3e4ac216b6d135669f
614af7c7cd417ad9d1449cb54d91e2908cd8b141
a01fccfbaf92d832555b5421cc79d7157b40f53fd17036146fd9c579cf20d360
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A01FCCFBAF92D832555B5421CC79D7157B40F53FD17036146FD9C579CF20D360"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6689
Expires: Mon, 23 Jan 2023 00:16:54 GMT
Date: Sun, 22 Jan 2023 22:25:25 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22592, version 1.0\012- data
Hash 4528524c7142b4e2d5c0438763223328
d439d881fd8c4f41e77c2fb07678e53fce3e331a
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
GET /s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:42:54 GMT
expires: Wed, 17 Jan 2024 15:42:54 GMT
cache-control: public, max-age=31536000
age: 456151
last-modified: Thu, 21 Apr 2022 16:51:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23724, version 1.0\012- data
Hash 2ca1253c8e47277b38c02353cdf32102
3cd0373fd1ae7ad8cb62ff8f2200193a7e8977e7
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 13:04:17 GMT
expires: Fri, 19 Jan 2024 13:04:17 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:58:19 GMT
content-type: font/woff2
age: 292868
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=91302
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=91302
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=91302 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 22 Jan 2023 22:25:25 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 298647d093b7c64e19c6ea0a8f57dadf
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700|Open+Sans:300,400,500,700
142.250.74.106200 OK 46 kB URL HTTP/2 fonts.googleapis.com/css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700|Open+Sans:300,400,500,700
IP 142.250.74.106:0
Hash 0437d0c048bf4fb28673cb533912ea4b
d5ae3d2abb6781704e32531cc7eae10f64178d95
c266fa9ca99bc7e362e2c496e544a328cdfe531cca1f97e028cef55798bc36f8
GET /css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700|Open+Sans:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 22:25:25 GMT
date: Sun, 22 Jan 2023 22:25:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 227836
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/www-player.css
142.250.74.46200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-player.css
IP 142.250.74.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8a6331ed48be29c59230b0c7360068de
22a20436f427d6b8e26eb30ed9aab51a43d389bf
72f0818ab04697fc29d331b2add584f3cd5e269446c7297300701a4666c9d95e
GET /s/player/4248d311/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49911
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:03:19 GMT
expires: Fri, 19 Jan 2024 16:03:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/css
age: 282126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 261442
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:40:43 GMT
expires: Fri, 19 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 279882
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bb5fac1f289cb91381d3d1a07094b179
df6f8fe7a21efb35290d24f2b8b0fe809cae8d33
34472778a647b2db33e669d8582b510d94d9e0d355d77c73d643b7495b0f6997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
142.250.74.46200 OK 109 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (679)
Size 109 kB (109432 bytes)
Hash 711fcfe6f1ab52d89ab3474d437c1e48
b2f3e69e9d40b193de5e76ae13c6ad9ce0a8e537
361236d1317543e128074c35d22d65a2ba70f6ce9906b07a543e6b3c96239019
GET /s/player/4248d311/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:03:20 GMT
expires: Fri, 19 Jan 2024 16:03:20 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 282125
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.46200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.46:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:14:47 GMT
expires: Fri, 19 Jan 2024 16:14:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 281438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 421bca8c133726bdd488192fb0c38557
25595a3843ca738b75e687df44e7de2207e8bc22
08f7a7d1db04d55630c12dc2b20aba2ce82afad3480627c0e71f42a4f970f556
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08F7A7D1DB04D55630C12DC2B20ABA2CE82AFAD3480627C0E71F42A4F970F556"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11890
Expires: Mon, 23 Jan 2023 01:43:35 GMT
Date: Sun, 22 Jan 2023 22:25:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1c98eae5e92e32836d46b3cac3629d3b
9a92c8ccb6eddc7370953c478d69474e743aa874
7006c29979f961fd42d535eca6a5b8d931aaa94df39f53b83a980aa83a50b5d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7006C29979F961FD42D535ECA6A5B8D931AAA94DF39F53B83A980AA83A50B5D7"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 23 Jan 2023 04:25:26 GMT
