firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 11:04:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MDC3H_EvWlW4kzPWqCL18a7Yi4PqR5r-bYph4lzWWY2WUhf4LyXL8Q==
Age: 2648
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12010
Expires: Tue, 06 Sep 2022 15:08:35 GMT
Date: Tue, 06 Sep 2022 11:48:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: azketaduU1_ZU9EqRra39B2PQA78TRvhTuN4bku1_M08m7pYhahLbQ==
age: 37988
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 11:48:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 11:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 12:38:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 58onAavy3OXrHnbd86neROtu2Fh_0GIO_v64b-4UUTC08cRFHrOCag==
Age: 608
insider-trading-cryptocurrency-uk.briticanenglish.com/news-4926
185.106.93.29302 Moved Temporarily 142 B URL HTTP/1.1 insider-trading-cryptocurrency-uk.briticanenglish.com/news-4926
IP 185.106.93.29:0
ASN #50113 NTX Technologies s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /news-4926 HTTP/1.1
Host: insider-trading-cryptocurrency-uk.briticanenglish.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Tue, 06 Sep 2022 11:48:26 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://tinyurl.com/2w3tkh95
X-Powered-By: PHP/7.2.30
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5531
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:26 GMT
Last-Modified: Tue, 06 Sep 2022 10:16:15 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xYhAl7varfE3dYGZOQKa2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Hxv7HfJgSSBN9JRdRkNUpIRBnes=
go.fimivauj.com/0gz3
172.67.192.164302 Found 0 B IP 172.67.192.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /0gz3 HTTP/1.1
Host: go.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 06 Sep 2022 11:48:26 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Location: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
Vary: User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7kxl5g3DqzuxjQ7gobMMkxWCG88yUez%2B8yVacK1hOyA2Q%2F1i7vMrj8lbWnIyUbbpTiGlt1YNZAcxuTRh3T72ZA8yyOp%2BAqp9%2BIXa%2FIctQDeBiJu5GcQ%2BK%2BwbK%2BnwA6THg8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c41f71b4fa-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
172.67.192.164200 OK 9.9 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
IP 172.67.192.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (884)
Hash df589009d9186281370cb8fd964a78ae
3c0657043e11eb5aabe90835f7ad13b1ecb9589f
aa06bd121d06a7b9f21287c0780bb11ac27d09d899c89ebec305b8c925785daf
GET /?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1 HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Apr 2021 16:26:47 GMT
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WAKR2umVBlnaSA2g8%2BAMhFwpecYHIU0gNFH4Z7p2wc8TcQ5LYVFnBr2L3ji22FJFhnLEKsi9A7Q3fgugT%2BiVhJFUgY3f%2FpTtscQtEjqyFffBKyfZgUl82U1LrK%2BP1%2BQZtL7zqfAgAGp7CwY4Bc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c49bd20b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/css/bootstrap.min.css
172.67.192.164200 OK 21 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/css/bootstrap.min.css
IP 172.67.192.164:0
File type ASCII text, with very long lines (65324)
Hash 38f745174e06995541ce3df4e12cf121
033967295cf3e90282570b349f644c28a1ac89bf
c5662e0d63e606d98a53572f86ce46faa93a63faacf94200d35982886d0263f1
GET /css/bootstrap.min.css HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: text/css
Content-Length: 21021
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "22485-5ae2d8e5c0335-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mj8UQBDCS9S23yI%2B8JEWTnHS7tB0ZeMmMWLv6hWnJ%2Fbg7NwRiWd07ECLxwrvYF8MEdYWJ1rTHyf5V66%2FAfUmsTedjInxyk7n1kPRksTPXQKiDQzNoq278aZagTd6BLv8xxRoVaJnD9%2BmnhFSq%2FY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5cd0a0b41-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/css/index.css
172.67.192.164200 OK 6.4 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/css/index.css
IP 172.67.192.164:0
Hash ff8d237d125ee0fa644bf5c3e4bf715c
03db2fbe75fc4a8e3254f3ae78bd4e8184a32f34
eda19a2f963e3924e9d50300645431fa78a4f638cc10bae20896d2ccc422d25c
GET /css/index.css HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: text/css
Content-Length: 6422
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "9349-5ae2d8e5c0335-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8r%2FE9KQB9nPN46%2BeHzd0hvWGH2HZBc%2B9VK%2BFqJAUYAmbXOFieic7WBqYBx0QkHR9%2FWGaoDBMDehbtb6iyQzO4M6i9dujFaEQB3Mdwrk3Ih3TdRj%2FXY8ZoWFXFiV2lKnzDmDSsm%2B3%2FeaPoVgmCas%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5ca63b505-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/btc-logo.png
172.67.192.164200 OK 2.0 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/btc-logo.png
IP 172.67.192.164:0
File type PNG image data, 190 x 30, 8-bit colormap, non-interlaced\012- data
Hash 4fb9be5dc40006b48597e7177cbde632
acde09fb71c5b528bc865b54430a78e81d38a3db
1ec7cde466bdca8cfa2fd5ecf30c90b23bb92f85489a8cd3df28697b956c8943
GET /images/btc-logo.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 2021
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "7e5-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2dHOms635wJK0oGLqo0nxFqPgKVhfAy1AkC64S2Da%2BoRoG6nrtzKfrm8h0yXsZs3zGEnebGpkCVNR2Vkuj79ApGMoP0cREat36jeLo31oUiPBXZANtXm07NiY5bUJkizoiWHUyRvQBX7yTwmPY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5ea85b505-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/phone-footer.png
172.67.192.164200 OK 143 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/phone-footer.png
IP 172.67.192.164:0
File type PNG image data, 407 x 490, 8-bit/color RGBA, non-interlaced\012- data
Size 143 kB (143070 bytes)
Hash 29dc8573e90b64ac6a6a25e774e1a59b
98c242e665286a76217747a5c29916e425410150
cb10ee79f87b655292f3c85335bebc0f3d57fbf9a21ec097241551bebceb32cf
GET /images/phone-footer.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 143070
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "22ede-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZWvC0ANNY%2FF1ivbXc45GZjwcY5Hee%2FahuI96hBNOt1DjRdXvViCu5xpRobZDwa0FsZvGaZR5RUOltNVc3ZrXh2ef0xc6Tl8LyI2RYaxdr6dATjzppuv9adLce7%2BJ2tNSEbxedoB3YVIJcss16M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5dd2e0b41-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/mastercard.png
172.67.192.164200 OK 2.4 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/mastercard.png
IP 172.67.192.164:0
File type PNG image data, 195 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash dacb21c2d17bd1f61fc076840b39c1a5
bbd10f8b6e604908c67508cd79405d8fe955b7bc
0939e5f32ee8167e8cf63dc1b12a9d0775afd30efcbb030defd14656889a4712
GET /images/mastercard.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 2355
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "933-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oys8zikurNoY%2FTuPPwlDKPfqJegABKT%2FfRaVjeReisLDuBiQtKybROiUAdIwib1rQHMEuGolVrbco9y0XMhPlBR7IXQKeVsu%2FvT7gihKx0IV%2BLdf4qNf76ZZd2jbyrwyKK%2FEp%2FuoCfUOfBQIEgc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5dd450b49-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/logo-secure-pop.png
172.67.192.164200 OK 1.2 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/logo-secure-pop.png
IP 172.67.192.164:0
File type PNG image data, 57 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash c670ce72aa2f92feab48b832781dd95d
c0dbd06f04f87e14c2ce73a7c7fea6b1378af11f
98cfd4ddb345e21c26806136af724048d9b1849c2aa51f7f9c0f0a7663430931
GET /images/logo-secure-pop.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 1225
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "4c9-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dl1cdM0jnvRU6%2FfflcnjJunUSC2E%2BMAguNC%2FGq%2FC4FF3JbJ4ADy3pRh9XIiowxLQFO5gkrxS9axSqDTAOeFlw4F1JB1zC9ZRoeOidgATdJxJGM%2FM9FneMeHFtxLcX5XrKarYQsNJHFbNa2ETfPk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5ea6cb523-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/arow-up.png
172.67.192.164200 OK 325 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/arow-up.png
IP 172.67.192.164:0
File type PNG image data, 18 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e9810a72bae5cb0827aaf62811fd2e6
c8b1fa25b703a77c69efcde6a6cd1acf0193f467
8340840f98b8877e877be8a61bd3d33c35b44ecab72e1008a53d9c1c5340460e
GET /images/arow-up.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 325
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "145-5ae2d8e5c0335"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6%2BsxHHhk2TZdHhBARb8t3XZ%2BoRqLwSlJdXXtvXosoDKy0u7h2UhgEJqwjJj1mBhi2Iae9NfeVlBLEyIGRd2udcWpiMON52aNmvHbx01zi19MKkncAbp82a1FXMkEFdUoOgywkY2lze8jb%2BR7pA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5ea95b505-OSL
alt-svc: h2=":443"; ma=60
tinyurl.com/2w3tkh95
104.20.138.65301 Moved Permanently 769 B IP 104.20.138.65:0
Hash 1354f3a31ea4b11a17e35112972c20af
ea52c9668c5e90c94d8a17ffdea866e4c09e3385
b502efa1e17326e16a5848f0be6d612d771942d0fad15bc7519301e3b067526a
GET /2w3tkh95 HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Tue, 06 Sep 2022 11:48:26 GMT
content-type: text/html; charset=UTF-8
location: http://go.fimivauj.com/0gz3
x-powered-by: PHP/8.1.8
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7466f9c0c854b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
no.bitcoin-now.fimivauj.com/images/card-logo.png
172.67.192.164200 OK 2.4 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/card-logo.png
IP 172.67.192.164:0
File type PNG image data, 377 x 35, 8-bit colormap, non-interlaced\012- data
Hash 9951128ad74ba50033febb989c05e8d0
7a86ec0f755da800466daf771788de7d0b636170
fb75af81e5ab3eaa4fd18350e80ac4476340b98bfb4c6a68289372f1b23511ef
GET /images/card-logo.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 2426
