| r3.o.lencr.org/ |  95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashdca68db7aea32f6683ce8d542c078f04 19c495238df74fca680e21f18627ff94de5dd2e5 35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7651
Expires: Wed, 08 Feb 2023 21:43:17 GMT
Date: Wed, 08 Feb 2023 19:35:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash565c1bbc5c1c40be1988b3bf6fd9dc1a cfdba5bc597130461dd67bf6cda53183be592493 60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9524
Expires: Wed, 08 Feb 2023 22:14:30 GMT
Date: Wed, 08 Feb 2023 19:35:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashcc14b0d2f7c451f6431dc87ba54d1d60 bab8bfda6fa3e2f17125353f5147211787dc25d0 b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4243
Expires: Wed, 08 Feb 2023 20:46:29 GMT
Date: Wed, 08 Feb 2023 19:35:46 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashbf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 19:34:13 GMT
content-type: application/json
age: 93
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bPao2M00eErMii2OBghGhWcen/3nK2Ig92BHEwl9d+taJykCRqIaFaBKeDr3rPwp0bolOm6zvPA=
x-amz-request-id: 3V1F9XZSEEYPB54B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 18:46:04 GMT
age: 2982
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| care.netrohealthcare.com/ga/click/2-457201058-2153-16833-32823-30686-99aee4c928-m803301cc9 | 154.53.42.166 | 302 Found | 199 B |
URL HTTP/1.1care.netrohealthcare.com/ga/click/2-457201058-2153-16833-32823-30686-99aee4c928-m803301cc9 IP154.53.42.166:0
File typeHTML document text\012- HTML document, ASCII text, with no line terminators Hash6e86b70bc24a44068db5faed9bc2e6fb 7a516611f00cef7fc3a3760e06d9dca6b2f94d2a 18d2760074b3a753ba524b9b0a7f59102f398705c78eae847645ea1bf4a0dbbc
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /ga/click/2-457201058-2153-16833-32823-30686-99aee4c928-m803301cc9 HTTP/1.1
Host: care.netrohealthcare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 08 Feb 2023 19:35:46 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: 51fffb556a1d2b095f0736004bd6908c
Location: http://sand.kptoutsandtravels.com/drgyihkkdfyukdsyukdsfyudfsyufghhhhhhhhhyjukyyjdfthfdgthdyjukyjdthkighyjukikuyjgghdtjuiythfdtyjjygof
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.022500
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 19:35:46 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 19:14:52 GMT
age: 1255
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| sand.kptoutsandtravels.com/drgyihkkdfyukdsyukdsfyudfsyufghhhhhhhhhyjukyyjdfthfdgthdyjukyjdthkighyjukikuyjgghdtjuiythfdtyjjygof |  94.237.50.235 | 302 Found | 1 B |
URL HTTP/1.1sand.kptoutsandtravels.com/drgyihkkdfyukdsyukdsfyudfsyufghhhhhhhhhyjukyyjdfthfdgthdyjukyjdthkighyjukikuyjgghdtjuiythfdtyjjygof IP94.237.50.235:0
File typevery short file (no magic) Hash68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /drgyihkkdfyukdsyukdsfyudfsyufghhhhhhhhhyjukyyjdfthfdgthdyjukyjdthkighyjukikuyjgghdtjuiythfdtyjjygof HTTP/1.1
Host: sand.kptoutsandtravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 08 Feb 2023 19:35:38 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://bravotrk.com/?a=10362&c=125761&s1=Neurodfdhdfeshy
Content-Length: 1
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash9b88bae61bca33aba8aa99f6128db8d9 a07b61fb2458917699613fcae68710941b595416 54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11853
Expires: Wed, 08 Feb 2023 22:53:20 GMT
Date: Wed, 08 Feb 2023 19:35:47 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 35.82.179.239 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.82.179.239:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q9KaWvED71qn4aLkr4U6gA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: enmkIkmhYwzX/SG4yNpOxer1vF8=
|
|
| ocsp2.globalsign.com/gsalphasha2g2 |  104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hashb0b4789d7a2f6356c8c0b3003579748e d2d9a3182a7fda0d025f7e37cce278bf984d9f25 9fad1e5c516342b97c0d8c159bb3c6340751586164461db80db936be8f76f1d5
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 19:35:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 12 Feb 2023 16:47:54 GMT
ETag: "d2d9a3182a7fda0d025f7e37cce278bf984d9f25"
Last-Modified: Wed, 08 Feb 2023 16:47:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7966cf7a3cc70b69-OSL
|
|
| bravotrk.com/?a=10362&c=125761&s1=Neurodfdhdfeshy | 34.206.41.190 | 302 Found | 229 B |
URL HTTP/1.1bravotrk.com/?a=10362&c=125761&s1=Neurodfdhdfeshy IP34.206.41.190:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash79c0cdce7e298b2d5df63ec87089a154 e2a41d1ff5b16973fe7dbad5972fb46ff51a3675 94af92038f970b4af73304a74df81d500c9d0f9d5a1e276b785d8ffee2452544
GET /?a=10362&c=125761&s1=Neurodfdhdfeshy HTTP/1.1
Host: bravotrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 229
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Feb 2023 19:35:47 GMT
Location: https://theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=Neurodfdhdfeshy&subid3=590539155
