firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 14:35:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qkTt1MaN5SUB6mB_Z_bxjyJd0gRD7s8LdYjrWy0BjQp37A581wEqLA==
Age: 3344
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6164
Expires: Thu, 08 Sep 2022 17:14:01 GMT
Date: Thu, 08 Sep 2022 15:31:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0s1UeEFoQX-11fBpzbt69dlkyTAZqxDeVu0q5_5jdKkKafIeUmwMmQ==
age: 42283
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 08 Sep 2022 14:38:18 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 15:09:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OVA9jTU1qvDmYa-GiVetuhqY_F7Oh_EtJrdywlwuqJY_14hLsICSCA==
Age: 3180
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 301
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:18 GMT
Last-Modified: Thu, 08 Sep 2022 15:26:17 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
tuyendunglazada.net/
14.225.238.176301 Moved Permanently 20 B IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Sep 2022 15:31:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.25
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Location: https://tuyendunglazada.net/
push.services.mozilla.com/
52.39.126.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.126.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sr1Vf6nSUu3qlFNmKJh6WA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V+l6qEWmwBIyNOcdtogJywNAWcY=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d26473c8562fd454b10a396c4a16b3a9
8984364086b335c5b09b4a56a355c4a2502405f0
b116bf55c7aaa18879afb9cbd911beab021f17e503bdf3ccabcef3405cb2926e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B116BF55C7AAA18879AFB9CBD911BEAB021F17E503BDF3CCABCEF3405CB2926E"
Last-Modified: Tue, 06 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Thu, 08 Sep 2022 21:30:28 GMT
Date: Thu, 08 Sep 2022 15:31:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2654
Expires: Thu, 08 Sep 2022 16:15:34 GMT
Date: Thu, 08 Sep 2022 15:31:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2654
Expires: Thu, 08 Sep 2022 16:15:34 GMT
Date: Thu, 08 Sep 2022 15:31:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2654
Expires: Thu, 08 Sep 2022 16:15:34 GMT
Date: Thu, 08 Sep 2022 15:31:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a07d553b6441514870ed7e9e989a29a7
98c145b9326d1e6036fa9089d87a25232dd45b0b
373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lbCmv9fV9iBGOQvxRzleYwC5dBYeu1kRgSSkC2hycDmavyXj-KlFSw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:24:59 GMT
age: 61581
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: MG4_YJuVqfSCQ80FTdo5XU8xIi74XtILVbIQAbByh54QNOoMJCyS-Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:05 GMT
age: 63855
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f73ee4e91b38eaa36cadd4c437785f8
6ceea057f5ae50b9cef505da0a358e3d3b7d6a38
778d28e14b28c154843403470136d0efdcdd5e93e4b5aab784c12d4344e7af6f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11365
x-amzn-requestid: d50039cd-381c-4221-997e-9231d40ecfbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9V0EHEoAMFeag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f58-11cab61904bd14462cd13d0d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhobt81rs5gqg8hcr1Su3J3MNFt4_gR2hLHkIl5xDDS1HF9g_3ecCg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:40:35 GMT
age: 60645
etag: "6ceea057f5ae50b9cef505da0a358e3d3b7d6a38"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 05:29:44 GMT
age: 36096
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cd778a615e9a4ca3a25119790398434
d6daca74fc85d39274b3c7536f34528bef93ae97
e6b5a7a525e314e09c30985b22da7c34806df09cbe98ad52b00dcbf93a0dc054
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7251
x-amzn-requestid: 26b2021a-4440-47ce-8dba-d971cae60cc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9bmHcmoAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f7d-5471edce7de2374c3b8af888;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: d3MrDEyDFDylQKyfxONQ12_7IBvRAg8o0rSZ64WNRGNvDHqQyDmqJA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:17:17 GMT
age: 62043
etag: "d6daca74fc85d39274b3c7536f34528bef93ae97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1574e23-3c8b-4ce2-95be-812a884e557e.webp
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1574e23-3c8b-4ce2-95be-812a884e557e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3aa46849d3bba47d63691883cf00056e
705bece0f3cca112c508c6e77bbb728e6e733905
5f6d0e6996967667c18b02385c896f1734efe530f10ff27d212bd216da91b3cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1574e23-3c8b-4ce2-95be-812a884e557e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4320
x-amzn-requestid: cd37ae50-7ab0-48b6-8a30-caf4f941b65d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE9u4EeXIAMFoRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318432b-6751e5fc30a2ecae0776fa74;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:07:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j8HDRmAd1Pvds0Uw6nzTeY5jmYay8tT0raGl7I4yXEJV1EupiIl-Kw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 06:08:38 GMT
age: 33762
etag: "705bece0f3cca112c508c6e77bbb728e6e733905"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 86354a78c1da4ea13a932216048b2abf
ade657780508cffa8655f7cab6492dc25a79f0d2
458dbf1fcc4ef14e78b991b2f906704b4d27a985d2feb500bb5e5f832232887b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Lc658AfAAAAAIbOD_b8HNjEB6UTBxOY2UqqUv36&ver=3.0
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lc658AfAAAAAIbOD_b8HNjEB6UTBxOY2UqqUv36&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash ce740e4f5101bf8424ff6deb1c0b4a91
0472b6ac7e3fbff576fc5d3bb5bb226c1cb8fe33
0f5861380201f55118d3044a5b5f4dad05d9025430c25dfee9a90c29df75abe9
GET /recaptcha/api.js?render=6Lc658AfAAAAAIbOD_b8HNjEB6UTBxOY2UqqUv36&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 08 Sep 2022 15:31:20 GMT
date: Thu, 08 Sep 2022 15:31:20 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ede92f781233f857c299e00d2090aeba
b7296da3b0981e9c1937bf8ebc73d5138c5fa19a
16a97da8a523d4cb06430ff26d026d14377c888e5e80a78937afba38fded3122
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 721eb245d022db7af3e30ad4e6b94226
4a53b4e9ad119295498594089826bddea4d0b9a6
6f350e89f4e7a0cea74c003493ea950c768ffcbea234bcf68a818b60842a2f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tuyendunglazada.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 166861
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tuyendunglazada.net/wp-content/themes/flatsome-child/assets/css/font-awesome-all.css?ver=6.0.2
14.225.238.176200 OK 62 kB URL HTTP/2 tuyendunglazada.net/wp-content/themes/flatsome-child/assets/css/font-awesome-all.css?ver=6.0.2
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash 2e347c88ea5d3e96bb19bcd2617a8cb6
5b8c769f7d9399b88adbbaf4dbdbb160ed3fff1c
dcc0eb5adc2bfde2c79d48be037d1dc1715b3b05eb8b7a8c53342bef4adc8500