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "97a-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhOZ%2BTcl3Bq0Pf8gAaf3s8gYPplLs0MReixmVQ7bgIabDtFfeL57bd6kpshTTySnX4IktqQc2tjEi4mDzCJf8C9NL5gT%2BpZesFzlvC%2B7ndW9yRLKRh7DgKrmUPcO6JCEtEEsI9STgE7gi1KITZQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5ebeeb4f3-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/form-headr.png
172.67.192.164200 OK 65 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/form-headr.png
IP 172.67.192.164:0
File type PNG image data, 1000 x 179, 8-bit colormap, non-interlaced\012- data
Hash 13bdee4cb30384d8576776157c7afe08
0263585f660cfa559f2dfdcde3f80a65835408ad
de14f5e6a350dea274b4742f13de4d68fac1b8d477c29308b41c0a2477aed985
GET /images/form-headr.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 64741
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "fce5-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHwjX9reMdQu04%2BOOqiH20umEsY5ZMw8Gb37aiIlg14L0SQ%2FFwx1eyg485wMmBBvCFTrUVzCyYHityQ1QsvHNIad4JxgVKNfPQA80Uoeevq%2BWtLMcGKWF5M0tQA5y%2FT5hURBYII2OD2zpM6dy%2FY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5fd430b41-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/bitgo.png
172.67.192.164200 OK 3.1 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/bitgo.png
IP 172.67.192.164:0
File type PNG image data, 88 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash b25c5404dc3943f93693f5e04618e5db
9f3c664b9b691c4c1548758881c246e7f9931667
dfb7536168ad36c8e8b111a424eb737579ce0eeaf80b3f4300e7bdd9b762feee
GET /images/bitgo.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 3080
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "c08-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vC9Q1vpLwL%2BTJfpRTISU%2BHpWpHPcZ%2BS4df1PvIdOActjZKiHMfk0uBG9xVkyLKjTa8RK51nL4oRlLw58O783FBEWXyX%2BdsPrqQr3GCG3Viwq2ADrt%2FGJYPV5OKsg65PIgLs5xh4Nj1vWcOsIGvc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5faacb505-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/volume.png
172.67.192.164200 OK 875 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/volume.png
IP 172.67.192.164:0
File type PNG image data, 256 x 256, 1-bit colormap, non-interlaced\012- data
Hash 25209f54cceeb6ac42097d82256cbfab
a2cbcfb42b1ce89a17aed8bf640b90f057319390
cf53ba9a7f63136e884da82519c4f9343a04b1f56c4ad19b8014a91078f88e77
GET /images/volume.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 875
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "36b-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHVx77NDl1EeilJXLPx2bpmPuPoDJrAPHhCFtXuyOPnxUm8Q6AzYfahTPtWmbLRzIcaxsVyiLhmPhExrkd2oYtJEsMhFFT5tVcIHJrYVsqpNrATHZKzlrc6TZw9%2Bt%2FG5IHkgV8ylM8unaqw9vFA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5fd600b49-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/visa.png
172.67.192.164200 OK 3.9 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/visa.png
IP 172.67.192.164:0
File type PNG image data, 101 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash abea49af2179d59637e2ca7898379e78
449155b9b81d5d2a89eedac640317a514a5a2b06
175d4649926668778904590bb407aaa6d118b5f2e7de5a88462010b900cb5789
GET /images/visa.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 3931
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "f5b-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IukA5igtYmHV09VRQncdZ9RU82Fv01MKppwjI1nRfPfZgevrXMvLPqgRhL433QvbHqwfizzlffAiQiDhH6DxgDVLs4l3gtVRKkBYdfGzkRO7qilLlU%2FSHgpZO7AzTh%2Bl%2B329aubdny2SeuIwRpg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5f9fcb511-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/logo-secure.png
172.67.192.164200 OK 2.1 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/logo-secure.png
IP 172.67.192.164:0
File type PNG image data, 56 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 45062541f7b3118879867be25db1061e
2677fb34f1db4967923f82e6f3974c72c80b9945
a435b8877cffd4c48abf820dbaeab0a5fd77e6fb51148fc491874ca0370d0f0f
GET /images/logo-secure.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 2136
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "858-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8Pjs8lL7sPGe2x6pPqEITCLDJHjov1TUT26ppGJtmwtFTSZgx%2B7SAx1pybiXuR0oXxaJ1GN3j%2BsWFYoXGbXE%2F01nJY4ZPv7r8m0h7Y61lo4ore4L8PRSnEgs%2Fc6zafYjXnQbh4a6aRe%2BQvJI78%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5fc0db4f3-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/mcafee.png
172.67.192.164200 OK 2.8 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/mcafee.png
IP 172.67.192.164:0
File type PNG image data, 178 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 87b6da0e29bccb3f2031f8e844461a0a
82913e467ab9af87016e89e2afd885f7581e3c12
6fd1fe34a741dbad38a25cd795227c75e8888e4d68f587c6ed009a2fc8e89af4
GET /images/mcafee.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 2814
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "afe-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXJolJBQ2gmgl8nS9tuVaNAhgf7bvWycslRGlP6SgWnfh0WMScwY%2BZm60oiQhTGgGng7ELaCD%2FS%2B5fcfsxi4CrQNwspxhwj3jyNu%2BPutlTC6TdDO917JoS0hJm2Wb4YcfGUu4qfk31h%2BPgsurfc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c5fa8db523-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/css/stylesheet.css
172.67.192.164200 OK 628 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/css/stylesheet.css
IP 172.67.192.164:0
Hash a4727fb40f9555c367e333446719397d
768da88b33b3a590c440860d4ce4c1c6eef078be
cb99efe3a30415b9e8805abcd351ad4c009276130b86d2f258ce36b128bbbd59
GET /css/stylesheet.css HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: text/css
Content-Length: 628
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "1dab-5ae2d8e5c0335-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kys76t6v%2BJMw58QBtdtaCd5gceV6i2HbyhGLyiX0voY1JCm%2B1%2Fl%2BIz6TxHP0FxCKCrmCTCaas8HiLNDEL35882gnHjcrT0RQsyRPCHkuf%2BcUJKDH0IEekqlLdj65IytE0fQUFoVIRc%2FPLuWr%2BRQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c60d520b41-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/jquery.min.js
172.67.192.164200 OK 33 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/jquery.min.js
IP 172.67.192.164:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 600ba0fab9d0a671a1775845c5f442fc
500c2c6ee63ad25b616eff8bc2ba28006ca468f1
b5f897379be479725c8b3aae4d4a3ebd5498b9f0daa98b89810d6f09dd4362b7
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.min.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 33129
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "17505-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ur2lTP3zzMHtLK5r1De0lhEgCpSdJGBwVtUS%2BQWMvHQo7T2N08HsjvpM%2BDnjMZ%2FYubPlZweQYsqotIICqogYSQNa3%2BQYiSRB8e7u3jh0Zb8tS1C7%2FywHMeV4caedpVTcgvHsefn%2F5iUqV2yGuw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c61d7c0b49-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/bootstrap.min.js
172.67.192.164200 OK 9.8 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/bootstrap.min.js
IP 172.67.192.164:0
File type ASCII text, with very long lines (32003)
Hash da6fb4b64d1f22f682dcaa0433b4dec7
56493cb828703ebeb1e9fbefc163793613b65e7f
7d59f0296a0b229f7d0ffc0b4f02930d6a7b56070167c7429004d6b1649c9d64
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 9765
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "9004-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCqVYi8mXJJeCb3Ppai%2FY59%2Bf496D8ycsDS2hgZkaNbS16CsX85WC%2FSqrKTDQVZhyiN%2BFw8agLJTfqBa4RSX9bKr5PhHZfEMvbhHBtRqmx2DshxCJo6PEbCzqhw6Hqn7Xk4QbAY7NoNUysgpWJI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c61a10b511-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/getdetector.js
172.67.192.164200 OK 171 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/getdetector.js
IP 172.67.192.164:0
Hash ac823024cf969a1d5b53e9df077d3f89
49635c4cd50cf77afd5fed1a67d2da7b5bfbfd4b
af898e9e1f238b93793bbb129be21b3173eee747226148b61ac27ce444c7b6c8
Analyzer Verdict Alert fortinet Phishing
GET /js/getdetector.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 171
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "d8-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyqnuM88CadxVucYHnKxkkoodVqKaXlUvH5UnU3nQWxpMS1JcqEpnSBPYpxO7T2fZQT2jAn89DOcKssh5z3OLNGKl3zkDZnxaRopaxQD1k5m3iZ36gG1wxNvCrlBNzxAyFeNYjTNibYpvZt7tcU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c61c30b4f3-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/css/intlTelInput.css
172.67.192.164200 OK 3.2 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/css/intlTelInput.css
IP 172.67.192.164:0
Hash 7a8979f11e618234fc3edf447d2fde25
73f5d05ca776e5dc594aca1dd6513d064f0dce4c
028357db6be53e9af500089e90fb18b6834638f9ff0b264f73251486ca8345c0
GET /css/intlTelInput.css HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: text/css
Content-Length: 3184
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "5ec5-5ae2d8e5c0335-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tB3%2FEWdrlGe0QgjZ8qjMD%2Fk2RC3mCCxAwsz7t1PBVrrAeg0VZTUhS5PPgWW17l8EAWvzlfIeGZ6HLkFh8WgFWAYpCXrv7c5nuSctUtghB4CuVcKojj1E%2FZjWFsPwSz1N%2BvejnK6vzIclNS4a8Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c61acfb505-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/commonJs.js
172.67.192.164200 OK 3.7 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/commonJs.js
IP 172.67.192.164:0
File type Unicode text, UTF-8 text, with very long lines (4357), with CRLF line terminators
Hash f62f92f73b32d4e6aa42d64f638c673b
36982ed21854d70df5a02ca607539f06b7b77908
3dcbfff0124a8c924ea61fa92967db61f6a3f7c93be6bb87dae6413201dc5a03
Analyzer Verdict Alert fortinet Phishing
GET /js/commonJs.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 3746
Connection: keep-alive
Last-Modified: Tue, 03 Nov 2020 08:17:10 GMT