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=dUdxssFjyAg/5oe9M+NJb172oDlDqmO1EYeiTaOYRLPlcjS/8y3AyA==; domain=.bravotrk.com; path=/; SameSite=None; secure; HttpOnly
trk=/okzW3zjE/PQREDRkLO09172oDlDqmO1EYeiTaOYRLPlcjS/8y3AyA==; domain=.bravotrk.com; expires=Sat, 08-Feb-2025 19:35:46 GMT; path=/; SameSite=None; secure; HttpOnly
c23844=dUdxssFjyAjjADSl9G+cGTLnuUPVTnLgvilrtgAXuhQ8eBGUI9rwVw==; domain=.bravotrk.com; expires=Fri, 10-Mar-2023 19:35:46 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash8fb4f3017a8d2b5847258428b88d847a 2cfd59d0dba45e395d9e0c7e4b079339c4e21768 16c919134f136a657c8bd95b89b31db0f503319fcb4d4a4c7c13484ef28490ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=115647
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:48 GMT
Etag: "63e31a53-116"
Expires: Fri, 10 Feb 2023 03:43:15 GMT
Last-Modified: Wed, 08 Feb 2023 03:43:15 GMT
Server: nginx
Content-Length: 278
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash8fb4f3017a8d2b5847258428b88d847a 2cfd59d0dba45e395d9e0c7e4b079339c4e21768 16c919134f136a657c8bd95b89b31db0f503319fcb4d4a4c7c13484ef28490ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=115647
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:48 GMT
Etag: "63e31a53-116"
Expires: Fri, 10 Feb 2023 03:43:15 GMT
Last-Modified: Wed, 08 Feb 2023 03:43:15 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash8d5417d247d259e3c0186136b83d9f75 49fbcf99a352669aee2559579ef73fa60f46d38d 3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtm.js?id=GTM-TDWJ6ZL | 142.250.74.72 | 200 OK | 47 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-TDWJ6ZL IP142.250.74.72:0
File typeASCII text, with very long lines (1759) Hashabfd6e8c011dd39fb26bfc0029b9e0d5 87620d09c030469f8fb2f750160c9f999e4068b9 7af74b8ee873b3de0b4a8af685de148aacf34a8a9104648b40cd17887958be52
GET /gtm.js?id=GTM-TDWJ6ZL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 19:35:48 GMT
expires: Wed, 08 Feb 2023 19:35:48 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 18:39:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46659
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash8d5417d247d259e3c0186136b83d9f75 49fbcf99a352669aee2559579ef73fa60f46d38d 3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash1be595d471072ed9d448b2302d6e460d 399645e1a7f35fb52a32d1a425d0cedfacebc4d2 f3f55ee0139081074b78a8672b15b79b5ab91ca9d87189e86bb0e44ecbdafd97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=103040
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:48 GMT
Etag: "63e2e914-117"
Expires: Fri, 10 Feb 2023 00:13:08 GMT
Last-Modified: Wed, 08 Feb 2023 00:13:08 GMT
Server: nginx
Content-Length: 279
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash1d885cfc22a04f1216c98dd64df5338a 589916a844b81fac40af88a772865b8e28dfb64e 40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11438
Expires: Wed, 08 Feb 2023 22:46:26 GMT
Date: Wed, 08 Feb 2023 19:35:48 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash1d885cfc22a04f1216c98dd64df5338a 589916a844b81fac40af88a772865b8e28dfb64e 40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11438
Expires: Wed, 08 Feb 2023 22:46:26 GMT
Date: Wed, 08 Feb 2023 19:35:48 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfe800d6af728cd622a6192ad5e7dda6a 3a301dd894fc428c7d1863c9d5eaf2652f5c2083 f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: C1EXSLUCdc9GzSKxUzv9_uWK4ZTqggdr03uVW5SWuZwVVSn2wc4k7w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 78707
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4252883-1cf4-4e4a-98fa-fee2d1bd1a6c.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4252883-1cf4-4e4a-98fa-fee2d1bd1a6c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash298eca3ae092fd28108db52acaa59545 ee865a4919befec21c73f7a1cf0c2405c34743b7 d490b601b1dc9e89392b902b7b7376815c81019ef53ab06aa27ed563600bb1a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4252883-1cf4-4e4a-98fa-fee2d1bd1a6c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13371
x-amzn-requestid: 2fd56339-7b32-4058-8eea-8565cae3037c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2opoHjGoAMFsMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df54a3-5b0bd42e1e21d7d65ac7c7f1;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 07:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JsUVBJdjaEX5lknubVE44HzNtrl9gAxfQVmj1G6Wm1yaJ8gmmiOJKw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 11:00:52 GMT
age: 30896
etag: "ee865a4919befec21c73f7a1cf0c2405c34743b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash18a84ae645223aba0709b5e16c0207f7 0b865e797846520ccc6fff6fb2ee38d8836bd2c0 b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: d5d8fdde-048f-4705-9fa4-99fd7d29d804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f582DETSIAMFmEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a826-52a3b175584df1914260c8ae;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wUaruDuqNDIlR6CWz9G7DAofcvS7UNmtPM7C2ve-RRbp57J43rWPxQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:09:02 GMT