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome-child/assets/css/font-awesome-all.css?ver=6.0.2 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: text/css
last-modified: Sat, 01 Jan 2022 03:16:05 GMT
vary: Accept-Encoding
etag: W/"61cfc775-2a63d"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 721eb245d022db7af3e30ad4e6b94226
4a53b4e9ad119295498594089826bddea4d0b9a6
6f350e89f4e7a0cea74c003493ea950c768ffcbea234bcf68a818b60842a2f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tuyendunglazada.net/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.5
14.225.238.176200 OK 43 kB URL HTTP/2 tuyendunglazada.net/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.5
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash 133c54e4655524c73e439119035851e8
6506bb3569bb7c66dd8bf609ce3726b13a4dc6ed
7d1760a559c08c8d47ce7538f496044d62114d2b4c233df0fa259443467d7784
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.5 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: text/css
last-modified: Mon, 02 May 2022 11:10:00 GMT
vary: Accept-Encoding
etag: W/"626fbc08-2b751"
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
142.250.74.163200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5368, version 1.0\012- data
Hash a48b0f049358d7503c497abb4dcbc4d6
d764e136ada1fba8ec4d99994b179d984d7983b8
4ef7cd3d4ed7de91e7eb3c05a31c6fa1da0b08d07cbfab8ae108c34d5e39cdb9
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tuyendunglazada.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:20:17 GMT
expires: Wed, 06 Sep 2023 17:20:17 GMT
cache-control: public, max-age=31536000
age: 166266
last-modified: Tue, 26 Apr 2022 15:56:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tuyendunglazada.net/
14.225.238.176200 OK 18 kB IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash 690a889de29118373c238481ae8aaee7
678543ffa64d29ee7d19540b78a64180b287cd58
e02841d3b3b9f13439197ba3e753ee7edcdd726a1184d945279c6bc6a6c6d38d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
link: <https://tuyendunglazada.net/wp-json/>; rel="https://api.w.org/", <https://tuyendunglazada.net/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://tuyendunglazada.net/>; rel=shortlink
content-encoding: gzip
vary: Accept-Encoding,User-Agent
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tuyendunglazada.net/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6.1
14.225.238.176200 OK 507 B URL HTTP/2 tuyendunglazada.net/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6.1
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type ASCII text, with very long lines (999), with no line terminators
Hash 22f32f77e17fa7640cda0a401c2b0844
019765feeed7ea2a9e9e506ce000978ea3ecd171
269c0f075ceb9464731b25afc21ae41536b76ef76bf0cf856c42e3e6311ec6ce
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6.1 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: application/javascript
content-length: 507
x-accel-version: 0.01
last-modified: Wed, 25 May 2022 03:20:44 GMT
etag: "3e7-5dfcd8f0dbf07-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/s/player/f96f6702/www-player.css
216.58.207.238200 OK 49 kB URL HTTP/2 www.youtube.com/s/player/f96f6702/www-player.css
IP 216.58.207.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 666388d9ac2c812d3d9b0e511b1cfea0
4dfa524e6558a4aaf676578dd3275f544cb36625
a1532094c979ab2823b5baf7e5843d731e1c64765a8b8495f89bb56b7f7df117
GET /s/player/f96f6702/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/tD_zX2CU_o0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49081
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 02:33:16 GMT
expires: Thu, 07 Sep 2023 02:33:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
content-type: text/css
age: 133087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tuyendunglazada.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
14.225.238.176200 OK 23 kB URL HTTP/2 tuyendunglazada.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash 7ad78abff0cef933b7d48f857cecec49
7957f86c18378bfe1bafc766fc902c3cf1ba290d
7e0a2408b6cbfd8b62668f8f1b77bffd5b1a8a5eab4977a6f3c7c64d15236a11
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: application/javascript
last-modified: Sat, 28 May 2022 14:18:55 GMT
vary: Accept-Encoding
etag: W/"62922f4f-4ac6"
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/s/player/f96f6702/www-embed-player.vflset/www-embed-player.js
216.58.207.238200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/f96f6702/www-embed-player.vflset/www-embed-player.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (592)
Hash b53c09c40c493fdce3c7226bfbdea0c8
f47351c375bc4a585d6f7d4a9c95dea1321fffe3
a2968e101eb040349ba6a7f897fbad9f20f4a04cb35c3e1b575090edae6edf3d
GET /s/player/f96f6702/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/tD_zX2CU_o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97690
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 02:33:16 GMT
expires: Thu, 07 Sep 2023 02:33:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
content-type: text/javascript
age: 133087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tuyendunglazada.net/wp-content/themes/flatsome/assets/js/flatsome.js?ver=8d32fe071187c00e5c8eae51dcdefdd9
14.225.238.176200 OK 22 kB URL HTTP/2 tuyendunglazada.net/wp-content/themes/flatsome/assets/js/flatsome.js?ver=8d32fe071187c00e5c8eae51dcdefdd9
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash 77eaa7ee4ba7c59662ae935902c44b76
201890416cb9c67ec71ed2e57e872676fdf80df6
d23670bab24b300f7cda08b63e546ac333d27e121e840766a4639c60f9f481f5
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=8d32fe071187c00e5c8eae51dcdefdd9 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: application/javascript
last-modified: Mon, 02 May 2022 11:10:00 GMT
vary: Accept-Encoding
etag: W/"626fbc08-d978"
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/s/player/f96f6702/player_ias.vflset/en_US/base.js
216.58.207.238200 OK 587 kB URL HTTP/2 www.youtube.com/s/player/f96f6702/player_ias.vflset/en_US/base.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (596)
Size 587 kB (587364 bytes)
Hash ef214da071f4f29abd5c5093b622e8d4
8a812c88900794fcec5bdfb8e28b908df5e0f7dd
b47eea7c8155bc41a43f9b81052b4ef695c8334ff19ad3e63482b992570de388
GET /s/player/f96f6702/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/tD_zX2CU_o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 587364
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 02:43:18 GMT
expires: Thu, 07 Sep 2023 02:43:18 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Sep 2022 00:58:40 GMT
content-type: text/javascript
age: 132485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 721eb245d022db7af3e30ad4e6b94226
4a53b4e9ad119295498594089826bddea4d0b9a6
6f350e89f4e7a0cea74c003493ea950c768ffcbea234bcf68a818b60842a2f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tuyendunglazada.net/wp-content/uploads/2022/04/Layer-2.png
14.225.238.176200 OK 5.4 kB URL HTTP/2 tuyendunglazada.net/wp-content/uploads/2022/04/Layer-2.png