ETag: "307e-5b32f7d4c9791-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gtmpz2F5Tla1OAN7xZRvzN2aWtmLOJec3kv%2FqJtPNHxDanK35bpPa%2Fb4dL53pLidIPwJ7cCBUBOsBBmq7VPe2ICO97kvfhCn8bdk98a4zsGBabfGEiqc86AoGL1GJEZK%2Bkmu1rdFWLe28kRTejk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c61abfb523-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/intlTelInput.js
172.67.192.164200 OK 11 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/intlTelInput.js
IP 172.67.192.164:0
File type Unicode text, UTF-8 text, with very long lines (31861), with no line terminators
Hash c02a479b885c7fd0903fe30b922c01c7
27292f59402102f7aef34e6f8860b55c47273584
4cb39181801827b18c8d464df4126350dc8414204f9872cc2b2544a0b89bd40a
Analyzer Verdict Alert fortinet Phishing
GET /js/intlTelInput.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 10746
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "7f1f-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5iDGOFfVVkGbEZ%2FiIYNnadgIMuOTu2dYETPMtLwfXYEgtY%2BilcAEmI9yCaBbw7Py4X0Evct8p6OmQOfxp7xDTrJVi0iOQ7KKya6yVuGRbw8OLj9WGjlSd5ciCsM5JL7h0Pvt5aVBVc2P8mGB5k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c63d730b41-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/index.js
172.67.192.164200 OK 371 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/index.js
IP 172.67.192.164:0
Hash a41eb6752b6617231e927f43e6328d31
1f3e2337278157ec90dcf6e158cfb3f9cf92caaf
b8f08a43e15da5989883e60213b234919f978f4733783eb04dfa687f780039a8
Analyzer Verdict Alert fortinet Phishing
GET /js/index.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 371
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "779-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8it8cG%2BcSf1Lcr1gEn1pXWsjQIXRt%2Fq903pPGls%2Fp%2FqCxs9YXzDq%2Bc1blNe7BZI4au6lJI9S9DEqITVx%2BeANQ7WFKT%2BQuD3xK4QofFcsOrWySKqcnBnY1ydiiN5Ec%2ByuwwlkCwLY2Gwzf4pJZ8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c63da40b49-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/valid.js
172.67.192.164200 OK 2.2 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/valid.js
IP 172.67.192.164:0
File type Unicode text, UTF-8 text, with very long lines (329)
Hash 4107ce9369821f0f18a35d2d43d6d7fc
915b526355cb5ab1a72e6ef2ada963a3157fefea
11a1bd520d89ee5b45365bf34763d5d5e3ce5903530dab6384e3a3e8ac17197c
Analyzer Verdict Alert fortinet Phishing
GET /js/valid.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 2151
Connection: keep-alive
Last-Modified: Tue, 03 Nov 2020 08:17:10 GMT
ETag: "4fd0-5b32f7d4f088f-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcU9gJyPXh%2BVOqmB8bX5pPvAc41Ve4axV6iqlslejQEZAGOtf9rjOlmBzgOBojBQqjjOLFRMBuLAsxDXKVa4qHKdQGGf8xskdLbiDjrgztoTCysovg4f75%2BOQfa7hxy3qLrz8BWOlyIUFimFcQs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c63c4bb4f3-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/device.min.js
172.67.192.164200 OK 750 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/device.min.js
IP 172.67.192.164:0
File type ASCII text, with very long lines (2581)
Hash e8c3d80e1e921d221fe7c4bd62114612
953c177f49e43e47b659b3223fb79849072b3778
c3adf17c755bddf3ab3f292c2d60cb23f2f32447cc0f96821ffc28a85e3c24ba
Analyzer Verdict Alert fortinet Phishing
GET /js/device.min.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 750
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "a2d-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiaTA%2FV5qUR4PBDTXkdHjJLlIexjfJ7vxlLj%2FGeN7A%2Bc0Yjq4Zgb49YwprRWO%2BPIoF18xC2tbs%2BwSt9wrROaSOqXMV2l5CTXepMVshmRbjxPCGYpx9JQpgW%2B72V8%2Bv8m2SHjRhhm8wIl1lokUeo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c63affb505-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/jquery.validate.min.js
172.67.192.164200 OK 7.3 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/jquery.validate.min.js
IP 172.67.192.164:0
File type Unicode text, UTF-8 text, with very long lines (22555)
Hash 5e48b04c19ebb55b3a9ce44686d23e68
fadaa2d092e8df087f82ed97d6f6b992d3d35950
2892c86be09126919fe69f897c29c93602a75557de49bcbe63bf7e5315f26a6f
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.validate.min.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 7336
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "58a7-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVwp4igdDpZHL%2B03Ow69USYryG9t%2BNx%2FDkDlzBIzAYOCl7wGEKTQcy7GLsfyZDWSBDibEYbifkd12laBGzDaleqMLpwBYKy7%2BfQkGW3ZBt9V8mp2yjO%2FGhL7Gk%2BXHKhlA5mZTMMjQR130%2Bng3kw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c63a39b511-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/custom.js
172.67.192.164200 OK 523 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/custom.js
IP 172.67.192.164:0
File type HTML document, ASCII text, with very long lines (311)
Hash 477d50022d033f277a3615fab505940f
bfaf70ebeb331aad53f474a6cadf4b6d36d66a73
4b56fcad7e6a94701015fa15abdd904cbaeeb96bd8dd69c139b9a1f327cacf03
Analyzer Verdict Alert fortinet Phishing
GET /js/custom.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 523
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "543-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7f91w1LFrs1dXb8AZidRm7%2F8cTK03ER8OOVHOX1AiG5wG4cDBJSMWx1tZVh2PSEktIqgi7bR1Y5eL3lpt9mUrBb7Wp9GVqdGeEmPWEiXis541qIB%2F0Qz7%2FuF7T1JDIEgUfR7j37ep3hR%2B%2FNJcyw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c63b15b523-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/currency.js
172.67.192.164200 OK 454 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/currency.js
IP 172.67.192.164:0
Hash c80ec8bf9555b9df39b105cb32b393bd
1896b575e4c50c5f71fff9e6cb9e71f92ba990be
3e4c793c0ef854bd14a04eab0a6b833d46298f696991b663bc7065c680d395cb
Analyzer Verdict Alert fortinet Phishing
GET /js/currency.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 454
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "481-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBfTRFOdeO69xmPjAUpc6bAQCxU4zXZ9ooIUozTXs7b7%2Bql2vlzafQDHXvB8auG5n1LZCk0g351y2Z7erewOBvuWBsWGakfVPQA%2Bd%2BWc8XK8VWPEHuSbUwplJqaJ85gRqX%2FII8jA%2FJEPg%2F8a0ds%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c63d810b41-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/script.js
172.67.192.164200 OK 2.6 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/script.js
IP 172.67.192.164:0
Hash 8432b88d9d56250481210a86a49a0d5d
affe5e4b7831224f12262250e6c51f57b65220bb
893e1de21c658b0fb54438b46b6103ce148ce331065026cda6bd5459c2c46656
Analyzer Verdict Alert fortinet Phishing
GET /js/script.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 2609
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "2be3-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8G72tIt77Yw1ulu86s%2BUP5n1B8ZrGiWuOYPFbPdL1cmuCTlCFCYnE%2F%2BSnFp2iJd91lf75s1hgGtNAKOf%2B0iswsRts1Xrc%2FQ8Lg%2B6S%2FbBPC8LWTd7%2BUwBB%2BOeOeoIkEAVziDdD%2BIZlvMe96hn7Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c63db10b49-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/news.png
172.67.192.164200 OK 4.9 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/news.png
IP 172.67.192.164:0
File type PNG image data, 421 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 258c78f9e4fde0ef2fe3ead15f56b6aa
36dc07df5968528e4c7db8394736f412b4241e52
34fb9a079b52e3c69c3d8e0e9c44debe07087847203a688aec16b11ef9658310
GET /images/news.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 4930
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "1342-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5ekDTaphDEoQHCOUyLL6pyaEcpnqRo82bYU4TpRqOIZu%2BZfrOGuBDQu30xLKWoWlWnSZPMWV7PMKqWGXLSv%2FzIeIcgBGN5r9DD5TRaKot7QO9FyBJISuW29CVzghYG%2BbhdxP9FcsRbulN0vKfo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c64b18b505-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/winner-1.jpg
172.67.192.164200 OK 27 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/winner-1.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 165x160, components 3\012- data
Hash f7c244f281b82d6ef8a0ea2095ddf0bd
d6972aee888b3bf961b6f6df5663377a845b8b90
88a53448024dc6e280b1f2b863d530231bd091e0e9c8284d595ce318012f5aa2
GET /images/winner-1.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 27417
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "6b19-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjhNnEegovigRpQIPi%2F%2FBBfx%2FxP%2BmaEfCxLkebEMPEc7BIBGknYE3npqtAe9mjU3BegiFvIYOEz4dS%2FyBDLJoxuLN2cunrf2j3rCBPu07ujPIYL2np%2FS9KPvmaFDKOV5xa3kU%2FPyjRS6acW6EEg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c64a55b511-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/girl.jpg
172.67.192.164200 OK 39 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/girl.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 552x640, components 3\012- data
Hash 9a6143a64187e4503f8ab49a86e1253f
7803f71c0c3ba527ddab1fb5e9ce4f328fa51389
79a26b81a1e8082605ae24a7072732a934da14706a704667fe22c04271784edf
GET /images/girl.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 38828
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "97ac-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNQ6SMw%2FljFY5W%2FV7Mdo7FNyLuPynjewh8Pk1KUhbmT4Re%2Bh2LDlSXWkMqejTky%2FBS0Pjs%2BVyewBkukwDU7GmJFJ3gAEKVxRlSW7JYHUMVyzsn%2BgB1vp%2BX9bh2Q0cWA4reAvCskPG%2BoXkRwAaPw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c63c60b4f3-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/arrow-more.png
172.67.192.164200 OK 194 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/arrow-more.png
IP 172.67.192.164:0
File type PNG image data, 22 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash 13b128f47e5c68a9439a6367edc01e09
ad98a4bda2fe4dce486a0077d8c61e1a99d738c8
3c29ecfe4c96f47ea10e62d508cebf55e9d81b1933910b2c242b91b4b4d78c40
GET /images/arrow-more.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 194
