waterstoneranch.com/
35.187.82.108301 Moved Permanently 166 B IP 35.187.82.108:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: waterstoneranch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Tue, 31 Jan 2023 14:42:14 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://waterstoneranch.com/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20940
Expires: Tue, 31 Jan 2023 20:31:14 GMT
Date: Tue, 31 Jan 2023 14:42:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3701
Expires: Tue, 31 Jan 2023 15:43:55 GMT
Date: Tue, 31 Jan 2023 14:42:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12665
Expires: Tue, 31 Jan 2023 18:13:19 GMT
Date: Tue, 31 Jan 2023 14:42:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 13:43:17 GMT
content-type: application/json
age: 3537
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: o2WilYbj2CCF0OHtlQsFvbU2KGo7KNGvQzdRjAEOdfSQxk7U9YuNaeyL3vUJJS6IR6W9Cg5mFh0=
x-amz-request-id: YDMG3YX88B07HWXG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 14:22:15 GMT
age: 1199
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 14:42:14 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
waterstoneranch.com/
35.187.82.108200 OK 74 kB IP 35.187.82.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (47806)
Hash f6751aa67af0ed4f7bb9ec230b78a11e
9f8c36bf809c5a976f6bd7f396143e6d8c8d5d9d
102dcb09794893fcc89ffdc45297346e6ca4d4b7ccfc4f0dc1e728f134c00d83
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: waterstoneranch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 14:42:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
strict-transport-security: max-age=2592000
Content-Encoding: gzip
waterstoneranch.com/sw.e831f5a2a30fe845ebe2c91c3d51d20a.js
35.187.82.108200 OK 1.4 kB URL HTTP/1.1 waterstoneranch.com/sw.e831f5a2a30fe845ebe2c91c3d51d20a.js
IP 35.187.82.108:0
Hash 68de9b969ce943e1f7305fa7293b55a9
dc1d0c45dc5a363f9a36fcfdd70bde7a7671704a
a8470e146d208a526ce7cc6aaee911fc5715d638a889c37dfbac06775278fb13
Analyzer Verdict Alert fortinet Phishing
GET /sw.e831f5a2a30fe845ebe2c91c3d51d20a.js HTTP/1.1
Host: waterstoneranch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 14:42:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
strict-transport-security: max-age=2592000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-88G14ENHFW
142.250.74.40200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-88G14ENHFW
IP 142.250.74.40:0
File type ASCII text, with very long lines (25680)
Hash 2666d5c3b5d51eea452b2e49b049a911
0e293f3d513356e1e67c527c23896952c0739a26
16d95f47b267b5a5797ed4517303ca7b2956496bd279b32e33c16e64172f96f1
GET /gtag/js?id=G-88G14ENHFW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 14:42:15 GMT
expires: Tue, 31 Jan 2023 14:42:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79930
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
waterstoneranch.com/.sw_/_host_/_replacer_?1675176152382
35.187.82.108200 OK 2 B URL HTTP/1.1 waterstoneranch.com/.sw_/_host_/_replacer_?1675176152382
IP 35.187.82.108:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Analyzer Verdict Alert fortinet Phishing
GET /.sw_/_host_/_replacer_?1675176152382 HTTP/1.1
Host: waterstoneranch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://waterstoneranch.com/sw.e831f5a2a30fe845ebe2c91c3d51d20a.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 14:42:15 GMT
Content-Type: application/octet-stream
Content-Length: 2
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
IP 216.58.211.3:0
Hash 762b91e72d4d14bf8fc266abcffcd352
5d1537009d43b905c924e834dacb0fb582ef25ba
adcc18d4717a16c7a26a956077054f083a2a8482a2d9c3d61e6eb7c62c687164
POST /s/gts1d4/HC705JJoL8Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
IP 216.58.211.3:0
Hash 762b91e72d4d14bf8fc266abcffcd352
5d1537009d43b905c924e834dacb0fb582ef25ba
adcc18d4717a16c7a26a956077054f083a2a8482a2d9c3d61e6eb7c62c687164
POST /s/gts1d4/HC705JJoL8Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
IP 216.58.211.3:0
Hash 762b91e72d4d14bf8fc266abcffcd352
5d1537009d43b905c924e834dacb0fb582ef25ba