age: 55606
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg | 34.120.237.76 | 200 OK | 6.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg IP34.120.237.76:0
Hash543a83d741dde7fe311e3d2ebf19994f e3ff83995971385b646f9f1e47291dd83d039ffe 46c167aece6a97ad13a8c00afb2b3f7acf412521e5547bd729ee3cf775b93c6e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3379
x-amzn-requestid: 6f8c97bc-c1f9-4681-9544-f2863dc7f782
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSYH47oAMF-ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070db-4a730cd079f03c8b1cf77997;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qnk0MflT4eIxNuooDKhm0uauKq1dYj1iG9O_prtNU8c0IoAwODZxig==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:27:19 GMT
age: 54509
etag: "1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha9c2a9eee923b84d4e06438a8b2acaff 520b122e3ce52220af153fee26bb7067283f9075 9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1R4SRNvqhRHbrDZsGB06NJbBXf8WRgJEHmXTbop8pqf8etTJSlmQwQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:05 GMT
age: 77383
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2bf626b824fefec1ecaceb9243f2e5ec f222976d76d889a0cd767bfd73075ee114c531ce 3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECAdRS7as57pL15HxK4Ep0YOho8Kba8RFhMVnXGdJuKYItQHNf2yHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:53:57 GMT
age: 78111
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash1be595d471072ed9d448b2302d6e460d 399645e1a7f35fb52a32d1a425d0cedfacebc4d2 f3f55ee0139081074b78a8672b15b79b5ab91ca9d87189e86bb0e44ecbdafd97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=103040
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:49 GMT
Etag: "63e2e914-117"
Expires: Fri, 10 Feb 2023 00:13:09 GMT
Last-Modified: Wed, 08 Feb 2023 00:13:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-83Q85EEGDV>m=45je3260&_p=622742392&cid=1871881319.1675885005&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675885004&sct=1&seg=0&dl=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3DNeurodfdhdfeshy%26subid3%3D590539155&dt=Neuro%20Calm%20Pro%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1 | 216.239.32.36 | 204 No Content | 315 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-83Q85EEGDV>m=45je3260&_p=622742392&cid=1871881319.1675885005&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675885004&sct=1&seg=0&dl=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3DNeurodfdhdfeshy%26subid3%3D590539155&dt=Neuro%20Calm%20Pro%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1 IP216.239.32.36:0
Hash4dcc333a3ff264d452ab9fec84a4f4e8 9760ca1f56f59c7573b1a72d60131aa02b61f9d5 f196d323c9fa7befa132001bf8f58d1c99b860b9641440a1cd6f8c571fb8d448
POST /g/collect?v=2&tid=G-83Q85EEGDV>m=45je3260&_p=622742392&cid=1871881319.1675885005&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675885004&sct=1&seg=0&dl=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3DNeurodfdhdfeshy%26subid3%3D590539155&dt=Neuro%20Calm%20Pro%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theneurocalmpro.com
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://theneurocalmpro.com
date: Wed, 08 Feb 2023 19:35:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash44fc0cb48c26edb9ce36736707b9182a 62de7faa3e8171c0d38a2e03a604d2545a3ede7f 9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.youtube.com/oembed?url=http://www.youtube.com/watch?v=lqFyw4LMlDI&format=json | 142.250.74.174 | 200 OK | 407 B |
URL HTTP/2www.youtube.com/oembed?url=http://www.youtube.com/watch?v=lqFyw4LMlDI&format=json IP142.250.74.174:0
File typeJSON data\012- , ASCII text, with very long lines (723), with no line terminators Hashadd204bf7b09dc7b5da3482573923d4b 61623f24a676d130f05cc3db57c4e743979681ea e1e85c0b4722dabb946595320e8654449fc4427d2c06a374974433d55c44a315
GET /oembed?url=http://www.youtube.com/watch?v=lqFyw4LMlDI&format=json HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theneurocalmpro.com
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 Feb 2023 19:35:49 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 407
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://theneurocalmpro.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash44fc0cb48c26edb9ce36736707b9182a 62de7faa3e8171c0d38a2e03a604d2545a3ede7f 9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6316 | 172.66.43.115 | 200 OK | 1.3 kB |
URL HTTP/2display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6316 IP172.66.43.115:0
Hash40fc17a9bd2cd46c66a3efbdd13327cd a778267e7bce25b36c2e86cb7003331ffd1ecf44 b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
GET /v1/disclaimer?id=disclaimer&account_id=6316 HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:35:48 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7966cf820bbb0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash7ec32dff957003dae195c36ca9e3bd6c 6761a20819b0d5a48216d74782e3ea752af7257a 953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 7.2 kB |