Date: Sun, 22 Jan 2023 22:25:26 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 36f69c576be6f781f131e89d144916b2
a96a0a7bad1198b6265756eb6dd79d444199dbaf
b1fa2795c057042627ad607c3a2bce695c3c564803d938373cd8243478d3d0d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 36f69c576be6f781f131e89d144916b2
a96a0a7bad1198b6265756eb6dd79d444199dbaf
b1fa2795c057042627ad607c3a2bce695c3c564803d938373cd8243478d3d0d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 36f69c576be6f781f131e89d144916b2
a96a0a7bad1198b6265756eb6dd79d444199dbaf
b1fa2795c057042627ad607c3a2bce695c3c564803d938373cd8243478d3d0d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w16
142.250.74.97200 OK 306 B URL HTTP/2 lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x6, components 3\012- data
Hash 02d40e78c39675e156af99b63a4fba71
b1c37963d09eadb59eaa1a827d102c93cc913a4d
0ed4f3c70c0138d4d52c9f1fca3850d29ec909e2c60f5268b2a1abda7462d143
GET /pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 306
x-xss-protection: 0
date: Sun, 22 Jan 2023 19:04:03 GMT
expires: Tue, 17 Jan 2023 18:20:51 GMT
cache-control: public, max-age=86400, no-transform
age: 12083
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/s-HcPfURzqhOjEIa2NK-sRGGF3x_btDbVhFjAvD8L4_0b8L1sOhoXR6y1yCzeUQpPEr0x2NDpV5o7TIL5ppEKxwcb_XyJaD9xA=w16
142.250.74.97200 OK 498 B URL HTTP/2 lh3.googleusercontent.com/s-HcPfURzqhOjEIa2NK-sRGGF3x_btDbVhFjAvD8L4_0b8L1sOhoXR6y1yCzeUQpPEr0x2NDpV5o7TIL5ppEKxwcb_XyJaD9xA=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash 9a1305895bd9442f83415fff3521d883
18963286e387a7643ebea60a1b2a5c03b746f22a
9562aa2e4ad347d9999ef66daf5b88ccd3b66363949ff7594396b87aec04496c
GET /s-HcPfURzqhOjEIa2NK-sRGGF3x_btDbVhFjAvD8L4_0b8L1sOhoXR6y1yCzeUQpPEr0x2NDpV5o7TIL5ppEKxwcb_XyJaD9xA=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 498
x-xss-protection: 0
date: Sun, 22 Jan 2023 19:04:01 GMT
expires: Tue, 17 Jan 2023 18:20:49 GMT
cache-control: public, max-age=86400, no-transform
age: 12085
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
142.250.74.46200 OK 495 B URL HTTP/2 www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
IP 142.250.74.46:0
Hash 89efa36d4d1f2c6ecfac9492fd56c5c3
2e523530198f4f00042f127152c34361418774ec
091295b36098b66b42e71518c20a8a2e1f59ccda779e22a455f72bfb105e72cd
GET /s/player/4248d311/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 611243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 13:03:55 GMT
expires: Fri, 19 Jan 2024 13:03:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 292890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/4HHJbrsxG4owrDxldwZUkuvzYhX1LDn6dOcZTyOQ9hcPPpyyyT3Vm-cklqOdflj3YsUf4b9hWN9PRaUCmnWpVGCHFHHGobGSQw=w16
142.250.74.97200 OK 498 B URL HTTP/2 lh3.googleusercontent.com/4HHJbrsxG4owrDxldwZUkuvzYhX1LDn6dOcZTyOQ9hcPPpyyyT3Vm-cklqOdflj3YsUf4b9hWN9PRaUCmnWpVGCHFHHGobGSQw=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash bc7483f00f3d080acc9dff6e71918f9b
1cafe317c09983cefe3204b3101c480efa0e6f2c
419d8e4749e86614aac923a3738b912841c8184b6f97f6913b28d6412ed4e1ca
GET /4HHJbrsxG4owrDxldwZUkuvzYhX1LDn6dOcZTyOQ9hcPPpyyyT3Vm-cklqOdflj3YsUf4b9hWN9PRaUCmnWpVGCHFHHGobGSQw=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 498
x-xss-protection: 0
date: Sun, 22 Jan 2023 19:04:01 GMT
expires: Tue, 17 Jan 2023 18:20:49 GMT
cache-control: public, max-age=86400, no-transform
age: 12085
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/HzmJZp3fFS76nwlbCEWhwtE4IZl1uyuCw22s59NBA6DzuekdjR1tfA6s9JuN6k_YYPu7IyQnTW_8eHVid8pSA_slytgo88s_cw=w16
142.250.74.97200 OK 513 B URL HTTP/2 lh3.googleusercontent.com/HzmJZp3fFS76nwlbCEWhwtE4IZl1uyuCw22s59NBA6DzuekdjR1tfA6s9JuN6k_YYPu7IyQnTW_8eHVid8pSA_slytgo88s_cw=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash 361a44383f241170edaa64306554ac80
33b3763d8d0242a71f16201c922e66786be043a7
39216f15840014369f9180f2e859d646b8a9e3b3c502bd3fb3b83cf5084d36a5
GET /HzmJZp3fFS76nwlbCEWhwtE4IZl1uyuCw22s59NBA6DzuekdjR1tfA6s9JuN6k_YYPu7IyQnTW_8eHVid8pSA_slytgo88s_cw=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 513
x-xss-protection: 0
date: Sun, 22 Jan 2023 19:04:01 GMT
expires: Tue, 17 Jan 2023 18:20:49 GMT
cache-control: public, max-age=86400, no-transform
age: 12085
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w1268
142.250.74.97200 OK 17 kB URL HTTP/2 lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w1268
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1268x450, components 3\012- data
Hash dd0b8a25677452e3994bb76f88a91c48
4dd5aff0dacc7d2fc90116d73ac8e9033199eded
e3a5028b83f5fe2cb91f7380b9b1a42393e4f335cdccb63178bd1d2d9bb194df
GET /pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w1268 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 17286