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 180 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash c36a8b6bb77ba96403a82fc0e6d2dfc5
2f21bb6568789dbd18501501bc54f825f93ed9fe
270c0855aa69c6aac844c7399aa6138709a6ddaef539c3726e75512ac5a92476
GET /wp-content/uploads/2022/04/Layer-2.png HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: image/png
content-length: 5446
last-modified: Tue, 05 Apr 2022 14:40:51 GMT
etag: "624c54f3-1546"
accept-ranges: bytes
X-Firefox-Spdy: h2
tuyendunglazada.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
14.225.238.176200 OK 7.8 kB URL HTTP/2 tuyendunglazada.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash fc41b3cffc1135fdda820170f0215956
9c705a312c52a4a6c9c2159b06fe5009f50eff6a
d482822d31cee62f086499488d2b9da89221cc28a32affa98691e61275221e38
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: text/css
last-modified: Wed, 25 May 2022 03:20:44 GMT
vary: Accept-Encoding
etag: W/"628da08c-aab"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09cd4a35767fb409963659229eaf672f
f5593747662cd2c08b83f186af133957bfd47911
27388cbcc6ac59310c6d64622658f85dbe5e67643e77d77ba1c60a9763106023
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tuyendunglazada.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
14.225.238.176200 OK 6.3 kB URL HTTP/2 tuyendunglazada.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash 5ac89580db49ef38fcfa30dfe7f0aa29
3f0f2f8ad1840727e3bab2f76c662b88b4246adb
a64d7d064b8d0739a0e1501dd722dc04ad94dbefc15908307d709250595779dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: application/javascript
last-modified: Sat, 28 May 2022 14:18:56 GMT
vary: Accept-Encoding
etag: W/"62922f50-48b9"
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/embed/tD_zX2CU_o0?autoplay=1&loop=1&playlist=tD_zX2CU_o0
216.58.207.238200 OK 27 kB URL HTTP/2 www.youtube.com/embed/tD_zX2CU_o0?autoplay=1&loop=1&playlist=tD_zX2CU_o0
IP 216.58.207.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60263)
Hash 0e253cb76c1dfe4f33f5d964d26ad34c
ac9fd4419305902a882e41ee0ca619ad10f24004
693526cef08a944a93f5fde547dd8a8a7dee1cdbd683430354f1d5e5856d2e63
GET /embed/tD_zX2CU_o0?autoplay=1&loop=1&playlist=tD_zX2CU_o0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Sep 2022 15:31:23 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=VQrRPuMAods; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=K3OvikNCtDs; Domain=.youtube.com; Expires=Tue, 07-Mar-2023 15:31:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+107; expires=Sat, 07-Sep-2024 15:31:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tuyendunglazada.net/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.5
14.225.238.176200 OK 5.8 kB URL HTTP/2 tuyendunglazada.net/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.5
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type ASCII text, with very long lines (12801)
Hash c9477d196fb8c0a2b07942bf47453cdd
88118347b65a3c688dd5d02bb6ab7de76251865d
ccb502e20acabaa925cca64960d9da87505529ded0d3b41c25886b6344cc3c66
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.5 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: application/javascript
last-modified: Mon, 02 May 2022 11:10:00 GMT
vary: Accept-Encoding
etag: W/"626fbc08-3e58"
content-encoding: gzip
X-Firefox-Spdy: h2
tuyendunglazada.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
14.225.238.176200 OK 5.0 kB URL HTTP/2 tuyendunglazada.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash 6f2f70e05e87fec6ed63928519f4b79b
dd56e5db7d166cc2ff984950ee3efe71021c3ce7
1665455e7243d4cf15263e0efc5638d2507115f6d20d249ec50ceda54798cdc7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
vary: Accept-Encoding
etag: W/"5fb4e3fe-2bd8"
content-encoding: gzip
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 08 Sep 2022 15:31:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 745359d372160932e8030c0199354252
1590e053a17d05095a48538fc08ff06245bac4d6
e7f798120d5e587145e512941e7c090ec2720d30d216e241f5b6f96d5b2d1241
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 08 Sep 2022 15:31:24 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 816ff365d70ba6ad876f9070f6d1e824
6b6f7e354b7367a5cc11f670e596b5e5558cfe49
27c9b7102ea58282f6ccbe9ed0098fcd65c08af8663ca4bdd07ae6a96e306b4d
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 08 Sep 2022 15:31:24 GMT
server: ESF
cache-control: private
content-length: 30652
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f2d235685cff00fcae2b21740bea9bde
b1f860b4ff869d2175e94046eb3dc1e169ac31a2
6f0aab075fe1ab51a547a0d710f93b0b41b92d25aa7f6be4ca58bad2b6fc6c02
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/tD_zX2CU_o0/sddefault.webp
142.250.74.150200 OK 35 kB URL HTTP/2 i.ytimg.com/vi_webp/tD_zX2CU_o0/sddefault.webp
IP 142.250.74.150:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 413c20af10d65325cb83f8690fa4cf08
1b3b06500ce917ed3bd322bf02372c2d7efc0754
579f691382b854b050ea9d4c6453259790cd351177ec6c6d9ce15f27dd03639d
GET /vi_webp/tD_zX2CU_o0/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 34782
date: Thu, 08 Sep 2022 15:31:24 GMT
expires: Thu, 08 Sep 2022 17:31:24 GMT
cache-control: public, max-age=7200
etag: "1650521462"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f2d235685cff00fcae2b21740bea9bde
b1f860b4ff869d2175e94046eb3dc1e169ac31a2
6f0aab075fe1ab51a547a0d710f93b0b41b92d25aa7f6be4ca58bad2b6fc6c02
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 779383e90bef7189979a1d834245ad0d
2e6aa9f9eae3742bb6eb9a35af6650e30adc079c
4b70a8404975a2368a2e0f75263d53d287028c4779dff7e9fa54ba1780224824
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 08 Sep 2022 15:31:24 GMT
server: ESF
cache-control: private
content-length: 30690
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ae2329f5fe60faefad5bb59440e71946
f1df1a5f493d3a9d1803daad2134ce867c6656b8
df5c0d6f1287e52827f4a076313735a91be0cd17ec36de3627db0250f9965a93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/Ze5gfjwXdB-klKrDNdnJeJok-nEBJnEyOnU5GRBOHp9_Ed6i8UAog9rwppMM9GNdgbkcACd8QQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 5.2 kB URL HTTP/2 yt3.ggpht.com/Ze5gfjwXdB-klKrDNdnJeJok-nEBJnEyOnU5GRBOHp9_Ed6i8UAog9rwppMM9GNdgbkcACd8QQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 46627d719e7f5d4d347e2779d7ef1db0
1ec47ccb3e334137908c27b242eb6fee3ae1342c
2dba0e0827f72f88af1458b12ad5b434a7ee6c2b20b0da93898048d42f5ef8f7
GET /Ze5gfjwXdB-klKrDNdnJeJok-nEBJnEyOnU5GRBOHp9_Ed6i8UAog9rwppMM9GNdgbkcACd8QQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5237
x-xss-protection: 0
date: Thu, 08 Sep 2022 14:42:49 GMT
expires: Fri, 26 Aug 2022 05:13:19 GMT
cache-control: public, max-age=86400, no-transform
age: 2915
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e1c651c1458f9c98e2868d85e559248b
041b1883df345e8d9b6d387c50e182c82a41a1cf
3984dc342e83a930ba5714b391bbc075fbbbf70c4f9082bb5aa7988afd7b1983
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tuyendunglazada.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