IP142.250.74.163:0
Hash98ba77b87b743b1078992e206fad1d6c 670da89fb6189a26f0464cf7f32131f3e0a8abb0 57fbf110fddea72856890a89fb24e53725520b57a76d5cf8ad0f1ecb50eab945
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-194057059-2&cid=1871881319.1675885005&jid=2070733567&gjid=2053427965&_gid=1237565177.1675885006&_u=aADAAEABQAAAACAAI~&z=4415175 | 74.125.205.157 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-194057059-2&cid=1871881319.1675885005&jid=2070733567&gjid=2053427965&_gid=1237565177.1675885006&_u=aADAAEABQAAAACAAI~&z=4415175 IP74.125.205.157:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-194057059-2&cid=1871881319.1675885005&jid=2070733567&gjid=2053427965&_gid=1237565177.1675885006&_u=aADAAEABQAAAACAAI~&z=4415175 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://theneurocalmpro.com
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://theneurocalmpro.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 19:35:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-194057059-5&cid=1871881319.1675885005&jid=246182658&gjid=1988077566&_gid=1237565177.1675885006&_u=aADAAEAAQAAAACAAI~&z=1756582108 | 74.125.205.157 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-194057059-5&cid=1871881319.1675885005&jid=246182658&gjid=1988077566&_gid=1237565177.1675885006&_u=aADAAEAAQAAAACAAI~&z=1756582108 IP74.125.205.157:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-194057059-5&cid=1871881319.1675885005&jid=246182658&gjid=1988077566&_gid=1237565177.1675885006&_u=aADAAEAAQAAAACAAI~&z=1756582108 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://theneurocalmpro.com
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://theneurocalmpro.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 19:35:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash7ec32dff957003dae195c36ca9e3bd6c 6761a20819b0d5a48216d74782e3ea752af7257a 953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash3f3962ef574ee0069c41f7cbcabd1ef3 c4b6aefa8563432c5e5901488c38ae7da3c83fd7 9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash3f3962ef574ee0069c41f7cbcabd1ef3 c4b6aefa8563432c5e5901488c38ae7da3c83fd7 9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.67 | 200 OK | 18 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.67:0
Hashf1e5a19ff718f8169e68d143de64161d c7c39c4d86af038b31e4b3901d3d8e451d590184 1780891b7f10c4f9a026985457346fd656938892fe7ddc7fb19c126cbfe473f2
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 510467
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.67:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:20:45 GMT
expires: Tue, 06 Feb 2024 17:20:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 180905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash986afab4bad851da3c4a2b8db670c876 c58b7142ce3bebda918b77649973715dbd71b4d2 24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashddbcc8409304b59c7d2faa53ed360fb5 98746db490891a3e5aa21f3dff58438d0c7795d5 b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashf30ebb7855430e77d7f7e78185824905 f833d3fbb268c2d0b289b8af527a13ea6ab3535d ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.doubleclick.net/instream/ad_status.js | 142.250.74.102 | 200 OK | 29 B |
URL HTTP/2static.doubleclick.net/instream/ad_status.js IP142.250.74.102:0
Hash1fa71744db23d0f8df9cce6719defcb7 e4be9b7136697942a036f97cf26ebaf703ad2067 eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 19:35:50 GMT
expires: Wed, 08 Feb 2023 19:50:50 GMT
cache-control: public, max-age=900
age: 1
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| googleads.g.doubleclick.net/pagead/id | 142.250.74.130 | 302 Found | 0 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/id IP142.250.74.130:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 08 Feb 2023 19:35:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashf30ebb7855430e77d7f7e78185824905 f833d3fbb268c2d0b289b8af527a13ea6ab3535d ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashddbcc8409304b59c7d2faa53ed360fb5 98746db490891a3e5aa21f3dff58438d0c7795d5 b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 28 kB |
IP142.250.74.163:0
Hashf3e1c04e56612287bc9612154c37f44b 269ec4767e3ae343adcbe8425e1b5ba0ab99f569 a741ae7aa5a6dd42b8cd1e314bfd623ce9841244a75e23e9aa3fc1e0ae917107
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash325a8a10ce2837a8c6820e30572d181c 195d6189f0f10fcb301fce3af4c27028bbcb9eaa 2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 216.58.207.234 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP216.58.207.234:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 08 Feb 2023 19:35:51 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 216.58.207.234 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP216.58.207.234:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hashfb5dbd7f5aed3ad182c43c9854db7285 5b3127ba7cb7baeb76ed37d6ff69f627e668a162 6b8c0798a540769af71893d33403541e8a300abe175c959f243edee98129df5e