x-xss-protection: 0
date: Sun, 22 Jan 2023 22:25:26 GMT
expires: Thu, 19 Jan 2023 08:21:50 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/NRuszNqkJww
142.250.74.46200 OK 28 kB URL HTTP/2 www.youtube.com/embed/NRuszNqkJww
IP 142.250.74.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 28bb88b6685705bb3a3a700522e55627
2b987e8e6cb524493328938c2823fab910859571
107ce2d03bc73cb410b95a18ca3ed38c138e4e87d7392c55127443f8e5a970fc
GET /embed/NRuszNqkJww HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 22 Jan 2023 22:25:25 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=NPhsCGwURbE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=yY7h7xbqCcs; Domain=.youtube.com; Expires=Fri, 21-Jul-2023 22:25:25 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TVRZd05qTXdOak00TVRVNE16a3dNdz09ENXvtp4GGNXvtp4G; Domain=.youtube.com; Expires=Fri, 21-Jul-2023 22:25:25 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+841; expires=Tue, 21-Jan-2025 22:25:25 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/KbhDAWwFmQ9zgiKV8pXXrvWLJZ7Y-wip9nXb_PHKwiPhXEfftHoqF58MypTIRAqq7w2_UjhLVD0DYQOX6fojD9NxoI4R-At3ifU=w16
142.250.74.97200 OK 511 B URL HTTP/2 lh3.googleusercontent.com/KbhDAWwFmQ9zgiKV8pXXrvWLJZ7Y-wip9nXb_PHKwiPhXEfftHoqF58MypTIRAqq7w2_UjhLVD0DYQOX6fojD9NxoI4R-At3ifU=w16
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash b4ffc9ae4fb1241857eae58864a4d97d
c0e4b26a04be6825be66efdc95394dcb6c715c3a
bcea5eec2981a66a377d569fd1a576d25cb32417466b2054cb9d55ab445b8c89
GET /KbhDAWwFmQ9zgiKV8pXXrvWLJZ7Y-wip9nXb_PHKwiPhXEfftHoqF58MypTIRAqq7w2_UjhLVD0DYQOX6fojD9NxoI4R-At3ifU=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 511
x-xss-protection: 0
date: Sun, 22 Jan 2023 21:59:11 GMT
expires: Mon, 23 Jan 2023 21:59:11 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 1575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 36f69c576be6f781f131e89d144916b2
a96a0a7bad1198b6265756eb6dd79d444199dbaf
b1fa2795c057042627ad607c3a2bce695c3c564803d938373cd8243478d3d0d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track.bima-up.live/d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fseribu-jadi-5-juta%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&lpt=BimaBet%20-%20Jackpot%20Seribu%20Jadi%205%20Juta&vtm=1674426324430
18.192.108.151200 OK 2.9 kB URL HTTP/2 track.bima-up.live/d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fseribu-jadi-5-juta%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&lpt=BimaBet%20-%20Jackpot%20Seribu%20Jadi%205%20Juta&vtm=1674426324430
IP 18.192.108.151:0
File type ASCII text, with very long lines (877)
Hash f457c17c81bae65ac459674c2661d000
1121a272990e8f0e59132d0f5d16b661c5052f79
583689b7f5ac40c139e194353e22e9294c01f466bd5d47bb2923d6a835a6313a
GET /d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fseribu-jadi-5-juta%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&lpt=BimaBet%20-%20Jackpot%20Seribu%20Jadi%205%20Juta&vtm=1674426324430 HTTP/1.1
Host: track.bima-up.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Cookie: _ga_DN42Q62RRE=GS1.1.1674426324.1.0.1674426324.0.0.0; _ga=GA1.1.1560196720.1674426324
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 22:25:26 GMT
content-type: application/javascript;charset=UTF-8
content-length: 2905
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 116647e8b821a025dd41e464e2df6e78
6fcde9fb33fd234fa7db8495a14c3302baca497e
ef9a43b884860b6da198a5692e93f22e20631492bc0d40df65be7bc34d4eccc3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 22 Jan 2023 22:25:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 22 Jan 2023 03:02:30 GMT
Expires: Mon, 23 Jan 2023 03:02:30 GMT
ETag: "6fcde9fb33fd234fa7db8495a14c3302baca497e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=EimFh3aTvsXkRMk6v5tfRY&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=BmTPEjGYnZL2yiEwsF5368&sid=PsQg6oSYqYSRe9Ce4GFWRZ&cid=lp-EimFh3aTvsXkRMk6v5tfRY&uri=https%3A%2F%2Flp.bima-up.live%2Fseribu-jadi-5-juta%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&rf=&rx=1280&ry=939&tz=%2B00%3A00
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=EimFh3aTvsXkRMk6v5tfRY&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=BmTPEjGYnZL2yiEwsF5368&sid=PsQg6oSYqYSRe9Ce4GFWRZ&cid=lp-EimFh3aTvsXkRMk6v5tfRY&uri=https%3A%2F%2Flp.bima-up.live%2Fseribu-jadi-5-juta%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&rf=&rx=1280&ry=939&tz=%2B00%3A00
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadpage&l=EimFh3aTvsXkRMk6v5tfRY&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=BmTPEjGYnZL2yiEwsF5368&sid=PsQg6oSYqYSRe9Ce4GFWRZ&cid=lp-EimFh3aTvsXkRMk6v5tfRY&uri=https%3A%2F%2Flp.bima-up.live%2Fseribu-jadi-5-juta%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&rf=&rx=1280&ry=939&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Server: Stargate