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "c2-5ae2d8e5c0335"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eou2TiSaPSVTi0GaS5VGztP2UcVuoWkcIiGjODFULoaDie6KPWm5otu325F35DIY1o5Pvi09xQd21zvY2M3oDhEL67gudTWsTTNaLEQCLylSqM%2BLeXgRULS2I%2FVH9hHEcGGK41gsPyVcJXySrxE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c64b33b523-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/winner-4.jpg
172.67.192.164200 OK 7.4 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/winner-4.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x160, components 3\012- data
Hash 6788bc0e8c392291dda1aa9b20f0fc95
c480412e8aa29df54fb588a90685a7b975577e0a
04b8d5d17c1fb91b941a90fff455ae43dba0cea1198dffe93cf3c4d8bb11edf9
GET /images/winner-4.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 7391
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "1cdf-5ae2d8e5c3215"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNgR4vaGtd%2FQWgowuhUKb4vRhxmZzBHpW0824MqbVgcvm490rDUJrHJzonjf46BgBitWRKFU0EqTLfo0iHskROVkWv5WT%2F4iBqlJsAGPE8dgVyIekP5EHJ99Jy7yUhE5%2FdUig8eaNsW%2BzgR3%2FzM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c65dcb0b49-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/winner-3.jpg
172.67.192.164200 OK 37 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/winner-3.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 165x160, components 3\012- data
Hash 1df9730db0c2aa14619c70b186d024c8
5aa68a7448c4e12e9194b06cdf8ac7a968ec3731
d1cc520c57effd7332520eb9e4818744de33a61b47cf68d67fe3cab079d09d81
GET /images/winner-3.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 36997
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "9085-5ae2d8e5c3215"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXVvliB%2BalX9HE8IjV%2BKoocydmX8v9RirCXzkzi2ashrOY1Y1sjHZtPw0WiCO6iX34xdnfpDw1KQYTPnQaJYIUmzdIZOo%2F4jTpRuGGRaExGqfbFjx1xKm%2FQ7baepg%2BGtvrFCeQjgDJM27fNsTXw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c6dbb9b505-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/winner-2.jpg
172.67.192.164200 OK 6.6 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/winner-2.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x160, components 3\012- data
Hash d715cfecbe46a65a0df4fb0118205e81
e8e40e2fb4c546723ca8fb043b4261170beea234
093cbb89a7d9c694e178aa3f7253971654c512c3ef0b31c2fc47aa1f63056bae
GET /images/winner-2.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 6615
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "19d7-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqHX%2BMjNvYufDGz8qGtlf0yNWNeWYAT9HWdB2iKS%2BmTOM%2BZD6H%2FQ5529SK255fiAZTICY0Hun0FkJBN6OR053g36YCKyvXvMnCpzbDeyTQISS5iCSyKGB9tlWt68c6EPQZXAx636PptZuH3oXUs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c6db30b511-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/winner-4-big.jpg
172.67.192.164200 OK 33 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/winner-4-big.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Hash 70316b1abf4d3f1aed5af623a4d1bc61
656dd7db022bf8761acc4d8deb9715c18b49f769
0ac43344fe2b7ef36ab6e92b841d8b2e18e6348dd701ce236af3c9d3577715b0
GET /images/winner-4-big.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 32736
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "7fe0-5ae2d8e5c3215"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxbmG92ugFh7Gv3mn021Pq1GVYAZ%2FGw7cOjLB5cCoPPKiEopyDZcQPMMrghO%2BqC9GJnSJu1R%2FdjTjTAsEdkWRyrD5eGBdbp03U6E1gGbxNlFdTZbzWybIjXAXz7t1jfCA%2Bz4OfmXlNT6TguECac%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c6dd4bb4f3-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/winner-2-big.jpg
172.67.192.164200 OK 29 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/winner-2-big.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Hash f58523d3827ed06e1d9f13988756a422
6b94f68929d120b3f94b68ab9e9c4e3517a80e01
54fc61b152336f77f47c89a5eec4a340500d4656fcd69f2640fd716d542b0e98
GET /images/winner-2-big.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 29446
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "7306-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJJE4LZ%2BdCOHgEvQJRBRYdFa99sBaJP6dwh3mqrjSwXceDBzyIlI6Xlar79t86xsbzlJxNLnde1m9g%2B%2Bqin4IqBOipBtm67xC5T%2FmxKz%2BhXmIsxVq73dJDMNLPFLbOZGhT%2Bh92Cx5jPnQ%2Bh7sZY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c6ee850b49-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/winner-1-big.jpg
172.67.192.164200 OK 111 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/winner-1-big.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 266x540, components 3\012- data
Size 111 kB (110901 bytes)
Hash 2adaaa8bea730c893a23ef846488aba7
c6466411ee5b1780f083f4f8b317416cc19ed5e8
3d721d00a999bf0593fb78ac80d87132da24ed8f2664ea261e207dee7343c5f0
GET /images/winner-1-big.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 110901
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "1b135-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aasjrEyaJoI7Z3vQgOqmccD4juTAYFLwnxhTHN5jqe6Skwfs5zkh1Fwg78qBOuyjVOHwNlfbq0rScFMsdWlZd838e1RXDOAFg8tYMkRXWhvuvd%2FJf0AtGOpxDbB0rKJXwlzQpdbTWyB%2FdNM17ZQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c6dc1bb523-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/winner-3-big.jpg
172.67.192.164200 OK 138 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/winner-3-big.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 266x540, components 3\012- data
Size 138 kB (137585 bytes)
Hash f8a57e5f61c140819f1d2d18f8bf9e4e
652bf83227211643e2d50fb713fb5e94bcfe266a
6925214774e3846dd376830c0742dedb0468aa1d891af9535eca387a181c5fb7
GET /images/winner-3-big.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 137585
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "21971-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iulf%2BdDKyQafQzi7PMV2P%2ByfuEMDO37f04slub79S2X2OoDKupdVG%2FFnSljbIeEZyj9yz3S9VKZYWq1vi5BJvallvWR%2B0dxKBBXQqqR2iRVU0Ufdu74WSH0ZbTKyIvgwX9E6nQarRK2Pt4M1Weo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c6ee550b41-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/question-img-2-mob.jpg
172.67.192.164200 OK 56 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/question-img-2-mob.jpg
IP 172.67.192.164:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1588, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=970], progressive, precision 8, 211x345, components 3\012- data
Hash e9200aaa9d85eff8c99359578c786def
99e2e802bfc882dcee5659f1ec2561c861640199
b3e267f4807ee0124c2fafb2ebe56759e830bce3b735c13ea774ddd32bb8d78a
GET /images/question-img-2-mob.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 56031
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "dadf-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66eLZ51vb%2Fu4PK5sKHqopttl9FLq2VbAWvIf9duvJbHN%2Fxpqm5PT7xSx2BXWN%2Fno1UQrO6PtKG6dS5%2FZtpdz1c8lsML3SB0GkLKLEYBVjs2%2BxBfEG44mW1YLe6t6khuOjlNvNz%2B8LbUqC0KeduE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c6fd7eb4f3-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/question-img-1.jpg
172.67.192.164200 OK 225 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/question-img-1.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 650x400, components 3\012- data
Size 225 kB (224790 bytes)
Hash 83c2b18fc5fc01f7e327fe1b200632ca
382cf15572716f11afed7cc4eda9754980ea8902
b30f3313447b421ac4ad4f10f699004ff5fa37fc7b51ee057871df92a97967a9
GET /images/question-img-1.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 224790
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "36e16-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2u3lBjUO8tsin%2Fjke8lE6ALcxp49RTTmnzR46AsHD7lp%2BGKugkw7MSft4G%2B6cpz6tDD1m7NwyGWFOk7M9l2%2BqU%2BZOagLZFhKyVJVbwN%2FIuGmbqpmEVR4rjfjsu%2FB48lMOvGYZyj76kBlZzoG%2Fc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c6fbf4b505-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/question-img-2.jpg
172.67.192.164200 OK 126 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/question-img-2.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 650x400, components 3\012- data
Size 126 kB (126193 bytes)
Hash 0a09a50b3c2c21551779cf46ce473784
7c2ecb19ec5790c850147ad83a04dd6589f9a38f
cde40b638254a00393bc2acb88acde723ffe8937fca0a3597d0d7c7d50e6dc17
GET /images/question-img-2.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 126193
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "1ecf1-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSGLX2c6HnBGz7FRYqZFCmP9bW9Bf6RlVbrknVKYrB41cGLvRUNj7zCoyOv2T8MzbH%2Bomzrv8RYMQmFPT3GixtDDNW%2BkW%2BQLPhbiC6SyoEUCiargMzzKbG4tcIUROY0FIsu%2BEbwmkfxYRJviI2c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c70ea50b49-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/question-img-1-mob.jpg
172.67.192.164200 OK 75 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/question-img-1-mob.jpg
IP 172.67.192.164:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1588, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=970], progressive, precision 8, 211x345, components 3\012- data
Hash 1daa8293ecca4171e210976e0668bce5
47b765eaba90147277541cb3506457f2c79c577c
1654ab424c16995c5e454324c956f3d628a4146b7a8c11d1f80e8049a4f14a8e
GET /images/question-img-1-mob.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 75262
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "125fe-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UCwVHMc8Eb9%2FUJbR0Kbr7ZFLzOeVsPxDaSMYLwUT2ynFw130RZY2la5DJXDkSCRzDqJy9909UQainHHuEJit3XrzyDf7dtvd4FHMkqyMXG2KqX0GXROv5tT1B%2FVjWosw2gr%2Fci1JY%2B%2BshTbzeA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c6fb9bb511-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/question-img-3.jpg
172.67.192.164200 OK 65 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/question-img-3.jpg
IP 172.67.192.164:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1588, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=970], baseline, precision 8, 312x511, components 3\012- data