14.225.238.176200 OK 4.9 kB URL HTTP/2 tuyendunglazada.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash eeb0fece75d1e432a89ae540a387702e
9055b587dc1e11cc78df09a8ed8e4f01a9d3d676
f7ba7a78e594cbab89d5d513a2e868a879064fabdb572b29adc6c549373abb3e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: application/javascript
last-modified: Sat, 28 May 2022 14:18:55 GMT
vary: Accept-Encoding
etag: W/"62922f4f-194b"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5efbedf2c1705edac5c90989c2187634
8c9cbd647c006aa5ecd5577f244da61489ebf284
a9e50cbc803ba4b8ecdb73d5a897ec7ed900f860671befd84428741e5ae71bcd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5efbedf2c1705edac5c90989c2187634
8c9cbd647c006aa5ecd5577f244da61489ebf284
a9e50cbc803ba4b8ecdb73d5a897ec7ed900f860671befd84428741e5ae71bcd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5efbedf2c1705edac5c90989c2187634
8c9cbd647c006aa5ecd5577f244da61489ebf284
a9e50cbc803ba4b8ecdb73d5a897ec7ed900f860671befd84428741e5ae71bcd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5efbedf2c1705edac5c90989c2187634
8c9cbd647c006aa5ecd5577f244da61489ebf284
a9e50cbc803ba4b8ecdb73d5a897ec7ed900f860671befd84428741e5ae71bcd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&mime=video%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDeoC_NsbrdNObRRlPsU-ezVCGVK0XbcjL519CWV9XUUCIQDTdkIWvTLvzudoU8a4qVXrhO_qkWbizMaVSWXb5dXOhQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgSGHi_1NKalAVsLfPSik3YuMLH_IpgQGEaW4mxCUeyNMCIGShJpdO2Ku1mdZmpK2IabrD3iQxb6jVfvompHkDm-3s&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&range=0-93860&rn=1&rbuf=0
91.90.45.172200 OK 1.2 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&mime=video%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDeoC_NsbrdNObRRlPsU-ezVCGVK0XbcjL519CWV9XUUCIQDTdkIWvTLvzudoU8a4qVXrhO_qkWbizMaVSWXb5dXOhQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgSGHi_1NKalAVsLfPSik3YuMLH_IpgQGEaW4mxCUeyNMCIGShJpdO2Ku1mdZmpK2IabrD3iQxb6jVfvompHkDm-3s&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&range=0-93860&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1155), with no line terminators
Hash 05c3636f7e929f905143b853e7a05a52
286e92f222f94919c5527523a0850bbdc7810c96
78e599b055c8ab87987c4a96f56a8cdc13b3f97961fa2bed1afe24498b2b1349
GET /videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&mime=video%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDeoC_NsbrdNObRRlPsU-ezVCGVK0XbcjL519CWV9XUUCIQDTdkIWvTLvzudoU8a4qVXrhO_qkWbizMaVSWXb5dXOhQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgSGHi_1NKalAVsLfPSik3YuMLH_IpgQGEaW4mxCUeyNMCIGShJpdO2Ku1mdZmpK2IabrD3iQxb6jVfvompHkDm-3s&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&range=0-93860&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 08 Sep 2022 15:31:25 GMT
Expires: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1155
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=251&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgS7yEKgHeRIUH_ZenAt_kUNWWNmnc8n6vbUdwEuqMP9UCIGKdhc-O9PXUCx_L1QQQwXI3OJUyTmFIo_ypEEdtOyH5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgSGHi_1NKalAVsLfPSik3YuMLH_IpgQGEaW4mxCUeyNMCIGShJpdO2Ku1mdZmpK2IabrD3iQxb6jVfvompHkDm-3s&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&range=0-65835&rn=2&rbuf=0
91.90.45.172200 OK 1.1 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=251&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgS7yEKgHeRIUH_ZenAt_kUNWWNmnc8n6vbUdwEuqMP9UCIGKdhc-O9PXUCx_L1QQQwXI3OJUyTmFIo_ypEEdtOyH5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgSGHi_1NKalAVsLfPSik3YuMLH_IpgQGEaW4mxCUeyNMCIGShJpdO2Ku1mdZmpK2IabrD3iQxb6jVfvompHkDm-3s&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&range=0-65835&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1054), with no line terminators
Hash ca01cf2cc917a0d40a7f6227d7a71cdd
b6e5707cf7075917f0c48686d9cbbfd9c646f662
b13228681f8b538d48c8c5b90d9c39335dde8ef956e20ef7df324bbaeab8fc4c
GET /videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=251&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgS7yEKgHeRIUH_ZenAt_kUNWWNmnc8n6vbUdwEuqMP9UCIGKdhc-O9PXUCx_L1QQQwXI3OJUyTmFIo_ypEEdtOyH5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgSGHi_1NKalAVsLfPSik3YuMLH_IpgQGEaW4mxCUeyNMCIGShJpdO2Ku1mdZmpK2IabrD3iQxb6jVfvompHkDm-3s&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&range=0-65835&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 08 Sep 2022 15:31:25 GMT
Expires: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1054
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=251&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=audio%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=240855&dur=15.041&lmt=1650668977485663&mt=1662650250&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANaGiXZ357_NCRJfvYmNZY9dCbgX6OTll_ycImGWlBsMAiADZTrE-FTe8oGpwlH-p1SDl6GAWJzNAYf7Wfp18kpujQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgTu3B_qqXOrDSz1SPWfV79hzTd02vxFQIdHuE2GM_7I0CIAU3Tp_lD8-JJszsulm7zqPY342xTvpAG77jrY0N7tk1&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&range=0-65835&rn=2&rbuf=0
91.90.45.172200 OK 1.0 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=251&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=audio%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=240855&dur=15.041&lmt=1650668977485663&mt=1662650250&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANaGiXZ357_NCRJfvYmNZY9dCbgX6OTll_ycImGWlBsMAiADZTrE-FTe8oGpwlH-p1SDl6GAWJzNAYf7Wfp18kpujQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgTu3B_qqXOrDSz1SPWfV79hzTd02vxFQIdHuE2GM_7I0CIAU3Tp_lD8-JJszsulm7zqPY342xTvpAG77jrY0N7tk1&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&range=0-65835&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1037), with no line terminators
Hash 8798f7d90959708a9a5dae46e72ec021
bdaa210e63161af4576bd265cf69bd82f2b48dcb
3f15ff42b1631c343394fed6b012077e8aa55a22230b06ce45e784b053a6c482
GET /videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=251&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=audio%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=240855&dur=15.041&lmt=1650668977485663&mt=1662650250&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANaGiXZ357_NCRJfvYmNZY9dCbgX6OTll_ycImGWlBsMAiADZTrE-FTe8oGpwlH-p1SDl6GAWJzNAYf7Wfp18kpujQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgTu3B_qqXOrDSz1SPWfV79hzTd02vxFQIdHuE2GM_7I0CIAU3Tp_lD8-JJszsulm7zqPY342xTvpAG77jrY0N7tk1&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&range=0-65835&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 08 Sep 2022 15:31:25 GMT
Expires: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1037
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
www.youtube.com/embed/tD_zX2CU_o0
216.58.207.238200 OK 28 kB URL HTTP/2 www.youtube.com/embed/tD_zX2CU_o0
IP 216.58.207.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (59709)
Hash 06ddb6ad2e7743069c9c61b5e0d6c424
7a0c9c52f0f323fd810426e6f789b0a1e0f28e79