Date: Sun, 22 Jan 2023 22:25:26 GMT
set-cookie: view.AEbxHzGYBGpmqeMEqpLZnR-default-prop.EimFh3aTvsXkRMk6v5tfRY=1674426326000; Domain=api.leadpages.io; expires=Mon, 23 Jan 2023 22:25:26 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-origin: https://lp.bima-up.live
access-control-expose-headers: LP-Security-Token
x-request-id: 06hcicjsdl1ri57kmm40
X-Forwarded-For: 91.90.42.154
region1.google-analytics.com/g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1i0&_p=738939386&cid=1560196720.1674426324&ul=en-us&sr=1280x1024&_s=1&sid=1674426324&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fseribu-jadi-5-juta%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&dt=BimaBet%20-%20Jackpot%20Seribu%20Jadi%205%20Juta&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 727 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1i0&_p=738939386&cid=1560196720.1674426324&ul=en-us&sr=1280x1024&_s=1&sid=1674426324&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fseribu-jadi-5-juta%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&dt=BimaBet%20-%20Jackpot%20Seribu%20Jadi%205%20Juta&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
File type gzip compressed data, max compression\012- data
Hash ffc715c22fa743786326761e9f1f7c88
34d4a8c018926313ec463713b369a99c0b1d7e8f
c7df26030ffdeaacb876b743e771bf67f228d0f4d6a96a85e04dcff08ed012af
POST /g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1i0&_p=738939386&cid=1560196720.1674426324&ul=en-us&sr=1280x1024&_s=1&sid=1674426324&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fseribu-jadi-5-juta%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&dt=BimaBet%20-%20Jackpot%20Seribu%20Jadi%205%20Juta&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lp.bima-up.live
date: Sun, 22 Jan 2023 22:25:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3bbec64cde333b8c3068e63b2adbf2bb
e1fad0f09db1e1b01c9d36d7dbc8163682dcc533
850bdbc33df9ee9c938ed81f35ee0a6782fe99f49f65359e1a66ff21e282ffc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4ec0ad0f34d8429ee4b63e51af8dea28
06f06e740d6b07de145a898746db4d13a1b015b1
0904e3e05b518168b5618c0d53c1a9e1ce3a38df693d37145b413c3f46fe20c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 22:17:34 GMT
expires: Sun, 22 Jan 2023 22:32:34 GMT
cache-control: public, max-age=900
age: 472
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 22 Jan 2023 22:25:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=AhVV9pL4ZYUZeucrSmsrio&kind=text,timer,counter,text,text,timer,text,timer&label=bar_embed_embedded,bar_embed_script_load,bar_embed_delayed_trigger_queue,bar_embed_embedded,bar_embed_embedded,bar_embed_show,bar_embed_shown,bar_embed_delayed_trigger_show&value=PDxHE2EuKzaRgSXfPiQJUh,175,1,PDxHE2EuKzaRgSXfPiQJUh,PDxHE2EuKzaRgSXfPiQJUh,2,PDxHE2EuKzaRgSXfPiQJUh,3&tags=,,,,,,,
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=AhVV9pL4ZYUZeucrSmsrio&kind=text,timer,counter,text,text,timer,text,timer&label=bar_embed_embedded,bar_embed_script_load,bar_embed_delayed_trigger_queue,bar_embed_embedded,bar_embed_embedded,bar_embed_show,bar_embed_shown,bar_embed_delayed_trigger_show&value=PDxHE2EuKzaRgSXfPiQJUh,175,1,PDxHE2EuKzaRgSXfPiQJUh,PDxHE2EuKzaRgSXfPiQJUh,2,PDxHE2EuKzaRgSXfPiQJUh,3&tags=,,,,,,,
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=AhVV9pL4ZYUZeucrSmsrio&kind=text,timer,counter,text,text,timer,text,timer&label=bar_embed_embedded,bar_embed_script_load,bar_embed_delayed_trigger_queue,bar_embed_embedded,bar_embed_embedded,bar_embed_show,bar_embed_shown,bar_embed_delayed_trigger_show&value=PDxHE2EuKzaRgSXfPiQJUh,175,1,PDxHE2EuKzaRgSXfPiQJUh,PDxHE2EuKzaRgSXfPiQJUh,2,PDxHE2EuKzaRgSXfPiQJUh,3&tags=,,,,,,, HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-origin: https://lp.bima-up.live
Server: Stargate
Date: Sun, 22 Jan 2023 22:25:26 GMT
access-control-allow-credentials: true
access-control-expose-headers: LP-Security-Token
x-request-id: 06fa3uojf4ip5j2508h0
access-control-max-age: 600
X-Forwarded-For: 91.90.42.154
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4ec0ad0f34d8429ee4b63e51af8dea28
06f06e740d6b07de145a898746db4d13a1b015b1
0904e3e05b518168b5618c0d53c1a9e1ce3a38df693d37145b413c3f46fe20c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3bbec64cde333b8c3068e63b2adbf2bb
e1fad0f09db1e1b01c9d36d7dbc8163682dcc533
850bdbc33df9ee9c938ed81f35ee0a6782fe99f49f65359e1a66ff21e282ffc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3337
Expires: Sun, 22 Jan 2023 23:21:03 GMT