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 Feb 2023 19:35:51 GMT
server: ESF
cache-control: private
content-length: 30833
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash84889b914548f7820766f27a40699cfa bc674cdb5819759b5ecd5aabfde47f56127f5d89 e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash325a8a10ce2837a8c6820e30572d181c 195d6189f0f10fcb301fce3af4c27028bbcb9eaa 2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js | 142.250.74.164 | 200 OK | 14 kB |
URL HTTP/2www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js IP142.250.74.164:0
File typeASCII text, with very long lines (36180) Hash6caf3ddf47bad942732577bf1cd634ed 5930e4cdb4173c5ffa3f9e2eaf7ecc147623dd0c cc13b4b51d92ba1992ec59da7b670f2a66cf5ffd4907061f911349e925a218b7
GET /js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:52:36 GMT
expires: Wed, 07 Feb 2024 08:52:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
content-type: text/javascript
age: 124995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash4fe8a46e4fe7c971a068b163b275e25a 5ca9fb282e652f18298c755e61c5e38665ddc7b1 c4639e8bacf773e2ad7c0256587dcabb3db19ceda949ffd365358091e1eef0f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/ytc/AL5GRJUQaGIFDLqUCTWsUaCtWArd4K6vIjtriB9TIcE39KPdnist9X2H8HGs_qpcsdBK=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 967 B |
URL HTTP/2yt3.ggpht.com/ytc/AL5GRJUQaGIFDLqUCTWsUaCtWArd4K6vIjtriB9TIcE39KPdnist9X2H8HGs_qpcsdBK=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data Hashd5669edf5537eeaa798657e7501c6d34 2515f16dd1a62ee0f8801b0336084c9bbbafe4b6 286a81d27bf48d4a5ff7cb36b8d80e2062c2d8c6be67ebb8fc012826dc804c29
GET /ytc/AL5GRJUQaGIFDLqUCTWsUaCtWArd4K6vIjtriB9TIcE39KPdnist9X2H8HGs_qpcsdBK=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 967
x-xss-protection: 0
date: Wed, 08 Feb 2023 18:25:02 GMT
expires: Thu, 09 Feb 2023 18:25:02 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 4249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash4fe8a46e4fe7c971a068b163b275e25a 5ca9fb282e652f18298c755e61c5e38665ddc7b1 c4639e8bacf773e2ad7c0256587dcabb3db19ceda949ffd365358091e1eef0f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 216.58.207.234 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP216.58.207.234:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 08 Feb 2023 19:35:51 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 216.58.207.234 | 200 OK | 110 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP216.58.207.234:0
File typeJSON data\012- , ASCII text, with no line terminators Hash3a757c8bb879580acb2ef043cfdd846f efe866a30c3459b7899587706f66ecd61d213301 7b97b66c2292244bc0b12cc781215636ee735ed44f1b24e9716ab2560e1b5659
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 879
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 Feb 2023 19:35:51 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash4a78eb228548cddadb00d933843f7206 a430424163ec1e42a6b9422c1c5bb1157e694c6f cd25bcf0668c26c0ed9c4ef956ddfd77f36c2370396806f577f9dbd24f0dcce0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash4a78eb228548cddadb00d933843f7206 a430424163ec1e42a6b9422c1c5bb1157e694c6f cd25bcf0668c26c0ed9c4ef956ddfd77f36c2370396806f577f9dbd24f0dcce0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1541250&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=video%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=102503453&dur=3996.450&lmt=1654305107379663&mt=1675884593&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5437432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgAXP_CzaDVGjiskZIZDesrPjtjmB1Qq8BbxFQXQqpo_UCIBCXVbhyrvqdNGqecG7lYDOheyKTeHnKXJ3RGBpc4KMc&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANlFRgNPBMKn30Mwq6HR4g7AUdewY8iKFf5JtrVJN92rAiB4-_jelGUhEMdnlPTgmwlRqSxFk0qZN9-WBVUONZT_aw%3D%3D&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&range=0-159365&rn=1&rbuf=0&pot=IijZt9m0ulQgeZrQqs64h7H4i-HggYGGk4K9zrDg4YP00ZvQ_ISdkurz | 91.90.45.173 | 200 OK | 1.1 kB |
URL HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1541250&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=video%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=102503453&dur=3996.450&lmt=1654305107379663&mt=1675884593&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5437432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgAXP_CzaDVGjiskZIZDesrPjtjmB1Qq8BbxFQXQqpo_UCIBCXVbhyrvqdNGqecG7lYDOheyKTeHnKXJ3RGBpc4KMc&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANlFRgNPBMKn30Mwq6HR4g7AUdewY8iKFf5JtrVJN92rAiB4-_jelGUhEMdnlPTgmwlRqSxFk0qZN9-WBVUONZT_aw%3D%3D&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&range=0-159365&rn=1&rbuf=0&pot=IijZt9m0ulQgeZrQqs64h7H4i-HggYGGk4K9zrDg4YP00ZvQ_ISdkurz IP91.90.45.173:0 ASN#50304 Blix Solutions AS