dd3f47164f719efce194225640c35cf3da58af8e55fcaa32fa05355cc756ac05
GET /embed/tD_zX2CU_o0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Sep 2022 15:31:23 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=NjT2vgiOFh0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=LA3AUY4ygv8; Domain=.youtube.com; Expires=Tue, 07-Mar-2023 15:31:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+019; expires=Sat, 07-Sep-2024 15:31:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5efbedf2c1705edac5c90989c2187634
8c9cbd647c006aa5ecd5577f244da61489ebf284
a9e50cbc803ba4b8ecdb73d5a897ec7ed900f860671befd84428741e5ae71bcd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ad83f86742d4320119b49bea74df44c
46a50acd99f62c9224ae3119086fca4bb3029e04
b1bfd67afe8111aad88ae0f53d43b4680111ed0289bf5345643f61270da6bd07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ad83f86742d4320119b49bea74df44c
46a50acd99f62c9224ae3119086fca4bb3029e04
b1bfd67afe8111aad88ae0f53d43b4680111ed0289bf5345643f61270da6bd07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ad83f86742d4320119b49bea74df44c
46a50acd99f62c9224ae3119086fca4bb3029e04
b1bfd67afe8111aad88ae0f53d43b4680111ed0289bf5345643f61270da6bd07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr3---sn-5go7ynld.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&mime=video%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDeoC_NsbrdNObRRlPsU-ezVCGVK0XbcjL519CWV9XUUCIQDTdkIWvTLvzudoU8a4qVXrhO_qkWbizMaVSWXb5dXOhQ%3D%3D&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662650971&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKvjo1Du64W7dz3oyHkLZHlPoNLMIN3WfCcLt26XEgfmAiA5Uoycv4MyFV_jMYaDFU7liyajjBnbuT818fHYfKqudQ%3D%3D&range=0-93860&rn=3&rbuf=0
74.125.111.72200 OK 1.2 kB URL HTTP/1.1 rr3---sn-5go7ynld.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&mime=video%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDeoC_NsbrdNObRRlPsU-ezVCGVK0XbcjL519CWV9XUUCIQDTdkIWvTLvzudoU8a4qVXrhO_qkWbizMaVSWXb5dXOhQ%3D%3D&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662650971&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKvjo1Du64W7dz3oyHkLZHlPoNLMIN3WfCcLt26XEgfmAiA5Uoycv4MyFV_jMYaDFU7liyajjBnbuT818fHYfKqudQ%3D%3D&range=0-93860&rn=3&rbuf=0
IP 74.125.111.72:0
File type ASCII text, with very long lines (1166), with no line terminators
Hash 09c982774ef929be44cc4832c42d47de
ac245f38fe3a0a265d77ee55a5b805e00eeb6002
340f57e398c8a3f91e5877dfd0182afb2ba275d98a54ef9b726562aec49a4b09
GET /videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&mime=video%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDeoC_NsbrdNObRRlPsU-ezVCGVK0XbcjL519CWV9XUUCIQDTdkIWvTLvzudoU8a4qVXrhO_qkWbizMaVSWXb5dXOhQ%3D%3D&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662650971&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKvjo1Du64W7dz3oyHkLZHlPoNLMIN3WfCcLt26XEgfmAiA5Uoycv4MyFV_jMYaDFU7liyajjBnbuT818fHYfKqudQ%3D%3D&range=0-93860&rn=3&rbuf=0 HTTP/1.1
Host: rr3---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 08 Sep 2022 15:31:25 GMT
Expires: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1166
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ad83f86742d4320119b49bea74df44c
46a50acd99f62c9224ae3119086fca4bb3029e04
b1bfd67afe8111aad88ae0f53d43b4680111ed0289bf5345643f61270da6bd07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr3---sn-5go7ynld.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=251&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgS7yEKgHeRIUH_ZenAt_kUNWWNmnc8n6vbUdwEuqMP9UCIGKdhc-O9PXUCx_L1QQQwXI3OJUyTmFIo_ypEEdtOyH5&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662650971&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKsAC7q6Rp9lce-N-7U0n9w7lVJe30MrYxDJK0izlCllAiBrgjfTFRhXIorOMn98iZbnDT9eYxY91KKraTvQST2xAQ%3D%3D&range=0-65835&rn=4&rbuf=0
74.125.111.72200 OK 1.1 kB URL HTTP/1.1 rr3---sn-5go7ynld.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=251&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgS7yEKgHeRIUH_ZenAt_kUNWWNmnc8n6vbUdwEuqMP9UCIGKdhc-O9PXUCx_L1QQQwXI3OJUyTmFIo_ypEEdtOyH5&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662650971&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKsAC7q6Rp9lce-N-7U0n9w7lVJe30MrYxDJK0izlCllAiBrgjfTFRhXIorOMn98iZbnDT9eYxY91KKraTvQST2xAQ%3D%3D&range=0-65835&rn=4&rbuf=0
IP 74.125.111.72:0
File type ASCII text, with very long lines (1065), with no line terminators
Hash 6739555c78360940fba4f6f50699eeef
a12c0f20f1f1923aeb46c57c3abfb09c672ef24b
64796c74259372122472473d7c9a678acd8db8155990130923eaa0ae4b5cf1e9
GET /videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=251&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgS7yEKgHeRIUH_ZenAt_kUNWWNmnc8n6vbUdwEuqMP9UCIGKdhc-O9PXUCx_L1QQQwXI3OJUyTmFIo_ypEEdtOyH5&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1662650971&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKsAC7q6Rp9lce-N-7U0n9w7lVJe30MrYxDJK0izlCllAiBrgjfTFRhXIorOMn98iZbnDT9eYxY91KKraTvQST2xAQ%3D%3D&range=0-65835&rn=4&rbuf=0 HTTP/1.1
Host: rr3---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 08 Sep 2022 15:31:25 GMT
Expires: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1065
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr5---sn-5goeenes.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=video%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=774535&dur=15.015&lmt=1650670353116806&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgfi9qGwIA13RebE2EwHXpJC0DB8ObBsjtKK3W-pPm7BgCIQC8FDbkSZSzSz_rytUF1tOmR4Sni5uHr89MtcbLvBm67A%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5goeenes&ms=rdu&mt=1662650971&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSF2fRUkIUyPRbYEGQPqyrD1D2vqNl-ExIjH3vRZ6Z4sCIQCD97yQx_2lq2MjI4jHk9Xsx_w9kyzLhUq9cTuRPISOXg%3D%3D&range=0-125842&rn=4&rbuf=0
74.125.108.234200 OK 1.2 kB URL HTTP/1.1 rr5---sn-5goeenes.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=video%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=774535&dur=15.015&lmt=1650670353116806&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgfi9qGwIA13RebE2EwHXpJC0DB8ObBsjtKK3W-pPm7BgCIQC8FDbkSZSzSz_rytUF1tOmR4Sni5uHr89MtcbLvBm67A%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5goeenes&ms=rdu&mt=1662650971&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSF2fRUkIUyPRbYEGQPqyrD1D2vqNl-ExIjH3vRZ6Z4sCIQCD97yQx_2lq2MjI4jHk9Xsx_w9kyzLhUq9cTuRPISOXg%3D%3D&range=0-125842&rn=4&rbuf=0
IP 74.125.108.234:0
File type ASCII text, with very long lines (1166), with no line terminators
Hash b7de070aa8310f398ef20fab94b1c75a
cbf3dac671fd539793f4c9954f99eee788f46ada
0536c2a71fa1230f30ed0d56f59c549389853b5b22f81aca0ebd4fe79a5d70cb
GET /videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=video%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=774535&dur=15.015&lmt=1650670353116806&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgfi9qGwIA13RebE2EwHXpJC0DB8ObBsjtKK3W-pPm7BgCIQC8FDbkSZSzSz_rytUF1tOmR4Sni5uHr89MtcbLvBm67A%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5goeenes&ms=rdu&mt=1662650971&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgSF2fRUkIUyPRbYEGQPqyrD1D2vqNl-ExIjH3vRZ6Z4sCIQCD97yQx_2lq2MjI4jHk9Xsx_w9kyzLhUq9cTuRPISOXg%3D%3D&range=0-125842&rn=4&rbuf=0 HTTP/1.1