Date: Sun, 22 Jan 2023 22:25:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3337
Expires: Sun, 22 Jan 2023 23:21:03 GMT
Date: Sun, 22 Jan 2023 22:25:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3337
Expires: Sun, 22 Jan 2023 23:21:03 GMT
Date: Sun, 22 Jan 2023 22:25:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3337
Expires: Sun, 22 Jan 2023 23:21:03 GMT
Date: Sun, 22 Jan 2023 22:25:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3337
Expires: Sun, 22 Jan 2023 23:21:03 GMT
Date: Sun, 22 Jan 2023 22:25:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d95b4a29d3337c5c2ca7e4d31fa3a0b6
4c6d22bdc48d7011e2c875ee18876da6a8401669
23421c7f67582c927dacf52c25779e43f5196a40fb1b70467ed737c2417ba39e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 60a33a3f-36b1-4f6e-a17b-964118a9da31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3AcMGeNoAMFs7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5e11a-7673a87f26759a1a64e4aab2;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 23:43:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JqvCEzxKP39gLHZjcr7R303XMAlfQz2nAtz-Wv_9W0rsAYJ3ODczPg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:58:40 GMT
age: 1606
etag: "4c6d22bdc48d7011e2c875ee18876da6a8401669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F776639f2-eb42-4725-b2a7-00e94fc28d19.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F776639f2-eb42-4725-b2a7-00e94fc28d19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3bb461e2e4e28de0ad024cd421d4b1a
9c67f7af385f0999feb27ab02bb96fb86f74d93d
f430b4b3d325f51ce516a4ab3abae723daffe011f1b1246146a75aedd58c70a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F776639f2-eb42-4725-b2a7-00e94fc28d19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8440
x-amzn-requestid: e39ab13e-8072-4c5b-8c3c-5cf627252fdb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezKFq-IAMFkdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-3cdf64b20b43bdd705acb62f;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EmlBzMrxN8Ah3VQJ05pUy7_4PoX8gIkhxyvHPdmMb8jTEsydjgN_lw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:46 GMT
etag: "9c67f7af385f0999feb27ab02bb96fb86f74d93d"
content-type: image/jpeg
age: 2260
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 01:53:53 GMT
age: 73893
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: 64a84c78-8acc-4d6f-b037-40d3b6e4f86c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKfM0EUeIAMF1hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdabeb-5c8c25897a599f933d9f2e82;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gi_3gjvhYEpE4MpD7xscL-11r4m1yydM3M879KpzKuGjUXd6C0j1Tw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:50:58 GMT
age: 2068
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d0dd6e84bd1708aec285a9153eafabc
2d2729ca550ecdca29a502eb76c68f4eed623032
3c0492fc05ab9a35cd8d833a031aa907a473f2ff22fed0732fa331a0c2939660
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4085
x-amzn-requestid: 444720ab-9a4d-40f7-a2e2-e574d4e2928d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBP0uEeToAMFepA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9f9b7-113188a040ff40ad479415cc;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 02:17:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: keWFs-Nhkuz7lUygleMuZ8TqK5mbLbs8IvnNtlNqknIW12DwwgswKg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:56:03 GMT
age: 1763
etag: "2d2729ca550ecdca29a502eb76c68f4eed623032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ecf206cacc8cdeeba5f730d98e0570b7
fe131d1a8686593034547d3a465903912abb4cc7
d85a51760a2d0a3587d5e3a876aaf689d7a2efedb3e98a408bd8b88711dc7690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6579
x-amzn-requestid: 41de2a77-b735-4ee7-9dba-743be856ec5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFLFwGQ4oAMFu8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb8bbe-3419ffe67988decf6da025ed;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: T0_2xjAEStWvc5m-PJM4w3pr9pQuPprYOnx5LlS66Pt3d5WmA31tHQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 22:02:39 GMT
etag: "fe131d1a8686593034547d3a465903912abb4cc7"
content-type: image/jpeg
age: 1367
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 22 Jan 2023 22:25:26 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 3f12bcecbfc2fd464512ab3d9cc5cffa
507ff9db2922dfa6aabf808212e26028c76e0f63
7ac34dc7dadbd8766add416253f57d77166c7fa2cea1d840efbfa0ad9426ffea
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 22 Jan 2023 22:25:26 GMT
server: ESF
cache-control: private
content-length: 30991
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9f9788e381983082a10350bba3234afb
dc16e103c5174374433d4432b8d6171a3960dbbc