Hash 2969353ec669c4a670464339e0200aac
005b7a977579f798fee6cd0d0458f50f58527362
5a54143606df25b867d1d086277980f8cbd97f09e40e0469c66c73837c8e8f94
GET /images/question-img-3.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 64801
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "fd21-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgIJF6FZcxy%2FQBK3dNoJFaSL%2Ff1f9ZZEdb2HM0RLRETPOFNvXlcpA4JhWMj%2BHsxChrbEXt6iEsYdr29KUYADTr6l31q6PmvIsQSTeolxDDnBxDY2pcvZaYaI1R3aV4%2FmlUJmgH1VdSlpzK8W2GI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c70c7fb523-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/question-img-3-mob.jpg
172.67.192.164200 OK 73 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/question-img-3-mob.jpg
IP 172.67.192.164:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1588, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=970], progressive, precision 8, 345x565, components 3\012- data
Hash bafffb92a0d927a88d56731121fc7ffa
2fd9c0641f6b3461e8e2b0dea1028f4dec82320b
a7b7b68032445f1cf5c8956ccf4bf7b21d16a61ab882ed9e892192554bf8dc2d
GET /images/question-img-3-mob.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 73202
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "11df2-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FHFbQaIvOzlCHW1u47002APUzvh5Yp4UBtWUvz5FfRLEsu6w%2FCCNfKuH5fSlP4xnXulYgOKvEVwPQu5jygSllD7INQGHjl%2FHkPQ8JwpNR6%2FqLpwIqec0rg%2BOY9us%2FTLN5YycEZA2vRD9bL7aGg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c71e740b41-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/phone-footer-mob.png
172.67.192.164200 OK 57 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/phone-footer-mob.png
IP 172.67.192.164:0
File type PNG image data, 345 x 287, 8-bit/color RGBA, non-interlaced\012- data
Hash ace158c523ceadbc27b2980efb76da71
c154a5b7f4c5fd09581982a1dffb773ac3d4b30b
501c93c15e408a7f90b5c3c284bdf4f11e3245dd7afd146dec4fb2f1bd2be867
GET /images/phone-footer-mob.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 57137
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "df31-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmBjJGWzfQnMwstxXTibURpvz6oRDWO69YNqv5k%2FQ5UOeFyT8c7jPRqQ3QMkOWhSjMCfEczxvweUKHlxD%2BSoWHAv5d7x1PxG3yE2yTXVibatL9MWTg2GypFWeZEYemkKdEOmOHo3JHaw9pIJD2Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c71db9b4f3-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/bg-1.jpg
172.67.192.164200 OK 35 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/bg-1.jpg
IP 172.67.192.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x635, components 3\012- data
Hash 9fb8b58bf1f4d7a4e4f48c802db45d3a
08acab1cb6db370fc2ad202b51d16cfe74472d18
46910e0861cee4d834caacbc697d5f3a1c2bf9c9b886aa735cf85e5126a4e597
GET /images/bg-1.jpg HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/css/index.css
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/jpeg
Content-Length: 35250
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "89b2-5ae2d8e5c0335"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKteJs4dyuzjlH20fWul5K5Xs5zf%2FNpi%2FjnaAR8I1m55%2BxSJq4EfvOPBJrH977seYUMp2sjGVlhKMOM%2FBAh8bQZ6GH%2Fo89auBboUCdfKOoA7i3PmDz5ptoGu%2BnOn8MbCBg1wfeeoiSIDgbFlvko%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c73c37b505-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/video-bg.png
172.67.192.164200 OK 18 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/video-bg.png
IP 172.67.192.164:0
File type PNG image data, 718 x 483, 8-bit/color RGBA, non-interlaced\012- data
Hash 8dd29840a948fc212ecdb1491887d759
aa576c83e835cbebc31e228ee9aef149703df0b3
8d1dde37254b5226ce22faeda024ea1ed05a5777919ce2fc016d7261158d7fc7
GET /images/video-bg.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/css/index.css
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 18232
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "4738-5ae2d8e5c2275"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9dvj%2BAUo7zBvOWiyhFasQmI%2FDYl0A8GdZK%2BKtuCO%2BbY20bEKjWqUzQYii14APhoChHNmY5VymYG2qKiJgqX%2FPtG%2F76lOTMIjSg4qM9VxrqWuuJAXjehdkdNovdbOpvBQQs8YkkQOrDXjwJPPSU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c73ece0b49-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/arow-faq.png
172.67.192.164200 OK 336 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/arow-faq.png
IP 172.67.192.164:0
File type PNG image data, 8 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 67f2ec41cf2f736f6b332013b8469a63
28e6b191530333a42154fc07c237c69ae9c56be8
19b3c44ecdc8d7716e0e74921747fee6eb7ca42a633823a912ca507f3352a788
GET /images/arow-faq.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/css/index.css
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 336
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "150-5ae2d8e5c0335"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WN%2FLUkcFtmoiMWKNTr6eUTHvbjDjhVQab%2FIL78qvulCOUK8Wb%2BlrdUOoyTMzSYsngTrIWwtdP8VzkIDG6VDwJdoWisShtePXPwIKC3iJr4v%2FxITbXfHY71iR7c8N9EXIUV3qk4TgHBOHA8Ulcbc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c74c1ab511-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/arow.png
172.67.192.164200 OK 288 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/arow.png
IP 172.67.192.164:0
File type PNG image data, 16 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash d7d76b0fc5cf7d508c710b7a03b3649d
1b3295f510e718d8e424378f267427b1f37334e3
d62c7720997e40b741b93b71e95482154b1433e44de564c3d695ab681c568996
GET /images/arow.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/css/index.css
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 288
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "120-5ae2d8e5c0335"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FOMyuxK03athlarnbyNyqv0c3IN7SVlTi6vUS1PoGujW9teYmt53%2Fr2UfNsjqI0HRlUETP77lGYNWlpqQFmfAL0WCz15Gm%2B%2F9MbOE5J1v4cA6n7tjeWg3b7FqVTtsadFCx412LmSNDcHe1OJgU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c74cddb523-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/fonts/S6uyw4BMUTPHjx4wXg.woff2
172.67.192.164200 OK 24 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/fonts/S6uyw4BMUTPHjx4wXg.woff2
IP 172.67.192.164:0
File type Web Open Font Format (Version 2), TrueType, length 23484, version 1.0\012- data
Hash b4d2c4c39853ee244272c04999b230ba
c82e22dde9716c40ba20e6c7ed03a1b66556de15
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Analyzer Verdict Alert fortinet Phishing
GET /fonts/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/css/stylesheet.css
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Length: 23484
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "5bbc-5ae2d8e5c0335"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FEtGAYW6osOm8t4TV40pLHZzJZLkMJHNF8aK%2Fqn%2BdMKYErFIRH9iM1zuDdHAueAy%2FQ%2FutzA6Qlg65FDYAsRi8C%2FuQCREAQ7H3sqbfGhgNqcvv7WiNOWUdzQQmjIt%2BtPZ0oYfZ9%2FBnZFMi6yLKk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c7ed04b505-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/fonts/S6u8w4BMUTPHjxsAXC-q.woff2
172.67.192.164200 OK 24 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/fonts/S6u8w4BMUTPHjxsAXC-q.woff2
IP 172.67.192.164:0
File type Web Open Font Format (Version 2), TrueType, length 24440, version 1.0\012- data
Hash 117e995c97eab30fb92843616018d1f1
0cdf5ffdbc568f9f4d726f56bca92fe6b601da7a
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
Analyzer Verdict Alert fortinet Phishing
GET /fonts/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/css/stylesheet.css
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Length: 24440
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "5f78-5ae2d8e5c0335"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlimNkOF9M7NcIqIQ8yz3iGer92uz7oXiISX0T5knmDiq8%2FxZh7ASdYOnMY%2FB%2FLN%2B4y506wIj02c1lyUjl9cQCfLnWXsUJVxGmVsSD78gMz6miamGvLBaiEh7QNJ163PGiHLbLcFF4OouJ9Qcjw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c7fcf4b511-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/fonts/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
172.67.192.164200 OK 24 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/fonts/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
IP 172.67.192.164:0
File type Web Open Font Format (Version 2), TrueType, length 24428, version 1.0\012- data
Hash 5ce0990b59e1ed40e05327f625a24c4a
ad102c7b99bb6d8f62d305df00238730cbcf4357
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
Analyzer Verdict Alert fortinet Phishing
GET /fonts/S6u_w4BMUTPHjxsI5wq_Gwft.woff2 HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/css/stylesheet.css
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Length: 24428
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "5f6c-5ae2d8e5c0335"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj8wyQMJ%2BkPJWHo9CwCtAYGnCNuOIkfojyvXOBRxuZEi2R9UYA3L8SgN%2FJAewFGTzA3brNf3gtT7vnhFmrVCIpoeSkZMvvKSxUiLf0zZXvMh8ShG%2FUAhjWR%2ByUKVmRJU%2Badm%2FDG2qgTNcoUOi2I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c7fe14b523-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/fonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2
172.67.192.164200 OK 23 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/fonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 172.67.192.164:0
File type Web Open Font Format (Version 2), TrueType, length 22992, version 1.0\012- data
Hash 1efbd38aa76ddae2580fedf378276333
8a49976f2470ba2a1db6144245355d3b889312e4
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Analyzer Verdict Alert fortinet Phishing
GET /fonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/css/stylesheet.css
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Length: 22992