File typeASCII text, with very long lines (1139), with no line terminators Hashb9f1f22a5a8a5d13e716e1d7e80e6162 1732a54439f3ad5a0e5ca83aa90ca6438bf16dca 2447e2071c54d4f2d067ffe34648e8f0671a157b9a878adf20ecdcad666dd8fc
POST /videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1541250&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=video%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=102503453&dur=3996.450&lmt=1654305107379663&mt=1675884593&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5437432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgAXP_CzaDVGjiskZIZDesrPjtjmB1Qq8BbxFQXQqpo_UCIBCXVbhyrvqdNGqecG7lYDOheyKTeHnKXJ3RGBpc4KMc&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANlFRgNPBMKn30Mwq6HR4g7AUdewY8iKFf5JtrVJN92rAiB4-_jelGUhEMdnlPTgmwlRqSxFk0qZN9-WBVUONZT_aw%3D%3D&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&range=0-159365&rn=1&rbuf=0&pot=IijZt9m0ulQgeZrQqs64h7H4i-HggYGGk4K9zrDg4YP00ZvQ_ISdkurz HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 08 Feb 2023 19:35:51 GMT
Expires: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1139
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=251&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1541250&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=audio%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=68325369&dur=3996.481&lmt=1654303945504846&mt=1675884593&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJGDF_qa8cQ0ra9S3t0nEGX_a4F5KTl0rEMqxOljXR_wAiEArkspc3YL77ib9HP1SJumwOZu94nuwCmZu-9fMjxwWdY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANlFRgNPBMKn30Mwq6HR4g7AUdewY8iKFf5JtrVJN92rAiB4-_jelGUhEMdnlPTgmwlRqSxFk0qZN9-WBVUONZT_aw%3D%3D&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&range=0-72893&rn=2&rbuf=0&pot=IijZt9m0ulQgeZrQqs64h7H4i-HggYGGk4K9zrDg4YP00ZvQ_ISdkurz | 91.90.45.173 | 200 OK | 1.1 kB |
URL HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=251&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1541250&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=audio%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=68325369&dur=3996.481&lmt=1654303945504846&mt=1675884593&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJGDF_qa8cQ0ra9S3t0nEGX_a4F5KTl0rEMqxOljXR_wAiEArkspc3YL77ib9HP1SJumwOZu94nuwCmZu-9fMjxwWdY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANlFRgNPBMKn30Mwq6HR4g7AUdewY8iKFf5JtrVJN92rAiB4-_jelGUhEMdnlPTgmwlRqSxFk0qZN9-WBVUONZT_aw%3D%3D&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&range=0-72893&rn=2&rbuf=0&pot=IijZt9m0ulQgeZrQqs64h7H4i-HggYGGk4K9zrDg4YP00ZvQ_ISdkurz IP91.90.45.173:0 ASN#50304 Blix Solutions AS
File typeASCII text, with very long lines (1084), with no line terminators Hashce57802d21004d649ad6aff66f4a7e9b 8a8b4cb9ab31639c521e709b47ef774632b8dbde 92303d75a36903e081a895237174d907e62a38783901d2d501034684f09b1e02
POST /videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=251&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1541250&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=audio%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=68325369&dur=3996.481&lmt=1654303945504846&mt=1675884593&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJGDF_qa8cQ0ra9S3t0nEGX_a4F5KTl0rEMqxOljXR_wAiEArkspc3YL77ib9HP1SJumwOZu94nuwCmZu-9fMjxwWdY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANlFRgNPBMKn30Mwq6HR4g7AUdewY8iKFf5JtrVJN92rAiB4-_jelGUhEMdnlPTgmwlRqSxFk0qZN9-WBVUONZT_aw%3D%3D&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&range=0-72893&rn=2&rbuf=0&pot=IijZt9m0ulQgeZrQqs64h7H4i-HggYGGk4K9zrDg4YP00ZvQ_ISdkurz HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 08 Feb 2023 19:35:51 GMT
Expires: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1084
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashc2fd0936cafab9db6188d8bc6acd50ef 7be8f46c8bd9f19dd3e7d9c87ff6e9e88e53a5a5 0483143e5519064b30b5db9823b0ea8d00723cb93e43a536db925e7ae20ebc77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashbcc3894139ad02e5cc320a62d8e33fcb 1484625354be950ce01ae8b3927f394a50a0c35d 2257a70d278269a345b094b94b8a1a50ef290346957c689d872bd9d8970bbad5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash6cdb3ed6c58a99c8e56ae787b2fe0342 5b1152a01cf1a8be9129bf18a57291d2a9adc02e 9244027a06ce46145b9ef5c48cc47bc04add05e0dc52f00c9f2205f84129e6ef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash6cdb3ed6c58a99c8e56ae787b2fe0342 5b1152a01cf1a8be9129bf18a57291d2a9adc02e 9244027a06ce46145b9ef5c48cc47bc04add05e0dc52f00c9f2205f84129e6ef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr1---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=video%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=102503453&dur=3996.450&lmt=1654305107379663&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5437432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgAXP_CzaDVGjiskZIZDesrPjtjmB1Qq8BbxFQXQqpo_UCIBCXVbhyrvqdNGqecG7lYDOheyKTeHnKXJ3RGBpc4KMc&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=V4&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675884836&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgM-VPrqZoJtGHeDFG1ZYsuRY6ydsPZ1yIk7HTSU4kZnoCID7gGBy0sV1hmXECCMTdUGEBdBexL7MuxugoYaFt5v6w&range=0-159365&rn=3&rbuf=0&pot=D31RgS1iMDBOfWnOwXFR5WY72Pu9_dpNAArb8n1_6hBYTAzLQdr6guqacQaD0jLImR5THjU_KYW0rW5eQbY9BJsR3TJIg4GPLmyJCu6QV5pn4nB8kmkZL60ANtaiH87ssh09OlE= | 173.194.6.6 | 200 OK | 159 kB |