Host: rr5---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 08 Sep 2022 15:31:25 GMT
Expires: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1166
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr5---sn-5goeenes.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=251&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=audio%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=240855&dur=15.041&lmt=1650668977485663&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANaGiXZ357_NCRJfvYmNZY9dCbgX6OTll_ycImGWlBsMAiADZTrE-FTe8oGpwlH-p1SDl6GAWJzNAYf7Wfp18kpujQ%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5goeenes&ms=rdu&mt=1662650971&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPZeUR62bRyx7mQQK00o_KBMt9oujo1P6WICpiAl_ENsAiARrqgyikF9OS4W-RrNK15hcPDF__xHOa-JzF_NeTQ3pA%3D%3D&range=0-65835&rn=3&rbuf=0
74.125.108.234200 OK 1.0 kB URL HTTP/1.1 rr5---sn-5goeenes.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=251&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=audio%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=240855&dur=15.041&lmt=1650668977485663&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANaGiXZ357_NCRJfvYmNZY9dCbgX6OTll_ycImGWlBsMAiADZTrE-FTe8oGpwlH-p1SDl6GAWJzNAYf7Wfp18kpujQ%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5goeenes&ms=rdu&mt=1662650971&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPZeUR62bRyx7mQQK00o_KBMt9oujo1P6WICpiAl_ENsAiARrqgyikF9OS4W-RrNK15hcPDF__xHOa-JzF_NeTQ3pA%3D%3D&range=0-65835&rn=3&rbuf=0
IP 74.125.108.234:0
File type ASCII text, with very long lines (1048), with no line terminators
Hash be4106eb656dd280958d915256b68f2a
d8921d830cc08736adb94c92488cb53ff567a67c
7a9378392ca7dd8e80545749c0f68b0ac303714a27b008708d56d9f6cd248367
GET /videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=251&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=audio%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=240855&dur=15.041&lmt=1650668977485663&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANaGiXZ357_NCRJfvYmNZY9dCbgX6OTll_ycImGWlBsMAiADZTrE-FTe8oGpwlH-p1SDl6GAWJzNAYf7Wfp18kpujQ%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=1v&mm=29&mn=sn-5goeenes&ms=rdu&mt=1662650971&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPZeUR62bRyx7mQQK00o_KBMt9oujo1P6WICpiAl_ENsAiARrqgyikF9OS4W-RrNK15hcPDF__xHOa-JzF_NeTQ3pA%3D%3D&range=0-65835&rn=3&rbuf=0 HTTP/1.1
Host: rr5---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 08 Sep 2022 15:31:25 GMT
Expires: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1048
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ad83f86742d4320119b49bea74df44c
46a50acd99f62c9224ae3119086fca4bb3029e04
b1bfd67afe8111aad88ae0f53d43b4680111ed0289bf5345643f61270da6bd07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ad83f86742d4320119b49bea74df44c
46a50acd99f62c9224ae3119086fca4bb3029e04
b1bfd67afe8111aad88ae0f53d43b4680111ed0289bf5345643f61270da6bd07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6jTIIS2yAWiqYagDQ&ip=91.90.42.154&id=o-ACBu5YaeKGdXL5NDIGWEE4PlW7_zBE0NgTfekCtaIZk8&itag=251&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-Kht0AO8_8xnYeab7bM95WQhcNoSU&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=-ZSFq9IZb_hdthTp5uRWYqYH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KwkR6bBdpBESfw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgS2LrKIz-KwRR6B-scGzxnX06EsAXKmupoBJtlAsWVQUCIQC5o8ZrTsR4t47x2d8C0svafI3gtCsofp7VJYbWp97tOQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgRo-LepF1B4WxBroXckONw8siYLQe2JxgB0c6e7lSeZECIDyrgPaEnwf2dvdn0QQk6XB9ax3IdxZO850dA-LYrUbJ&alr=yes&cpn=QrYGJZGY3Og_pZLT&cver=1.20220904.00.01&range=0-65835&rn=2&rbuf=0
91.90.45.172200 OK 66 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6jTIIS2yAWiqYagDQ&ip=91.90.42.154&id=o-ACBu5YaeKGdXL5NDIGWEE4PlW7_zBE0NgTfekCtaIZk8&itag=251&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-Kht0AO8_8xnYeab7bM95WQhcNoSU&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=-ZSFq9IZb_hdthTp5uRWYqYH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KwkR6bBdpBESfw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgS2LrKIz-KwRR6B-scGzxnX06EsAXKmupoBJtlAsWVQUCIQC5o8ZrTsR4t47x2d8C0svafI3gtCsofp7VJYbWp97tOQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgRo-LepF1B4WxBroXckONw8siYLQe2JxgB0c6e7lSeZECIDyrgPaEnwf2dvdn0QQk6XB9ax3IdxZO850dA-LYrUbJ&alr=yes&cpn=QrYGJZGY3Og_pZLT&cver=1.20220904.00.01&range=0-65835&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 5d76168633831cadcd5a5135eb30e2c9
949c295d06f0b362d7c5bdde98f8e58f346d7ef3
c99a86d5368be2353628388d628fc40c6bab20c6b59e28e5d11624defd1e7d23
GET /videoplayback?expire=1662672684&ei=zAoaY6jTIIS2yAWiqYagDQ&ip=91.90.42.154&id=o-ACBu5YaeKGdXL5NDIGWEE4PlW7_zBE0NgTfekCtaIZk8&itag=251&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-Kht0AO8_8xnYeab7bM95WQhcNoSU&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=-ZSFq9IZb_hdthTp5uRWYqYH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KwkR6bBdpBESfw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgS2LrKIz-KwRR6B-scGzxnX06EsAXKmupoBJtlAsWVQUCIQC5o8ZrTsR4t47x2d8C0svafI3gtCsofp7VJYbWp97tOQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgRo-LepF1B4WxBroXckONw8siYLQe2JxgB0c6e7lSeZECIDyrgPaEnwf2dvdn0QQk6XB9ax3IdxZO850dA-LYrUbJ&alr=yes&cpn=QrYGJZGY3Og_pZLT&cver=1.20220904.00.01&range=0-65835&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 16 Jun 2022 12:40:36 GMT
Content-Type: audio/webm
Date: Thu, 08 Sep 2022 15:31:25 GMT
Expires: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65836
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=251&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgS7yEKgHeRIUH_ZenAt_kUNWWNmnc8n6vbUdwEuqMP9UCIGKdhc-O9PXUCx_L1QQQwXI3OJUyTmFIo_ypEEdtOyH5&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5golk7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALzWLwHgc1n4KO4HY-cVqNGiv3cF2uUFRMH-PVEiawSuAiAMeP4aqJJG--EfrruI3JHgmBT5f46WUaCa_5Ua7yjHjw%3D%3D&range=0-65835&rn=6&rbuf=0
172.217.132.40200 OK 66 kB URL HTTP/1.1 rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=251&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgS7yEKgHeRIUH_ZenAt_kUNWWNmnc8n6vbUdwEuqMP9UCIGKdhc-O9PXUCx_L1QQQwXI3OJUyTmFIo_ypEEdtOyH5&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5golk7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALzWLwHgc1n4KO4HY-cVqNGiv3cF2uUFRMH-PVEiawSuAiAMeP4aqJJG--EfrruI3JHgmBT5f46WUaCa_5Ua7yjHjw%3D%3D&range=0-65835&rn=6&rbuf=0
IP 172.217.132.40:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 5d76168633831cadcd5a5135eb30e2c9
949c295d06f0b362d7c5bdde98f8e58f346d7ef3
c99a86d5368be2353628388d628fc40c6bab20c6b59e28e5d11624defd1e7d23