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "59d0-5ae2d8e5c0335"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDZKxwxvdKtNQtM1HHCVLcURV%2B8UAQJCJ%2BMdBk91Ey3I3DIkNq3%2BupBdJSDUHA5%2BWtAaCRbRDdJ6mk7RUSJZNlKOL3jt4MZkbqhunWptN18bigjrzq5mKmIWfLFHTgDK8jFRBmR2bk3JCEiRXKc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c7ff740b49-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/js/youtubeUP.js?_=1662464902016
172.67.192.164200 OK 828 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/youtubeUP.js?_=1662464902016
IP 172.67.192.164:0
File type ASCII text, with very long lines (858)
Hash f8292f7ded6071a766862916802427e1
b7a5bf708038ff68d1cc3818eafd3879a85bff05
c25ea4d74b8088b75bdf3034b008445e1e598defb03a98d229f4fb4b9559a555
Analyzer Verdict Alert fortinet Phishing
GET /js/youtubeUP.js?_=1662464902016 HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: application/javascript
Content-Length: 828
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "710-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wm7EwtimtYkvLgpmG%2B6eaWqXWmdRYVcUsLCmcJ2c812Tn%2FgPaDA5cbOodPLyuCiV9VEZ22BGGRNLBlKvfqDGYiguoqqxJ8ADPbsn9WiveN7%2B7M2z4I1NTP4SyAOAoUMHiqYbbttuzRDywyJ2blM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c80d20b505-OSL
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/geo
172.67.192.164200 OK 68 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/geo
IP 172.67.192.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5e2efba0c68fa942989d3db66c1ea559
363952a398fb1c8e68e1a07a7dc7f6c51cedf3cc
20d8c66d00e2e1bb0f6e0b524cf604c39bf4be45a8287935953ad25467bbb9e9
Analyzer Verdict Alert fortinet Phishing
GET /geo HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Vary: User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ma%2FaA%2Fv28P2fNsUmgl5HWb7twA%2B7xErED1eUf85zHuHIr70afWnPwxvf1B6dDAb47Hl9AWQD8tiN9Pevzz2fGz%2BmT%2Fytr7iDJgLF4QZDSNk71usEzqMCRZRcZ85ceYZ5B99E8JJYkS8h9UChik%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c89de5b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
no.bitcoin-now.fimivauj.com/images/flags.png
172.67.192.164200 OK 19 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/flags.png
IP 172.67.192.164:0
File type PNG image data, 5652 x 15, 8-bit colormap, non-interlaced\012- data
Hash 8563332883ccb005a7085e4601591dab
e57c24805bb6e1c7ce09bf2cd39b1c448d2d7b62
d741943140332f502b15246e4cab45ca9295e5e914578815b523cde68ee11ebe
GET /images/flags.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/css/intlTelInput.css
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 19132
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "4abc-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5877
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVLfinY70ohE%2F2Fb2C2rQaVvQVKBdpnG1tTdzzbjI2Zf%2F5H1uQ5GsW%2F3wStlehPa2znwgrV%2B6BG3t%2BI4AmfqhgN5Zo%2Fp3ompBzB1yJ9n0666LBHvIg89m%2Fxs0tAhDMw0bCxKq7g0skEUqBWxXMA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c90e4bb505-OSL
alt-svc: h2=":443"; ma=60
s.ytimg.com/yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js
142.250.74.174200 OK 7.7 kB URL HTTP/2 s.ytimg.com/yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (783)
Hash 8a16a770683ddcefb4bf88b49fdf94f8
96eb759723f032cfade39ca4de4082166aca8be4
173795ca8b1880e750ef95ad05a896e225a530f2aa27536ba3d15c6603a22d8e
GET /yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js HTTP/1.1
Host: s.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: https://www.youtube.com
content-length: 7738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 12:02:23 GMT
expires: Sat, 10 Sep 2022 12:02:23 GMT
cache-control: public, max-age=691200
last-modified: Sat, 23 Feb 2019 21:30:08 GMT
content-type: text/javascript
age: 344764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
no.bitcoin-now.fimivauj.com/geo
172.67.192.164200 OK 68 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/geo
IP 172.67.192.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5e2efba0c68fa942989d3db66c1ea559
363952a398fb1c8e68e1a07a7dc7f6c51cedf3cc
20d8c66d00e2e1bb0f6e0b524cf604c39bf4be45a8287935953ad25467bbb9e9
Analyzer Verdict Alert fortinet Phishing
GET /geo HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Vary: User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KA%2BQNHfClhd1PQLNabN8JfmTnzKFum%2FpxBFxmQGHzisCxwnnU2uXiU83L3ZWzTupC5qJIEcziknGPT%2FLQwDruA1YrCu49dlBbfmvHKC1xbmzbt9SSQOhuK%2Fxzc9%2Bl%2B49Z3hvlKmjp1cZRYlPrDQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c8a82e0b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
no.bitcoin-now.fimivauj.com/images/favicon.png
172.67.192.164200 OK 535 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/images/favicon.png
IP 172.67.192.164:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 104fde7d7099c609f072fd8429535fe1
f16cf1038806a48ca9059cb22c4cc2f8e6701b93
93a0e42e4cec86adf8c5c90ba9139737e82252b90c1f6bbb575b04a7c134459a
GET /images/favicon.png HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: image/png
Content-Length: 535
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "217-5ae2d8e5c12d5"
Vary: User-Agent, Accept-Encoding
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6L9nt9lGvRjVHNYPWflSZAUO7UuoYanjEdQzBcO3G9omm6Yv0xnHzS8f%2Bfzpy%2BrzG5biT0HCuhRcleLwLS4c7QYbOavURbH1AOwmH7vpkzdBXDa%2BAL6mp05Vw2UHjGnubhMmLNMtq0qMHn3MWQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c94ec0b505-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
no.bitcoin-now.fimivauj.com/btcrates
172.67.192.164200 OK 346 B URL HTTP/1.1 no.bitcoin-now.fimivauj.com/btcrates
IP 172.67.192.164:0
File type JSON data\012- , ASCII text, with very long lines (772), with no line terminators
Hash f28fdde0458e74f7565c45c9b63ce527
e2570a37cb1003c4ecb435c0e7a5024d214e9168
3736de0685eef4b503c09bc66007cfd3a03ff69073852b23a350c1bf036d0ae1
Analyzer Verdict Alert fortinet Phishing
GET /btcrates HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Vary: Accept-Encoding,User-Agent
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjVHVmo4WWg4NDNTWGFXR2d3eU5sNWc9PSIsInZhbHVlIjoiVjVseGNyMHFVd29xcmFxU1h4aGdxdzJtWTNqdUI0TGZQTFVHSDByQXNuMFVVQVdIZ0svcXJPNlZhc1ZySlZ6SGRQZ0pWWXF5cHJXc3ZuMXR2b2F0KytCeDloelQvcnFGUHFyZmxLT1NSM3I0RnBmQlR4TEJWSFFFRnZxRDYwVzgiLCJtYWMiOiI1OGY0NTUyZTA0MzQ0YWUyOTJjODdkNzExZDQ4MjYxNTg4MjE3NTcwZmRkYjQ0ZTRlYmQ1ZWQ0YzBjNGFiMWUyIiwidGFnIjoiIn0%3D; expires=Tue, 06-Sep-2022 13:48:27 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6IlIrUkg5dllHTFh5UnBUcUxCYk9JK2c9PSIsInZhbHVlIjoiaGV2SUFwbFpIa3dsaWFGSHB4R1FOVy8wZ1Z5Q0hCelpzUitIOVp3dWxJV05HWU5pWk9NclNZVm9YT1BCQ1hsVVVmd2xVcTFtZkU4cmJyaW1oKzh2bm55VzMzbWh6NU1nbnBuY1Q5Qm10T1JKME51OTB6VTF1THdLVjB2aDhLbnIiLCJtYWMiOiIyOGYzMzMzNmM2ZmU0NjA4MGRmMmI2NWZmODM5ZWQ3ZDlmZmNkMmUzMDVhNjE4ZDc4ODM0MjE2YmVhYTgwZTdlIiwidGFnIjoiIn0%3D; expires=Tue, 06-Sep-2022 13:48:27 GMT; Max-Age=7200; path=/; httponly
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaWhU7jqRMDsGSkAco%2BmfBJHZ5b7Dgb%2FbwU9sdqAo%2Bv0wwYX6%2FPj0UykM4rgraF6Mp2WMKokN%2F48HKOL5OFenZqGo7L4RtruiJgJROiKhzD9%2Bbs5XLrKWYdLDrNcVCm9y7tJiiXbDKSu1oHy0JU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9c96edfb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12222
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 11:48:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12222
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 11:48:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12222
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 11:48:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12222
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 11:48:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 11601
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fe4a321dcd6a94a637a528d74f9321a
3f3aad2cc71226b39549db1a9baa6837d4f1d897
a19b6749429e8ecaeac8fc0849abc4d891bfc628489762b1619a3ee3064536e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12573
x-amzn-requestid: 93ac3b01-e2e3-462b-93d4-8f1bf949a015
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5E5JIAMFTJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-7fa8ddcb4b17c5ff1c214b94;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qU3s1u1OYmhFyNM8dgd4R3mLfgN3VXlj7z0WGWFhmW-U00wuUld96w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:23 GMT
age: 50584
etag: "3f3aad2cc71226b39549db1a9baa6837d4f1d897"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d404793e430ea237e75be9cb1e2bce4
059b34d1809abedd223f7beec75e7831673878be
f180b1cdeb9a794ba3211348673783508d021aeaed419d782374be1a92a4c8dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9300
x-amzn-requestid: dc833608-6b16-4baa-af21-d3885043556c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWshHVxIAMFlGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-1710086818614ab247bcaf58;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sPkksSz3FIV3WcWpoY8E8UYKmUTE8LJ2lr5WO2JVNCGIuAvpPwYMYg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:56:40 GMT
age: 49907
etag: "059b34d1809abedd223f7beec75e7831673878be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 19b452d6541a6028e7d3f90529477077
1c16eb50bc2490b4ebff6775ef611fdcb282f9f9
f4763a0f464067991c2c484c384df4fe791d7df6e3d6ad15650a954db537249f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10694
x-amzn-requestid: c3d2f71c-927d-41f6-93ab-bf041374a9f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsgHQOIAMFvSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-5d2efd595cdf300972f4fb79;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eikhT8BkN5e163S6QriQybdyPNTKDTf3BCsHifNwfBJfrWv7LqgL8Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:06:45 GMT
age: 49302
etag: "1c16eb50bc2490b4ebff6775ef611fdcb282f9f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:06:16 GMT
age: 63731
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 26245
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/embed/6D1MIjhka4s?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=6D1MIjhka4s&mute=1&enablejsapi=1&origin=http%3A%2F%2Fno.bitcoin-now.fimivauj.com&widgetid=1