adcc18d4717a16c7a26a956077054f083a2a8482a2d9c3d61e6eb7c62c687164
POST /s/gts1d4/HC705JJoL8Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
IP 216.58.211.3:0
Hash 762b91e72d4d14bf8fc266abcffcd352
5d1537009d43b905c924e834dacb0fb582ef25ba
adcc18d4717a16c7a26a956077054f083a2a8482a2d9c3d61e6eb7c62c687164
POST /s/gts1d4/HC705JJoL8Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 14:41:42 GMT
age: 33
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
IP 216.58.211.3:0
Hash 762b91e72d4d14bf8fc266abcffcd352
5d1537009d43b905c924e834dacb0fb582ef25ba
adcc18d4717a16c7a26a956077054f083a2a8482a2d9c3d61e6eb7c62c687164
POST /s/gts1d4/HC705JJoL8Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
res2.yourwebsite.life/common/core.min.js
34.120.160.112200 OK 31 kB URL HTTP/2 res2.yourwebsite.life/common/core.min.js
IP 34.120.160.112:0
File type Unicode text, UTF-8 text, with very long lines (32000), with LF, NEL line terminators
Hash 2f7132d2a782c8976e28b369409d5ce2
9b2615bba837e6c8aeb0b250045f7a985f397d01
a7be859a263af99ed03d83cc2ef13bebe29bbe848a87b23dd4210d74ae97f6f9
GET /common/core.min.js HTTP/1.1
Host: res2.yourwebsite.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdstXT_V7P7tcmVhoDPjT3HB2yoKw1SpgBBU4S2Cturwn4FY2RftXVQ0nM8R1nUml8vlJzs_qsWIMH3NPRp0xq6RbKAxuQ4w
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1604407231804937
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31044
content-encoding: gzip
x-goog-hash: crc32c=m4Kqxw==, md5=L3Ey0qeCyJduKLNpQJ1c4g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 31044
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Mon, 30 Jan 2023 02:49:11 GMT
expires: Tue, 30 Jan 2024 02:49:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Nov 2020 12:40:31 GMT
etag: "2f7132d2a782c8976e28b369409d5ce2"
content-type: application/javascript
age: 129184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
res2.yourwebsite.life/editor/static/site-stat.js
34.120.160.112200 OK 4.1 kB URL HTTP/2 res2.yourwebsite.life/editor/static/site-stat.js
IP 34.120.160.112:0
File type ASCII text, with very long lines (2660)
Hash 67d8f4dc366c71eb4b30fac6cae9a18e
758cba21f3c46083fb9db662d1f2ff6eda9d293d
1af81fbc3e62ebe83bc0ccc55a533a26562853bf1470a52e89982283964033e5
GET /editor/static/site-stat.js HTTP/1.1
Host: res2.yourwebsite.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu5X9pdkPC5fMJ92Mtwe7gxAhOGywRcNVTADBKStHK8RYChlnS1ingtdUYM4Y3TFVhy066safW9Bfv43JJ--ip8eA
vary: X-Goog-Allowed-Resources
x-goog-generation: 1674760383810811
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4054
x-goog-hash: crc32c=1WFH9Q==, md5=Z9j03DZscetLMPrGyumhjg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 4054
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Tue, 31 Jan 2023 14:21:33 GMT
expires: Tue, 31 Jan 2023 15:21:33 GMT
cache-control: public, max-age=3600
age: 1242
last-modified: Mon, 30 Jan 2023 16:56:34 GMT
etag: "67d8f4dc366c71eb4b30fac6cae9a18e"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/HC705JJoL8Q
IP 216.58.211.3:0
Hash 762b91e72d4d14bf8fc266abcffcd352
5d1537009d43b905c924e834dacb0fb582ef25ba
adcc18d4717a16c7a26a956077054f083a2a8482a2d9c3d61e6eb7c62c687164
POST /s/gts1d4/HC705JJoL8Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
res2.yourwebsite.life/site/63d17ba0b14345000d2daac1/core-theme-5c2dfa623dbc4a0023e12261.css
34.120.160.112200 OK 25 kB URL HTTP/2 res2.yourwebsite.life/site/63d17ba0b14345000d2daac1/core-theme-5c2dfa623dbc4a0023e12261.css
IP 34.120.160.112:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 389d6cc2ee5b0d6bd5e26b07a96abd34
80a1523d85e5d88e15d1595d5bd98e572d0a7f93
643de4de9d8b28313ef5f81ba50ae25585a3dbaf9415f8ba73beeb72ea246f7f
GET /site/63d17ba0b14345000d2daac1/core-theme-5c2dfa623dbc4a0023e12261.css HTTP/1.1
Host: res2.yourwebsite.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdulldp6-OWGQC4AYG16cOHGpKb9xjND_MpNI60TjInWHTH9FgMpTwKM86KU5lX0Q2Q7iaq5JyTiEYORI9276YBu3g
date: Tue, 31 Jan 2023 14:42:15 GMT
cache-control: public, max-age=31536000
expires: Wed, 31 Jan 2024 14:42:15 GMT
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Wed, 25 Jan 2023 18:57:43 GMT