GET /videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=251&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&xtags=drc%3D1&mime=audio%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=241227&dur=15.041&lmt=1655383236447533&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cxtags%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgS7yEKgHeRIUH_ZenAt_kUNWWNmnc8n6vbUdwEuqMP9UCIGKdhc-O9PXUCx_L1QQQwXI3OJUyTmFIo_ypEEdtOyH5&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5golk7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALzWLwHgc1n4KO4HY-cVqNGiv3cF2uUFRMH-PVEiawSuAiAMeP4aqJJG--EfrruI3JHgmBT5f46WUaCa_5Ua7yjHjw%3D%3D&range=0-65835&rn=6&rbuf=0 HTTP/1.1
Host: rr3---sn-5hne6nsk.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 16 Jun 2022 12:40:36 GMT
Content-Type: audio/webm
Date: Thu, 08 Sep 2022 15:31:25 GMT
Expires: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65836
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=251&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=audio%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=240855&dur=15.041&lmt=1650668977485663&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANaGiXZ357_NCRJfvYmNZY9dCbgX6OTll_ycImGWlBsMAiADZTrE-FTe8oGpwlH-p1SDl6GAWJzNAYf7Wfp18kpujQ%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5goly76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAN1Ktx0zxxpTf5J9GhDJjgl4JmhKg6fKbBGoiweXenbkAiEA8AuQLYnJCWbn0LkzJsMPkWidNklH7lXnvF-BdwnEX6k%3D&range=0-65835&rn=6&rbuf=0
172.217.132.40200 OK 66 kB URL HTTP/1.1 rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=251&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=audio%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=240855&dur=15.041&lmt=1650668977485663&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANaGiXZ357_NCRJfvYmNZY9dCbgX6OTll_ycImGWlBsMAiADZTrE-FTe8oGpwlH-p1SDl6GAWJzNAYf7Wfp18kpujQ%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5goly76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAN1Ktx0zxxpTf5J9GhDJjgl4JmhKg6fKbBGoiweXenbkAiEA8AuQLYnJCWbn0LkzJsMPkWidNklH7lXnvF-BdwnEX6k%3D&range=0-65835&rn=6&rbuf=0
IP 172.217.132.40:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash e45b7847c6ad807057d1aa48d848dc2b
fa94c0982ec0d59321a84dfc339e4db4d916d0a6
789f636f0a9765a887849969461225a404f6cd4a276f0754433ef3d639605561
GET /videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=251&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=audio%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=240855&dur=15.041&lmt=1650668977485663&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5532434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANaGiXZ357_NCRJfvYmNZY9dCbgX6OTll_ycImGWlBsMAiADZTrE-FTe8oGpwlH-p1SDl6GAWJzNAYf7Wfp18kpujQ%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5goly76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAN1Ktx0zxxpTf5J9GhDJjgl4JmhKg6fKbBGoiweXenbkAiEA8AuQLYnJCWbn0LkzJsMPkWidNklH7lXnvF-BdwnEX6k%3D&range=0-65835&rn=6&rbuf=0 HTTP/1.1
Host: rr3---sn-5hne6nsk.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 22 Apr 2022 23:09:37 GMT
Content-Type: audio/webm
Date: Thu, 08 Sep 2022 15:31:25 GMT
Expires: Thu, 08 Sep 2022 15:31:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65836
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6jTIIS2yAWiqYagDQ&ip=91.90.42.154&id=o-ACBu5YaeKGdXL5NDIGWEE4PlW7_zBE0NgTfekCtaIZk8&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-Kht0AO8_8xnYeab7bM95WQhcNoSU&vprv=1&mime=video%2Fwebm&ns=-ZSFq9IZb_hdthTp5uRWYqYH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KwkR6bBdpBESfw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgJ4Z_tzUi7rcAqmVev7dnpXKZsGchKn_LjoLr0GRCxQMCIBuPfNs7HY39kHWbS8dHG-Btcc6VXp5kdsLZ4Y9O2ibS&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgRo-LepF1B4WxBroXckONw8siYLQe2JxgB0c6e7lSeZECIDyrgPaEnwf2dvdn0QQk6XB9ax3IdxZO850dA-LYrUbJ&alr=yes&cpn=QrYGJZGY3Og_pZLT&cver=1.20220904.00.01&range=0-93860&rn=1&rbuf=0
91.90.45.172200 OK 94 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6jTIIS2yAWiqYagDQ&ip=91.90.42.154&id=o-ACBu5YaeKGdXL5NDIGWEE4PlW7_zBE0NgTfekCtaIZk8&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-Kht0AO8_8xnYeab7bM95WQhcNoSU&vprv=1&mime=video%2Fwebm&ns=-ZSFq9IZb_hdthTp5uRWYqYH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KwkR6bBdpBESfw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgJ4Z_tzUi7rcAqmVev7dnpXKZsGchKn_LjoLr0GRCxQMCIBuPfNs7HY39kHWbS8dHG-Btcc6VXp5kdsLZ4Y9O2ibS&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgRo-LepF1B4WxBroXckONw8siYLQe2JxgB0c6e7lSeZECIDyrgPaEnwf2dvdn0QQk6XB9ax3IdxZO850dA-LYrUbJ&alr=yes&cpn=QrYGJZGY3Og_pZLT&cver=1.20220904.00.01&range=0-93860&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash ea477ecd436dbbd213eafbf47ecdeed7
a157e68c9dee7038c6844b8ea7e75c3f5be9a9e9
fdfca2a1e582c2a357e2014ea12fd68fb1c459e804d6e65315dbb318f3f3dcbe
GET /videoplayback?expire=1662672684&ei=zAoaY6jTIIS2yAWiqYagDQ&ip=91.90.42.154&id=o-ACBu5YaeKGdXL5NDIGWEE4PlW7_zBE0NgTfekCtaIZk8&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=1v&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=lT-Kht0AO8_8xnYeab7bM95WQhcNoSU&vprv=1&mime=video%2Fwebm&ns=-ZSFq9IZb_hdthTp5uRWYqYH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&mt=1662650250&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KwkR6bBdpBESfw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgJ4Z_tzUi7rcAqmVev7dnpXKZsGchKn_LjoLr0GRCxQMCIBuPfNs7HY39kHWbS8dHG-Btcc6VXp5kdsLZ4Y9O2ibS&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgRo-LepF1B4WxBroXckONw8siYLQe2JxgB0c6e7lSeZECIDyrgPaEnwf2dvdn0QQk6XB9ax3IdxZO850dA-LYrUbJ&alr=yes&cpn=QrYGJZGY3Og_pZLT&cver=1.20220904.00.01&range=0-93860&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 22 Apr 2022 23:32:30 GMT
Content-Type: video/webm
Date: Thu, 08 Sep 2022 15:31:26 GMT
Expires: Thu, 08 Sep 2022 15:31:26 GMT
Cache-Control: private, max-age=21298
Accept-Ranges: bytes
Content-Length: 93861
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=video%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=774535&dur=15.015&lmt=1650670353116806&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgfi9qGwIA13RebE2EwHXpJC0DB8ObBsjtKK3W-pPm7BgCIQC8FDbkSZSzSz_rytUF1tOmR4Sni5uHr89MtcbLvBm67A%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5goly76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgQFmFbvLr6QnC7c0_Iv4EFeGdY7LsdUMJUspU1KTiLNECIQDnPXVSG_jB6XhJCs8HsiDdpTa10Qp5TWulr5qKgk7EZg%3D%3D&range=0-125842&rn=5&rbuf=0
172.217.132.40200 OK 59 kB URL HTTP/1.1 rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=video%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=774535&dur=15.015&lmt=1650670353116806&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgfi9qGwIA13RebE2EwHXpJC0DB8ObBsjtKK3W-pPm7BgCIQC8FDbkSZSzSz_rytUF1tOmR4Sni5uHr89MtcbLvBm67A%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5goly76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgQFmFbvLr6QnC7c0_Iv4EFeGdY7LsdUMJUspU1KTiLNECIQDnPXVSG_jB6XhJCs8HsiDdpTa10Qp5TWulr5qKgk7EZg%3D%3D&range=0-125842&rn=5&rbuf=0
IP 172.217.132.40:0
Hash ffcab5ffff4826a04dd91312aa3c8c5d