142.250.74.174200 OK 124 kB URL HTTP/2 www.youtube.com/embed/6D1MIjhka4s?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=6D1MIjhka4s&mute=1&enablejsapi=1&origin=http%3A%2F%2Fno.bitcoin-now.fimivauj.com&widgetid=1
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60273)
Size 124 kB (124548 bytes)
Hash df40bed289bba31de022cfbeae20c5ab
3a7a1694cad81fcac31b2681ba81b3e78a4ac7ef
36ecf714dabb469965b8a182940977d305ae7cf7a0bc5158a3ff7794c20bad05
GET /embed/6D1MIjhka4s?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=6D1MIjhka4s&mute=1&enablejsapi=1&origin=http%3A%2F%2Fno.bitcoin-now.fimivauj.com&widgetid=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 11:48:27 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=-sfCAjJw3Qo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=EgI7ZWnF7cA; Domain=.youtube.com; Expires=Sun, 05-Mar-2023 11:48:27 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+413; expires=Thu, 05-Sep-2024 11:48:27 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 12:31:58 GMT
expires: Sun, 03 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 256589
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 31abc7fe976dbf9a68d45fb57e0c86c5
a1f6f5404850df3149a769dc685f5c795bc08435
0859eece0557d6b1b48ed8f04c2eb55bdc2ca3fb4633e52a193b206fdefbb5d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6425ca79a6b35c174b398487116a75cb
9aea4145116e0be668e3edb52b503e1c6b2e5975
45493b683399f944354cfa69b27a63f9620142175a9efb71fb2282f13d47fd84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 11:44:23 GMT
expires: Tue, 06 Sep 2022 11:59:23 GMT
cache-control: public, max-age=900
age: 245
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.2302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 06 Sep 2022 11:48:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 31abc7fe976dbf9a68d45fb57e0c86c5
a1f6f5404850df3149a769dc685f5c795bc08435
0859eece0557d6b1b48ed8f04c2eb55bdc2ca3fb4633e52a193b206fdefbb5d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6425ca79a6b35c174b398487116a75cb
9aea4145116e0be668e3edb52b503e1c6b2e5975
45493b683399f944354cfa69b27a63f9620142175a9efb71fb2282f13d47fd84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 06 Sep 2022 11:48:28 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3df811ac19fde08f49ef246c29cef161
e1c8d54b357adaf32e80427028cc884fa35959e0
e2749178e0bf0c4045a96388a58029ddd92d13a866021737864cd68e11317292
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 6ba261d7ff21c326be7fa75dfe9df506
8e848cb4fb8426bb316c0f8bdfeee7fad600cfc5
470c6160ef6a5c8a6c5101e404816644e91c77ff5d8be617c875af568a7d475c
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Sep 2022 11:48:28 GMT
server: ESF
cache-control: private
content-length: 30634
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/97z2yBxPcYiv6eioOAzftW1739b5eZ3I_zVAeb-vK4k.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/97z2yBxPcYiv6eioOAzftW1739b5eZ3I_zVAeb-vK4k.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36079)
Hash 72692ad1b05fd9a02ff85f1c3ca30a46
520a2098d9be492a862bab96f6653393205e00e9
1c17c960446cf9498b1f6703a553a7e59f005816bb9991b97c5718524c5fa4d5
GET /js/th/97z2yBxPcYiv6eioOAzftW1739b5eZ3I_zVAeb-vK4k.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 05:03:20 GMT
expires: Thu, 31 Aug 2023 05:03:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
age: 542708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8b3fc7b78a1c498440023dbb6004e984
688d8686e183a4e84577e0f70550350622796e2e
ac1f7b3d1c5bfc1888f50aa3a8e0498c11f7cce672e6de5c048bf31d4d3370c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 092ab48a58576cf5228f75ca8e05deaf
2e79d46dc0bc28519be8133b7c56eef7486fe40d
0d6abd69dcba207deff031972ab6d68e283a4e6f702689bbe7a529f0bb9d1552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu8PmQtYPKfzZOwxPRGk88-nQLWRAMbFfyr1CA=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.0 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8PmQtYPKfzZOwxPRGk88-nQLWRAMbFfyr1CA=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 8ba3a21cea9c1b20ef092154f5ec873c
73fd59cffe528f061b7ca06762a2267e669383de
5403d7af7a0adfb77adf677f3e3b5c38d3555a484d0bc60340c5cfa08fab6f64
GET /ytc/AMLnZu8PmQtYPKfzZOwxPRGk88-nQLWRAMbFfyr1CA=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1003
x-xss-protection: 0
date: Tue, 06 Sep 2022 08:57:54 GMT
expires: Wed, 07 Sep 2022 08:57:54 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 10234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
no.bitcoin-now.fimivauj.com/js/utils.js
172.67.192.164200 OK 53 kB URL HTTP/1.1 no.bitcoin-now.fimivauj.com/js/utils.js
IP 172.67.192.164:0
File type ASCII text, with very long lines (2048)
Hash b4760f4c85cae8a2c499e046577fe02b
549b283674b614716a4e9edf24f3a2c8c395eb0b
e6b45ad1b269ee7d987f125b8896ecf981d968d448c6503e447f2758741a58b8
Analyzer Verdict Alert fortinet Phishing
GET /js/utils.js HTTP/1.1
Host: no.bitcoin-now.fimivauj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://no.bitcoin-now.fimivauj.com/?session=74c617b538a247ddb3f2dee584aa932b&aff_id=8942&fpp=1
Cookie: XSRF-TOKEN=eyJpdiI6IjVHVmo4WWg4NDNTWGFXR2d3eU5sNWc9PSIsInZhbHVlIjoiVjVseGNyMHFVd29xcmFxU1h4aGdxdzJtWTNqdUI0TGZQTFVHSDByQXNuMFVVQVdIZ0svcXJPNlZhc1ZySlZ6SGRQZ0pWWXF5cHJXc3ZuMXR2b2F0KytCeDloelQvcnFGUHFyZmxLT1NSM3I0RnBmQlR4TEJWSFFFRnZxRDYwVzgiLCJtYWMiOiI1OGY0NTUyZTA0MzQ0YWUyOTJjODdkNzExZDQ4MjYxNTg4MjE3NTcwZmRkYjQ0ZTRlYmQ1ZWQ0YzBjNGFiMWUyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlIrUkg5dllHTFh5UnBUcUxCYk9JK2c9PSIsInZhbHVlIjoiaGV2SUFwbFpIa3dsaWFGSHB4R1FOVy8wZ1Z5Q0hCelpzUitIOVp3dWxJV05HWU5pWk9NclNZVm9YT1BCQ1hsVVVmd2xVcTFtZkU4cmJyaW1oKzh2bm55VzMzbWh6NU1nbnBuY1Q5Qm10T1JKME51OTB6VTF1THdLVjB2aDhLbnIiLCJtYWMiOiIyOGYzMzMzNmM2ZmU0NjA4MGRmMmI2NWZmODM5ZWQ3ZDlmZmNkMmUzMDVhNjE4ZDc4ODM0MjE2YmVhYTgwZTdlIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 11:48:28 GMT
Content-Type: application/javascript
Content-Length: 53327
Connection: keep-alive
Last-Modified: Mon, 31 Aug 2020 14:52:48 GMT
ETag: "391c8-5ae2d8e5c3215-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5876
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZvai6%2BFkCSGiM1Qr28BXOla4d2hOIgemIq4Q0aztIHyBQDcZRvKZUmc%2FKjmhDqPZFMUFarWGFrMQUHb48DhzXE5k0dWbknfQOZoimiqohqJOnTU1dO5cfl6IXrtJlt6XgEYTb4B1vhBiSO%2BPrY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7466f9cf3eacb505-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 092ab48a58576cf5228f75ca8e05deaf
2e79d46dc0bc28519be8133b7c56eef7486fe40d
0d6abd69dcba207deff031972ab6d68e283a4e6f702689bbe7a529f0bb9d1552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b6c1068216577e4920f7603fd80b6f7
992bbe3b7e8e0a2d1e5bfcf51dee0e7a626a45b7
874daa5370299e1f4105e65094ccc7e68e657f724775bcbcc31d40d3e2ebaf6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b6c1068216577e4920f7603fd80b6f7
992bbe3b7e8e0a2d1e5bfcf51dee0e7a626a45b7
874daa5370299e1f4105e65094ccc7e68e657f724775bcbcc31d40d3e2ebaf6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1657500&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=video%2Fwebm&gir=yes&clen=3773377&dur=128.761&lmt=1626897487195286&mt=1662464462&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOfKo7K46SaWTxfk_WbeQ-_CFCapj6RjoPte9Qmex6ZwAiEAum1lTJwtMwbSb3YfP5l0V-iUTdElNGfTXMKJjstjYFw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANQE70s_QjGXq7yaSP9a82Wiea6YQkaH5yYQCjMuqM2mAiEAoh0iuWLgi317DTXFi2CWj9qKQmMnusKtXv5nqwrutH8%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&range=0-104495&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1657500&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=video%2Fwebm&gir=yes&clen=3773377&dur=128.761&lmt=1626897487195286&mt=1662464462&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOfKo7K46SaWTxfk_WbeQ-_CFCapj6RjoPte9Qmex6ZwAiEAum1lTJwtMwbSb3YfP5l0V-iUTdElNGfTXMKJjstjYFw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANQE70s_QjGXq7yaSP9a82Wiea6YQkaH5yYQCjMuqM2mAiEAoh0iuWLgi317DTXFi2CWj9qKQmMnusKtXv5nqwrutH8%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&range=0-104495&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1050), with no line terminators
Hash 17e45866eb3621f8bc025f0e6e13fa5a
b86c450c261e3cbb547808261239367fea5aac90
b69867beff5f4fbb815c0bb88eab985ea12ebeeaa09c93659aa5a2f29ed7ef32
GET /videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1657500&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=video%2Fwebm&gir=yes&clen=3773377&dur=128.761&lmt=1626897487195286&mt=1662464462&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOfKo7K46SaWTxfk_WbeQ-_CFCapj6RjoPte9Qmex6ZwAiEAum1lTJwtMwbSb3YfP5l0V-iUTdElNGfTXMKJjstjYFw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANQE70s_QjGXq7yaSP9a82Wiea6YQkaH5yYQCjMuqM2mAiEAoh0iuWLgi317DTXFi2CWj9qKQmMnusKtXv5nqwrutH8%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&range=0-104495&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 06 Sep 2022 11:48:28 GMT
Expires: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1050
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=251&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1657500&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=audio%2Fwebm&gir=yes&clen=1860087&dur=128.781&lmt=1626896869292381&mt=1662464462&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5311224&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgFqryWMl09O13vbnmWwcNAXxtm35f6NStzFr4p-RSauICID8BphydrXxxL5V00TXpSfLCDXZpc2wxKd08bHayEM8Y&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANQE70s_QjGXq7yaSP9a82Wiea6YQkaH5yYQCjMuqM2mAiEAoh0iuWLgi317DTXFi2CWj9qKQmMnusKtXv5nqwrutH8%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&range=0-66019&rn=2&rbuf=0