961980c0a8fa08aca4b97e793686994e2d85e5272cebeb48229611a88ecabc83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36171)
Hash a13a76dd17af226d4a24bd16ef702377
c364171cd0f66eb4a1a8dde04e1e083154d81dbd
1dd3352cbdb7561b142954006a2bb94008486c22760c3d5ebb1b6fffeb325173
GET /js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14250
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 18:38:28 GMT
expires: Sat, 20 Jan 2024 18:38:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 186418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0d196e757779e1f0bd2edb9f67e5b2fb
9153462c669ecf1e0f6f2502b124ea40056e22d5
00f8b8895b3f176dfb2655b7357c2b1bbdf8e64399472a396efe058546b638ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0f8f7eaaa76b964f306c11ee00036e1e
b7a0a7176d9dd49053a46bd5f83a317b5683ae87
df3420bb4edeab8fb7b6d477782e411c2302063868328606defd3952e978100b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 22 Jan 2023 22:25:26 GMT
server: ESF
cache-control: private
content-length: 30801
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/jHJp1ocCeVI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEogEyh_MA8=&rs=AOn4CLC44fQ2N9PguuwIw90WlMfoo7-ihQ
142.250.74.86200 OK 50 kB URL HTTP/2 i.ytimg.com/vi/jHJp1ocCeVI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEogEyh_MA8=&rs=AOn4CLC44fQ2N9PguuwIw90WlMfoo7-ihQ
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash e708c9013a8a49c32e5e99107155e68a
b603276faa7e5363c520be759e95c79dfd18c197
b3cb2e5992be82adcecad48e9ee6147eb954783bc39641b321cafd0413263e72
GET /vi/jHJp1ocCeVI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEogEyh_MA8=&rs=AOn4CLC44fQ2N9PguuwIw90WlMfoo7-ihQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 50020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 21:21:07 GMT
expires: Sun, 22 Jan 2023 23:21:07 GMT
cache-control: public, max-age=7200
age: 3860
etag: "0"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0d196e757779e1f0bd2edb9f67e5b2fb
9153462c669ecf1e0f6f2502b124ea40056e22d5
00f8b8895b3f176dfb2655b7357c2b1bbdf8e64399472a396efe058546b638ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:25:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJUg67O7s0ah_-Wi1_bt360JhCxlgHiZYzOOR8gWFNC3ffVUwuq3Yv80Ky1iGjU9=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 957 B URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJUg67O7s0ah_-Wi1_bt360JhCxlgHiZYzOOR8gWFNC3ffVUwuq3Yv80Ky1iGjU9=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 844f749dc4e184993fab0c52b28358be
12387e690220e80b63ba1ff22ec245a1f11ac403
82f57af64c9ae441f0a2418e9dbcf1241ebf14b1671818d445334e4fe8080a01
GET /ytc/AL5GRJUg67O7s0ah_-Wi1_bt360JhCxlgHiZYzOOR8gWFNC3ffVUwuq3Yv80Ky1iGjU9=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 957
x-xss-protection: 0
date: Sun, 22 Jan 2023 21:55:23 GMT
expires: Mon, 23 Jan 2023 21:55:23 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 1804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash bd167e28539713fb192becfd1868d256
a046db81c9f4f2bf4e4adc2759d1e8eda78d0643
0bb1fddf0455c1c76182b20b5121a9a7613e1832a25c3930d26410e1ea2bcf5a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 22 Jan 2023 22:25:27 GMT
server: ESF
cache-control: private
content-length: 31013
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=91302&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=91302&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=91302&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 22 Jan 2023 22:25:27 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: e1eecfd43050fa3baa9d4a1f9847c74b
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 22 Jan 2023 22:25:27 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 73e5c0dd2529e5298d954f1f4fa009ce
e24f1cc3af67fe18b8f37291cb215f35f556119f
8ef94ee535e634ddae579723faa31e30d6a1ba1889f619b875b52ac5a962546a
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 970
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 22 Jan 2023 22:25:27 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 97f4e3a6ee2a1fcef77a9c9743d42876
6cde121bf5b7b4a685f54671f16f9cc65f29c5ec
e9c7ea1f4b42520643093dafd401d2d275faee0425abf2846b54328a65f795f6
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1154
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 22 Jan 2023 22:25:27 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 77a9cb57dbcf6beb96212c8bfa1cf8bd
7d729d78c49c8c34686bbce4879d0442d4340f65
2ec5991202cdffff2a23e60ee47e7b1fab8cfc8267037cc4548550c6f037b90c
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1235