9a018d8065ab655915b2997712d3cc566b398b28
a459f355ac861e440d356097cafb0e17c8b7f5e7bbda800df168bc911960e0fe
GET /videoplayback?expire=1662672684&ei=zAoaY7-eEonzyAWl57ngDA&ip=91.90.42.154&id=o-AFni2ZrLvUa2C50fCi24Lde1jvyKcz8C97CJJ24w04S8&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-Khu6d34qw_GQRKNm-xYstUKxne7Q&vprv=1&mime=video%2Fwebm&ns=eVvq89oCoCd06Mfb8VaawLYH&gir=yes&clen=774535&dur=15.015&lmt=1650670353116806&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=ucZmcXiT3fkI1w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgfi9qGwIA13RebE2EwHXpJC0DB8ObBsjtKK3W-pPm7BgCIQC8FDbkSZSzSz_rytUF1tOmR4Sni5uHr89MtcbLvBm67A%3D%3D&alr=yes&cpn=KZF8fGIDPOSexAQN&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5goly76&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgQFmFbvLr6QnC7c0_Iv4EFeGdY7LsdUMJUspU1KTiLNECIQDnPXVSG_jB6XhJCs8HsiDdpTa10Qp5TWulr5qKgk7EZg%3D%3D&range=0-125842&rn=5&rbuf=0 HTTP/1.1
Host: rr3---sn-5hne6nsk.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 22 Apr 2022 23:32:33 GMT
Content-Type: video/webm
Date: Thu, 08 Sep 2022 15:31:26 GMT
Expires: Thu, 08 Sep 2022 15:31:26 GMT
Cache-Control: private, max-age=21298
Accept-Ranges: bytes
Content-Length: 125843
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ccc1d45458086694a8221a8a6c6aa3b
b8f1359214f21be812390a6cca80b8e84c26a403
461503caa5ec14c1214bdc19795e47b8c1c3c5be1b21f0f29e923e5191e93846
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8693
x-amzn-requestid: aae6e4f7-9b0a-49da-b2f1-58b625609942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgFokoAMFbwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-27854a575dea22e1035454e3;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: ja2OeAUlF9lkO2n0bSzYlZHXKnfa6Z4_lU7lAoLZkccaw7CCzFlyKg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:05 GMT
age: 63862
etag: "b8f1359214f21be812390a6cca80b8e84c26a403"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&mime=video%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDeoC_NsbrdNObRRlPsU-ezVCGVK0XbcjL519CWV9XUUCIQDTdkIWvTLvzudoU8a4qVXrhO_qkWbizMaVSWXb5dXOhQ%3D%3D&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5golk7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIxDAwYYwgJmkrmaHAp53-DVKRMew1rbKM8PpV0UkIKrAiBE_qqmHAMumzudxxD3qcR2dl2WgMhI3VVcybPB78_tNg%3D%3D&range=0-93860&rn=5&rbuf=0
172.217.132.40200 OK 94 kB URL HTTP/1.1 rr3---sn-5hne6nsk.googlevideo.com/videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&mime=video%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDeoC_NsbrdNObRRlPsU-ezVCGVK0XbcjL519CWV9XUUCIQDTdkIWvTLvzudoU8a4qVXrhO_qkWbizMaVSWXb5dXOhQ%3D%3D&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5golk7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIxDAwYYwgJmkrmaHAp53-DVKRMew1rbKM8PpV0UkIKrAiBE_qqmHAMumzudxxD3qcR2dl2WgMhI3VVcybPB78_tNg%3D%3D&range=0-93860&rn=5&rbuf=0
IP 172.217.132.40:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash ea477ecd436dbbd213eafbf47ecdeed7
a157e68c9dee7038c6844b8ea7e75c3f5be9a9e9
fdfca2a1e582c2a357e2014ea12fd68fb1c459e804d6e65315dbb318f3f3dcbe
GET /videoplayback?expire=1662672684&ei=zAoaY6f4Ge6A0u8P3cCc0Ag&ip=91.90.42.154&id=o-AADH3IEGkpdmJIWC2dquNe3BIE7Qkez2sKSac3f8JJTm&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=lT-KhifJGiWttwlNjuhQUpsAi95u-Bw&vprv=1&mime=video%2Fwebm&ns=HLprhP_eydOf3-OlAS0gassH&gir=yes&clen=564627&dur=15.015&lmt=1650670350427791&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5535434&n=KoekuGsyPK6QNA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDeoC_NsbrdNObRRlPsU-ezVCGVK0XbcjL519CWV9XUUCIQDTdkIWvTLvzudoU8a4qVXrhO_qkWbizMaVSWXb5dXOhQ%3D%3D&alr=yes&cpn=MZhr8BQJmKZQxIke&cver=1.20220904.00.01&cm2rm=sn-capm-vnae7e,sn-5golk7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=1v&mm=34&mn=sn-5hne6nsk&ms=ltu&mt=1662650945&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIxDAwYYwgJmkrmaHAp53-DVKRMew1rbKM8PpV0UkIKrAiBE_qqmHAMumzudxxD3qcR2dl2WgMhI3VVcybPB78_tNg%3D%3D&range=0-93860&rn=5&rbuf=0 HTTP/1.1
Host: rr3---sn-5hne6nsk.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 22 Apr 2022 23:32:30 GMT
Content-Type: video/webm
Date: Thu, 08 Sep 2022 15:31:26 GMT
Expires: Thu, 08 Sep 2022 15:31:26 GMT
Cache-Control: private, max-age=21298
Accept-Ranges: bytes
Content-Length: 93861
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
tuyendunglazada.net/wp-content/themes/flatsome-child/style.css?ver=3.0
14.225.238.176200 OK 0 B URL HTTP/2 tuyendunglazada.net/wp-content/themes/flatsome-child/style.css?ver=3.0
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: text/css
last-modified: Fri, 08 Apr 2022 03:45:02 GMT
vary: Accept-Encoding
etag: W/"624fafbe-4029"
content-encoding: gzip
X-Firefox-Spdy: h2
tuyendunglazada.net/wp-content/uploads/2022/04/thongbao.png
14.225.238.176200 OK 0 B URL HTTP/2 tuyendunglazada.net/wp-content/uploads/2022/04/thongbao.png
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
GET /wp-content/uploads/2022/04/thongbao.png HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:23 GMT
content-type: image/png
content-length: 268883
last-modified: Tue, 05 Apr 2022 14:59:00 GMT
etag: "624c5934-41a53"
accept-ranges: bytes
X-Firefox-Spdy: h2
tuyendunglazada.net/wp-content/themes/flatsome-child/assets/js/main.js?ver=1.0
14.225.238.176200 OK 0 B URL HTTP/2 tuyendunglazada.net/wp-content/themes/flatsome-child/assets/js/main.js?ver=1.0
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome-child/assets/js/main.js?ver=1.0 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: application/javascript
last-modified: Tue, 15 Mar 2022 08:17:13 GMT
vary: Accept-Encoding
etag: W/"62304b89-168e"
content-encoding: gzip
X-Firefox-Spdy: h2
tuyendunglazada.net/wp-includes/js/hoverIntent.min.js?ver=1.10.2
14.225.238.176200 OK 0 B URL HTTP/2 tuyendunglazada.net/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: application/javascript
last-modified: Sat, 28 May 2022 14:18:56 GMT
vary: Accept-Encoding
etag: W/"62922f50-5db"
content-encoding: gzip
X-Firefox-Spdy: h2
tuyendunglazada.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
14.225.238.176200 OK 0 B URL HTTP/2 tuyendunglazada.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
vary: Accept-Encoding
etag: W/"6048e0ac-15db1"
content-encoding: gzip
X-Firefox-Spdy: h2
tuyendunglazada.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
14.225.238.176200 OK 0 B URL HTTP/2 tuyendunglazada.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP 14.225.238.176:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: tuyendunglazada.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 15:31:20 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 03:20:44 GMT
vary: Accept-Encoding
etag: W/"628da08c-25f8"
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
IP 142.250.74.10:0
GET /css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tuyendunglazada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 15:31:20 GMT
date: Thu, 08 Sep 2022 15:31:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2