URL HTTP/1.1rr1---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=video%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=102503453&dur=3996.450&lmt=1654305107379663&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5437432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgAXP_CzaDVGjiskZIZDesrPjtjmB1Qq8BbxFQXQqpo_UCIBCXVbhyrvqdNGqecG7lYDOheyKTeHnKXJ3RGBpc4KMc&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=V4&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675884836&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgM-VPrqZoJtGHeDFG1ZYsuRY6ydsPZ1yIk7HTSU4kZnoCID7gGBy0sV1hmXECCMTdUGEBdBexL7MuxugoYaFt5v6w&range=0-159365&rn=3&rbuf=0&pot=D31RgS1iMDBOfWnOwXFR5WY72Pu9_dpNAArb8n1_6hBYTAzLQdr6guqacQaD0jLImR5THjU_KYW0rW5eQbY9BJsR3TJIg4GPLmyJCu6QV5pn4nB8kmkZL60ANtaiH87ssh09OlE= IP173.194.6.6:0
File typeWebM\012- EBML file, creator webmB\20\012- data Size159 kB (159366 bytes) Hash8e45c56e152d1cacc481d8df7a1bfe7c 6d79ad067d744f04bf707f3aa804e1100e901204 410ad76f8e39725512063e89b01deb2ea4b7ff4d8d8596b098b725632fa5e10a
POST /videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=video%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=102503453&dur=3996.450&lmt=1654305107379663&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5437432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgAXP_CzaDVGjiskZIZDesrPjtjmB1Qq8BbxFQXQqpo_UCIBCXVbhyrvqdNGqecG7lYDOheyKTeHnKXJ3RGBpc4KMc&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=V4&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675884836&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgM-VPrqZoJtGHeDFG1ZYsuRY6ydsPZ1yIk7HTSU4kZnoCID7gGBy0sV1hmXECCMTdUGEBdBexL7MuxugoYaFt5v6w&range=0-159365&rn=3&rbuf=0&pot=D31RgS1iMDBOfWnOwXFR5WY72Pu9_dpNAArb8n1_6hBYTAzLQdr6guqacQaD0jLImR5THjU_KYW0rW5eQbY9BJsR3TJIg4GPLmyJCu6QV5pn4nB8kmkZL60ANtaiH87ssh09OlE= HTTP/1.1
Host: rr1---sn-5go7ynlk.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 04 Jun 2022 01:11:47 GMT
Content-Type: video/webm
Date: Wed, 08 Feb 2023 19:35:51 GMT
Expires: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 159366
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr1---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=251&source=youtube&requiressl=yes&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=audio%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=68325369&dur=3996.481&lmt=1654303945504846&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJGDF_qa8cQ0ra9S3t0nEGX_a4F5KTl0rEMqxOljXR_wAiEArkspc3YL77ib9HP1SJumwOZu94nuwCmZu-9fMjxwWdY%3D&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=V4&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675884836&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgBgOHYhlF9yNcItgXikv5Iy0FnwaUzrCIonjzWJWtt40CIQD5wqUwD74JqpzFpeIvVW2L8pwRY2RpPb4odxDbbfcOPQ%3D%3D&range=0-72893&rn=4&rbuf=0&pot=D31RgS1iMDBOfWnOwXFR5WY72Pu9_dpNAArb8n1_6hBYTAzLQdr6guqacQaD0jLImR5THjU_KYW0rW5eQbY9BJsR3TJIg4GPLmyJCu6QV5pn4nB8kmkZL60ANtaiH87ssh09OlE= | 173.194.6.6 | 200 OK | 73 kB |
URL HTTP/1.1rr1---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=251&source=youtube&requiressl=yes&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=audio%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=68325369&dur=3996.481&lmt=1654303945504846&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJGDF_qa8cQ0ra9S3t0nEGX_a4F5KTl0rEMqxOljXR_wAiEArkspc3YL77ib9HP1SJumwOZu94nuwCmZu-9fMjxwWdY%3D&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=V4&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675884836&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgBgOHYhlF9yNcItgXikv5Iy0FnwaUzrCIonjzWJWtt40CIQD5wqUwD74JqpzFpeIvVW2L8pwRY2RpPb4odxDbbfcOPQ%3D%3D&range=0-72893&rn=4&rbuf=0&pot=D31RgS1iMDBOfWnOwXFR5WY72Pu9_dpNAArb8n1_6hBYTAzLQdr6guqacQaD0jLImR5THjU_KYW0rW5eQbY9BJsR3TJIg4GPLmyJCu6QV5pn4nB8kmkZL60ANtaiH87ssh09OlE= IP173.194.6.6:0
File typeWebM\012- EBML file, creator webmB\20\012- data Hash8c3e475d74d2830aa0842ed595059d24 9118e033ddd78f37a70ed65fe026f67fe05d479d d8220cf73aab3e9625e75e229e6d9450171fafc093fa734accfbb2fb59981bd4
POST /videoplayback?expire=1675906551&ei=l_njY52FCYHbyAWlyYq4Bw&ip=91.90.42.154&id=o-AJi-_onJZ2wwuQBH0x-zlgb_Ji4_sxC0BXvOtpZd7hiw&itag=251&source=youtube&requiressl=yes&spc=H3gIhpJXryoi40Lj3yy1WHKvhy071Q8&vprv=1&mime=audio%2Fwebm&ns=e4LIO9rPOTTsuzzR15P5W0YL&gir=yes&clen=68325369&dur=3996.481&lmt=1654303945504846&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Qh22dTf55iJ-QA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJGDF_qa8cQ0ra9S3t0nEGX_a4F5KTl0rEMqxOljXR_wAiEArkspc3YL77ib9HP1SJumwOZu94nuwCmZu-9fMjxwWdY%3D&alr=yes&cpn=1qW19tJd9Fr1KOf0&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=V4&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675884836&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgBgOHYhlF9yNcItgXikv5Iy0FnwaUzrCIonjzWJWtt40CIQD5wqUwD74JqpzFpeIvVW2L8pwRY2RpPb4odxDbbfcOPQ%3D%3D&range=0-72893&rn=4&rbuf=0&pot=D31RgS1iMDBOfWnOwXFR5WY72Pu9_dpNAArb8n1_6hBYTAzLQdr6guqacQaD0jLImR5THjU_KYW0rW5eQbY9BJsR3TJIg4GPLmyJCu6QV5pn4nB8kmkZL60ANtaiH87ssh09OlE= HTTP/1.1