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 22 Jan 2023 22:25:27 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/events/capture?k=view&a=leadbar&l=PDxHE2EuKzaRgSXfPiQJUh&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=BmTPEjGYnZL2yiEwsF5368&sid=V2eRysBgKJuF8xoSuyDtSD&cid=lp-PDxHE2EuKzaRgSXfPiQJUh&uri=https%3A%2F%2Funtungbebek.lpages.co%2Fserve-leadbar%2FPDxHE2EuKzaRgSXfPiQJUh%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&rf=https%3A%2F%2Flp.bima-up.live%2F&rx=1268&ry=61&tz=%2B00%3A00
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/events/capture?k=view&a=leadbar&l=PDxHE2EuKzaRgSXfPiQJUh&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=BmTPEjGYnZL2yiEwsF5368&sid=V2eRysBgKJuF8xoSuyDtSD&cid=lp-PDxHE2EuKzaRgSXfPiQJUh&uri=https%3A%2F%2Funtungbebek.lpages.co%2Fserve-leadbar%2FPDxHE2EuKzaRgSXfPiQJUh%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&rf=https%3A%2F%2Flp.bima-up.live%2F&rx=1268&ry=61&tz=%2B00%3A00
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadbar&l=PDxHE2EuKzaRgSXfPiQJUh&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=BmTPEjGYnZL2yiEwsF5368&sid=V2eRysBgKJuF8xoSuyDtSD&cid=lp-PDxHE2EuKzaRgSXfPiQJUh&uri=https%3A%2F%2Funtungbebek.lpages.co%2Fserve-leadbar%2FPDxHE2EuKzaRgSXfPiQJUh%2F%3Fcep%3D13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn%26lptoken%3D161c746b42858171065c&rf=https%3A%2F%2Flp.bima-up.live%2F&rx=1268&ry=61&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://untungbebek.lpages.co
Connection: keep-alive
Referer: https://untungbebek.lpages.co/
Cookie: view.AEbxHzGYBGpmqeMEqpLZnR-default-prop.EimFh3aTvsXkRMk6v5tfRY=1674426326000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Server: Stargate
Date: Sun, 22 Jan 2023 22:25:27 GMT
set-cookie: view.AEbxHzGYBGpmqeMEqpLZnR-default-prop.PDxHE2EuKzaRgSXfPiQJUh=1674426328000; Domain=api.leadpages.io; expires=Mon, 23 Jan 2023 22:25:27 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-origin: https://untungbebek.lpages.co
access-control-expose-headers: LP-Security-Token
x-request-id: 06hcicu88qhmu8njup4g
X-Forwarded-For: 91.90.42.154
api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=2,432,247,687,6,698,988,1047,2637,2638
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=2,432,247,687,6,698,988,1047,2637,2638
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=2,432,247,687,6,698,988,1047,2637,2638 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Server: Stargate
access-control-expose-headers: LP-Security-Token
Date: Sun, 22 Jan 2023 22:25:27 GMT
access-control-allow-credentials: true
x-request-id: 06hcicvahve1rd6587sg
X-Forwarded-For: 91.90.42.154
api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=AhVV9pL4ZYUZeucrSmsrio&kind=timer&label=bar_embed_load&value=727&tags=
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=AhVV9pL4ZYUZeucrSmsrio&kind=timer&label=bar_embed_load&value=727&tags=
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=AhVV9pL4ZYUZeucrSmsrio&kind=timer&label=bar_embed_load&value=727&tags= HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-origin: https://lp.bima-up.live
Server: Stargate
Date: Sun, 22 Jan 2023 22:25:27 GMT
access-control-allow-credentials: true
access-control-expose-headers: LP-Security-Token
x-request-id: 06fa3v32okhtbn3cb670
access-control-max-age: 600
X-Forwarded-For: 91.90.42.154
unphionetor.com/vbri?t=91302&bid=undefined&aid=undefined&tp=5704
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=91302&bid=undefined&aid=undefined&tp=5704
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=91302&bid=undefined&aid=undefined&tp=5704 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 22 Jan 2023 22:25:29 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 89665ffb66065b9790c9c70482a35565
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=8ki4ZW53FgMHfstHkp4CRg&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=96,187,1,585
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=8ki4ZW53FgMHfstHkp4CRg&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=96,187,1,585
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=8ki4ZW53FgMHfstHkp4CRg&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=96,187,1,585 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Server: Stargate
Date: Sun, 22 Jan 2023 22:25:31 GMT
access-control-allow-credentials: true
access-control-max-age: 600
access-control-allow-origin: https://lp.bima-up.live
x-request-id: 06hcidrht67g8piorthg
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=9ECAmourqdVDzUYtPo5pSK&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-exists,send-events&value=6,1042,1,141
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=9ECAmourqdVDzUYtPo5pSK&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-exists,send-events&value=6,1042,1,141