91.90.45.173200 OK 982 B URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=251&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1657500&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=audio%2Fwebm&gir=yes&clen=1860087&dur=128.781&lmt=1626896869292381&mt=1662464462&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5311224&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgFqryWMl09O13vbnmWwcNAXxtm35f6NStzFr4p-RSauICID8BphydrXxxL5V00TXpSfLCDXZpc2wxKd08bHayEM8Y&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANQE70s_QjGXq7yaSP9a82Wiea6YQkaH5yYQCjMuqM2mAiEAoh0iuWLgi317DTXFi2CWj9qKQmMnusKtXv5nqwrutH8%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&range=0-66019&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (982), with no line terminators
Hash d9684053f441fb55126c88c91292c3fb
47ff114d4ff50093df5e05f468a90d7a18ceb407
989479cbe44b87bf0a813dafbc2c75d18a50197f57aefc2f324de0b9e2eafb63
GET /videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=251&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1657500&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=audio%2Fwebm&gir=yes&clen=1860087&dur=128.781&lmt=1626896869292381&mt=1662464462&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5311224&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgFqryWMl09O13vbnmWwcNAXxtm35f6NStzFr4p-RSauICID8BphydrXxxL5V00TXpSfLCDXZpc2wxKd08bHayEM8Y&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANQE70s_QjGXq7yaSP9a82Wiea6YQkaH5yYQCjMuqM2mAiEAoh0iuWLgi317DTXFi2CWj9qKQmMnusKtXv5nqwrutH8%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&range=0-66019&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 06 Sep 2022 11:48:28 GMT
Expires: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 982
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b6c1068216577e4920f7603fd80b6f7
992bbe3b7e8e0a2d1e5bfcf51dee0e7a626a45b7
874daa5370299e1f4105e65094ccc7e68e657f724775bcbcc31d40d3e2ebaf6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ca8d2c61881f2d9ed13dde000c7646e5
787300679274fedd6f8ad4a2db557c89aa395efb
03d711d16bc81bfbdb5554dd69f67e6b499416d18536f7cd48c237bfa218a1f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ca8d2c61881f2d9ed13dde000c7646e5
787300679274fedd6f8ad4a2db557c89aa395efb
03d711d16bc81bfbdb5554dd69f67e6b499416d18536f7cd48c237bfa218a1f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=251&source=youtube&requiressl=yes&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=audio%2Fwebm&gir=yes&clen=1860087&dur=128.781&lmt=1626896869292381&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5311224&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgFqryWMl09O13vbnmWwcNAXxtm35f6NStzFr4p-RSauICID8BphydrXxxL5V00TXpSfLCDXZpc2wxKd08bHayEM8Y&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662464707&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANSqRd1FH2X2dkk6Ao7E7lPLkto11bMsSn-FRATEtNGwAiEA9chpQO442m3wqP9pUSZVq1sDcdFUtheWjQTRY7hxa_c%3D&range=0-66019&rn=4&rbuf=0
74.125.111.70200 OK 66 kB URL HTTP/1.1 rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=251&source=youtube&requiressl=yes&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=audio%2Fwebm&gir=yes&clen=1860087&dur=128.781&lmt=1626896869292381&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5311224&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgFqryWMl09O13vbnmWwcNAXxtm35f6NStzFr4p-RSauICID8BphydrXxxL5V00TXpSfLCDXZpc2wxKd08bHayEM8Y&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662464707&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANSqRd1FH2X2dkk6Ao7E7lPLkto11bMsSn-FRATEtNGwAiEA9chpQO442m3wqP9pUSZVq1sDcdFUtheWjQTRY7hxa_c%3D&range=0-66019&rn=4&rbuf=0
IP 74.125.111.70:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 597e9c31374e953ad69929d81dc6412a
bf19a88c1486f4a706a198dd4beb1982bd5c1c52
40190c77252487b3f3426fed4c49dd44f1fadb2507e63bc4d055f84a8537d1f1
GET /videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=251&source=youtube&requiressl=yes&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=audio%2Fwebm&gir=yes&clen=1860087&dur=128.781&lmt=1626896869292381&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5311224&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgFqryWMl09O13vbnmWwcNAXxtm35f6NStzFr4p-RSauICID8BphydrXxxL5V00TXpSfLCDXZpc2wxKd08bHayEM8Y&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662464707&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANSqRd1FH2X2dkk6Ao7E7lPLkto11bMsSn-FRATEtNGwAiEA9chpQO442m3wqP9pUSZVq1sDcdFUtheWjQTRY7hxa_c%3D&range=0-66019&rn=4&rbuf=0 HTTP/1.1
Host: rr1---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 21 Jul 2021 19:47:49 GMT
Content-Type: audio/webm
Date: Tue, 06 Sep 2022 11:48:29 GMT
Expires: Tue, 06 Sep 2022 11:48:29 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 66020
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=video%2Fwebm&gir=yes&clen=3773377&dur=128.761&lmt=1626897487195286&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOfKo7K46SaWTxfk_WbeQ-_CFCapj6RjoPte9Qmex6ZwAiEAum1lTJwtMwbSb3YfP5l0V-iUTdElNGfTXMKJjstjYFw%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662464707&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgPvJW4pqDk3xiOhx76y7BIcbbymPH0cqfCGEo4cEK5VkCIB90FqdufrHLq04QWSoxrWUfX_-na3qomZ-F4o6tknfY&range=0-104495&rn=3&rbuf=0
74.125.111.70200 OK 104 kB URL HTTP/1.1 rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=video%2Fwebm&gir=yes&clen=3773377&dur=128.761&lmt=1626897487195286&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOfKo7K46SaWTxfk_WbeQ-_CFCapj6RjoPte9Qmex6ZwAiEAum1lTJwtMwbSb3YfP5l0V-iUTdElNGfTXMKJjstjYFw%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662464707&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgPvJW4pqDk3xiOhx76y7BIcbbymPH0cqfCGEo4cEK5VkCIB90FqdufrHLq04QWSoxrWUfX_-na3qomZ-F4o6tknfY&range=0-104495&rn=3&rbuf=0
IP 74.125.111.70:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 104 kB (104496 bytes)
Hash de773fae34b8fc33dd8808c22e998cf2
4885b06d0af55fb91aac837da3e6b95a23d72a9a
95d87bb615c92200b64ef7bf33f5488f61dd3834cbcbefdddd7e878a2a88c04b
GET /videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=video%2Fwebm&gir=yes&clen=3773377&dur=128.761&lmt=1626897487195286&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOfKo7K46SaWTxfk_WbeQ-_CFCapj6RjoPte9Qmex6ZwAiEAum1lTJwtMwbSb3YfP5l0V-iUTdElNGfTXMKJjstjYFw%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662464707&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgPvJW4pqDk3xiOhx76y7BIcbbymPH0cqfCGEo4cEK5VkCIB90FqdufrHLq04QWSoxrWUfX_-na3qomZ-F4o6tknfY&range=0-104495&rn=3&rbuf=0 HTTP/1.1
Host: rr1---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 21 Jul 2021 19:58:07 GMT
Content-Type: video/webm
Date: Tue, 06 Sep 2022 11:48:29 GMT
Expires: Tue, 06 Sep 2022 11:48:29 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 104496
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ca8d2c61881f2d9ed13dde000c7646e5
787300679274fedd6f8ad4a2db557c89aa395efb
03d711d16bc81bfbdb5554dd69f67e6b499416d18536f7cd48c237bfa218a1f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 11:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=video%2Fwebm&gir=yes&clen=3773377&dur=128.761&lmt=1626897487195286&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOfKo7K46SaWTxfk_WbeQ-_CFCapj6RjoPte9Qmex6ZwAiEAum1lTJwtMwbSb3YfP5l0V-iUTdElNGfTXMKJjstjYFw%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662464707&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgPvJW4pqDk3xiOhx76y7BIcbbymPH0cqfCGEo4cEK5VkCIB90FqdufrHLq04QWSoxrWUfX_-na3qomZ-F4o6tknfY&range=104496-368010&rn=5&rbuf=6024
74.125.111.70200 OK 264 kB URL HTTP/1.1 rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=video%2Fwebm&gir=yes&clen=3773377&dur=128.761&lmt=1626897487195286&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOfKo7K46SaWTxfk_WbeQ-_CFCapj6RjoPte9Qmex6ZwAiEAum1lTJwtMwbSb3YfP5l0V-iUTdElNGfTXMKJjstjYFw%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662464707&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgPvJW4pqDk3xiOhx76y7BIcbbymPH0cqfCGEo4cEK5VkCIB90FqdufrHLq04QWSoxrWUfX_-na3qomZ-F4o6tknfY&range=104496-368010&rn=5&rbuf=6024
IP 74.125.111.70:0
Size 264 kB (263515 bytes)
Hash cb5e63114831320546e128048f5ffdbe
5965edfc3788adfccdc2f6bd79319bb9834d9dc5
50684650a31065978f284b40d6de510f82bcedc908718a86ab61893c671065b0
GET /videoplayback?expire=1662486508&ei=jDMXY7LnIsGRv_IP1Yuy-AY&ip=91.90.42.154&id=o-ADXeOJgFF0u7xMKEN8RN8yR1-95PwOpUDGrtZ5KqvYJi&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=lT-KhtoYq3Kblhpo4rC85ar4a4jtQE4&vprv=1&mime=video%2Fwebm&gir=yes&clen=3773377&dur=128.761&lmt=1626897487195286&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOfKo7K46SaWTxfk_WbeQ-_CFCapj6RjoPte9Qmex6ZwAiEAum1lTJwtMwbSb3YfP5l0V-iUTdElNGfTXMKJjstjYFw%3D&alr=yes&cpn=yAGM6JQsAukkV000&cver=1.20220831.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662464707&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgPvJW4pqDk3xiOhx76y7BIcbbymPH0cqfCGEo4cEK5VkCIB90FqdufrHLq04QWSoxrWUfX_-na3qomZ-F4o6tknfY&range=104496-368010&rn=5&rbuf=6024 HTTP/1.1
Host: rr1---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 21 Jul 2021 19:58:07 GMT
Content-Type: video/webm
Date: Tue, 06 Sep 2022 11:48:29 GMT
Expires: Tue, 06 Sep 2022 11:48:29 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 263515
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 06 Sep 2022 11:48:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 118 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 180805a6ff3113f8cf9567cdb4a043a9
0d56c1fcce0130531713032dddfa858704725d48
d5f8cfc275b57d93f2d69f47e1692a8e6f0165dc5c675a299d39cd33d3c1614d
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1103
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Sep 2022 11:48:29 GMT
server: ESF
cache-control: private
content-length: 118
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2