Host: rr1---sn-5go7ynlk.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 04 Jun 2022 00:52:25 GMT
Content-Type: audio/webm
Date: Wed, 08 Feb 2023 19:35:51 GMT
Expires: Wed, 08 Feb 2023 19:35:51 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 72894
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=Neurodfdhdfeshy&subid3=590539155 |  188.114.96.1 | 200 OK | 0 B |
URL HTTP/2theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=Neurodfdhdfeshy&subid3=590539155 IP188.114.96.1:0
GET /video.php?aff_id=770&subid=10362&subid2=Neurodfdhdfeshy&subid3=590539155 HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:35:48 GMT
content-type: text/html
x-amz-id-2: Dh13HDutUwMx8Xzw5U1310kuW8lDdyNQcd3890j67RK6LN/7pH4s0yzs2hStuQ72ebxMsKIHlPc=
x-amz-request-id: EWYTW2Z9QRZ5JTM4
last-modified: Thu, 05 Jan 2023 11:30:33 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ifX42j%2FU9RA0yt8Z5EAN1N3kdik80TzHIS%2B22Yc0g02ZsaIJwb%2FTieGuNY8Mxe6UDdpNEq%2F2FCkB6RFLtsMBDCnql5TPE1G1%2BCwRCcJdvXHiSpe7DedD0WXWLCzL0%2FIuQVpktL5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7966cf7ddfdcb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tracking.buygoods.com/track/?a=6316&firstcookie=0&referrer=&product=1,2,3&sessid2=&caller_url=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3DNeurodfdhdfeshy%26subid3%3D590539155 | 172.66.43.22 | 200 OK | 0 B |
URL HTTP/2tracking.buygoods.com/track/?a=6316&firstcookie=0&referrer=&product=1,2,3&sessid2=&caller_url=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3DNeurodfdhdfeshy%26subid3%3D590539155 IP172.66.43.22:0
GET /track/?a=6316&firstcookie=0&referrer=&product=1,2,3&sessid2=&caller_url=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3DNeurodfdhdfeshy%26subid3%3D590539155 HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:35:50 GMT
content-type: application/javascript
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
set-cookie: spiaffid_6316=770; expires=Tue, 09-May-2023 19:35:50 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisubid_6316=10362%7CNeurodfdhdfeshy; expires=Tue, 09-May-2023 19:35:50 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spicampaign_id_6316=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6316=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6316=91.90.42.154::theneurocalmpro.com%2Fvideo; expires=Tue, 09-May-2023 19:35:50 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisessid2_6316=sessid20230208193544285; expires=Tue, 09-May-2023 19:35:50 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spi_funnel_codename_6316=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7966cf84fd8a1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| vdlvry.com/statics/statics.js | 172.67.179.149 | 200 OK | 0 B |
URL HTTP/2vdlvry.com/statics/statics.js IP172.67.179.149:0
GET /statics/statics.js HTTP/1.1
Host: vdlvry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:35:49 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=42271
etag: W/"c37445f495a5a241209082d3c834d24b"
last-modified: Wed, 01 Feb 2023 09:24:09 GMT
x-amz-id-2: qviNOM9m0+kwHoOnH9PS12P5r0Qrm7xtfZJqlm2vvCgebS9P2PGhzZYU9YROh5djJwDhZ/+Z1gQ=
x-amz-request-id: ZMH0ZRJ8AQX7ZPBX
cache-control: max-age=14400
cf-cache-status: HIT
age: 641414
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkX09vaoPYkxKt1TkwvBgB8XIvuhZIwQV6u62j%2BNt7plNDo3PD7hKZBd0eotI87%2FJPpe2tcKtLeUxkky%2BkGivMAcKzo2aAZk%2Brvs1n5Xx8I3ECt5KEI2HprpV6pb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966cf835a78b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| vdlvry.com/videoboxes/universal_player/player.js | 172.67.179.149 | 200 OK | 0 B |
URL HTTP/2vdlvry.com/videoboxes/universal_player/player.js IP172.67.179.149:0
GET /videoboxes/universal_player/player.js HTTP/1.1
Host: vdlvry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 19:35:49 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=28382
etag: W/"61f557d4f0aef449f8f99268be0fc926"
last-modified: Wed, 01 Feb 2023 09:24:10 GMT
x-amz-id-2: 9L63ennxTsA8qMHBAXxcPWjB0BwIAg1uFgsdlKF2zNF9vFj9ZTnxQNnZL8c/bRqz/4W+On6HTbw=
x-amz-request-id: ZMH54WG12JVAGCPW
cache-control: max-age=14400
cf-cache-status: HIT
age: 641414
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDsDlX7E9FiTfU0UBNQb9HiLPF8eOcsxommLZrDpxxvIRPmOWZc4sIp%2Fnrn1fzR1SU7gcEeVpkewp8nomRw%2FbsCRrDYtWWhpymODxa2nZsCUZq2m3ueeVuGdJfIN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7966cf835a76b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|