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=9ECAmourqdVDzUYtPo5pSK&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-exists,send-events&value=6,1042,1,141 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://untungbebek.lpages.co
Connection: keep-alive
Referer: https://untungbebek.lpages.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Server: Stargate
Date: Sun, 22 Jan 2023 22:25:31 GMT
access-control-allow-credentials: true
access-control-max-age: 600
access-control-allow-origin: https://untungbebek.lpages.co
x-request-id: 06hcidvmnd6nrt5frb70
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154
lp.bima-up.live/seribu-jadi-5-juta/?cep=13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn&lptoken=161c746b42858171065c
35.202.21.90200 OK 0 B URL HTTP/2 lp.bima-up.live/seribu-jadi-5-juta/?cep=13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn&lptoken=161c746b42858171065c
IP 35.202.21.90:0
GET /seribu-jadi-5-juta/?cep=13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn&lptoken=161c746b42858171065c HTTP/1.1
Host: lp.bima-up.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:25:24 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"4092e50bfa7cdc90e1ccd9d374dc18e1"
last-modified: Sat, 21 May 2022 16:04:24 GMT
x-cache: MISS, HIT
cache-control: no-cache
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
www.youtube.com/embed/GnY5fr2LYb8
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/GnY5fr2LYb8
IP 142.250.74.46:0
GET /embed/GnY5fr2LYb8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 22 Jan 2023 22:25:25 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=6xlXkkjwgDQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=b30imjIl3WY; Domain=.youtube.com; Expires=Fri, 21-Jul-2023 22:25:25 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TVRZd05qTXdOalEwTVRrek16TXhOdz09ENXvtp4GGNXvtp4G; Domain=.youtube.com; Expires=Fri, 21-Jul-2023 22:25:25 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+447; expires=Tue, 21-Jan-2025 22:25:25 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=91302
139.45.197.240200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=91302
IP 139.45.197.240:0
GET /fv.js?t=91302 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 22:25:25 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 955ea00b4b270ab795c7be8b180bf8c2
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
untungbebek.lpages.co/serve-leadbar/PDxHE2EuKzaRgSXfPiQJUh/?cep=13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn&lptoken=161c746b42858171065c
35.202.21.90200 OK 0 B URL HTTP/2 untungbebek.lpages.co/serve-leadbar/PDxHE2EuKzaRgSXfPiQJUh/?cep=13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn&lptoken=161c746b42858171065c
IP 35.202.21.90:0
GET /serve-leadbar/PDxHE2EuKzaRgSXfPiQJUh/?cep=13tl2W0PTU_KNDcFDdtykoTowvMh08JUB1eSv_UTLAKfTA2-AsDo6cqOm5uipOCz1YuzVrUjsx2wr6Abz8eMmZ7qEHPnJYTOnbcL8i5b-S263UPRKoVGzS5kihHz3AyRcxExH3PdbcgsC5h0J5lxQ6fZIJBejlMY7B-kBUrdnIpfAckUccEL5kS-hvwpBvsArzgTkEzY6nQU8OmRNW91csn9EfMT015q-lzjZgmLdwuLF1KfbWXdBQw3kVjfoyENsM1nqa36Hntqf2GhdxP6l56nGlQmW9MkAI55kv9ZDULvGXa7I8BCD3HOrm4Rsl1wdyHtXhx-dcWZgrobMSqiQMUVBBrNPal--KLCYA9S_uTT3FOP5vEj28ZRN4LtdrPn&lptoken=161c746b42858171065c HTTP/1.1
Host: untungbebek.lpages.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:25:26 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"009a7dae7bacc32fa10579bedbe1913d"
last-modified: Sat, 21 May 2022 16:05:44 GMT
x-cache: MISS, HIT
cache-control: no-cache
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
www.youtube.com/embed/jHJp1ocCeVI
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/jHJp1ocCeVI
IP 142.250.74.46:0
GET /embed/jHJp1ocCeVI HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 22 Jan 2023 22:25:25 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=w1jfFVc2P8Q; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TVRZd05qTXdOelUzTkRjeE56a3hNdz09ENXvtp4GGNXvtp4G; Domain=.youtube.com; Expires=Fri, 21-Jul-2023 22:25:25 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=wukdyeRDI6s; Domain=.youtube.com; Expires=Fri, 21-Jul-2023 22:25:25 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+163; expires=Tue, 21-Jan-2025 22:25:25 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w1268
142.250.74.97200 OK 0 B URL HTTP/2 lh3.googleusercontent.com/FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w1268
IP 142.250.74.97:0
GET /FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w1268 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Mon, 23 Jan 2023 22:25:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 22:25:26 GMT
server: fife
content-length: 129884
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2