etag: "389d6cc2ee5b0d6bd5e26b07a96abd34"
x-goog-generation: 1674673063729017
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 24610
content-type: text/css; charset=utf-8
content-encoding: gzip
x-goog-hash: crc32c=Z+c+iw==, md5=OJ1swu5bDWvV4msHqWq9NA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 24610
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
res2.yourwebsite.life/site/63d17ba0b14345000d2daac1/google-fonts-5c2dfa623dbc4a0023e12261.css
34.120.160.112200 OK 72 kB URL HTTP/2 res2.yourwebsite.life/site/63d17ba0b14345000d2daac1/google-fonts-5c2dfa623dbc4a0023e12261.css
IP 34.120.160.112:0
File type ASCII text, with very long lines (29594)
Hash a0472b894d8e2e3ab57a481cd531d2a0
5c24d470e1e80aa5c952740b6bcf0fb87598f852
5adef36d8154e2bce75badad1cf66f2ea18429d634587651fa873cc2b89d5490
GET /site/63d17ba0b14345000d2daac1/google-fonts-5c2dfa623dbc4a0023e12261.css HTTP/1.1
Host: res2.yourwebsite.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvj-DExc-CjnDkXhMkLjjqF6_ndjsZ2bF2GhNkyjffhAPXAHrR0iF1sWYNNrHrU8-aUV2PH-UOiF_PXxpNQ--4s02dzXIwI
date: Tue, 31 Jan 2023 14:42:15 GMT
cache-control: public, max-age=31536000
expires: Wed, 31 Jan 2024 14:42:15 GMT
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Wed, 25 Jan 2023 18:57:43 GMT
etag: "a0472b894d8e2e3ab57a481cd531d2a0"
x-goog-generation: 1674673063737766
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 72201
content-type: text/css; charset=utf-8
content-encoding: gzip
x-goog-hash: crc32c=QQxa5A==, md5=oEcriU2OLjq1ekgc1THSoA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 72201
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
res2.yourwebsite.life/site/63d17ba0b14345000d2daac1/style.css?1674673063628
34.120.160.112200 OK 32 kB URL HTTP/2 res2.yourwebsite.life/site/63d17ba0b14345000d2daac1/style.css?1674673063628
IP 34.120.160.112:0
File type ASCII text, with very long lines (34202)
Hash 1471c4e6f18003a39da12f26260a5ffe
e246692f142bf5fe126085878d4e8de7eac18f81
fb0a6c1070a388b4a8179339d14f0fac707064203b1295fbc094b9fc0bc764b0
GET /site/63d17ba0b14345000d2daac1/style.css?1674673063628 HTTP/1.1
Host: res2.yourwebsite.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv7jOXbw4_NxoVIBBXXT16NOw1f0yXko8nFDXefzDd8pTfE-vbJcwIQKe-FzT3ZydHQIjIg606Onydu9n7KE-ochhB_VGFR
date: Tue, 31 Jan 2023 14:42:15 GMT
cache-control: public, max-age=31536000
expires: Wed, 31 Jan 2024 14:42:15 GMT
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Wed, 25 Jan 2023 18:57:42 GMT
etag: "1471c4e6f18003a39da12f26260a5ffe"
x-goog-generation: 1674673062699926
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31696
content-type: text/css
content-encoding: gzip
x-goog-hash: crc32c=JGkSkQ==, md5=FHHE5vGAA6OdoS8mJgpf/g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 31696
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2213
Expires: Tue, 31 Jan 2023 15:19:08 GMT
Date: Tue, 31 Jan 2023 14:42:15 GMT
Connection: keep-alive
waterstoneranch.com/.sw_/_host_/_replacer_?1675176152782
35.187.82.108200 OK 2 B URL HTTP/1.1 waterstoneranch.com/.sw_/_host_/_replacer_?1675176152782
IP 35.187.82.108:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Analyzer Verdict Alert fortinet Phishing
GET /.sw_/_host_/_replacer_?1675176152782 HTTP/1.1
Host: waterstoneranch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://waterstoneranch.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 14:42:15 GMT
Content-Type: application/octet-stream
Content-Length: 2
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/RqdHDfd5UTc
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/RqdHDfd5UTc
IP 216.58.211.3:0
Hash b08f1860ab2c539735061b97ee14140f
ae690c49f8d7793af6a6d496285da6790244fcf6
3b6089e49b0db8fb5254900fa95a87af2cc6b5a200cb7475783ec9abe87b0aa1
POST /s/gts1d4/RqdHDfd5UTc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/RqdHDfd5UTc
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/RqdHDfd5UTc
IP 216.58.211.3:0
Hash b08f1860ab2c539735061b97ee14140f
ae690c49f8d7793af6a6d496285da6790244fcf6
3b6089e49b0db8fb5254900fa95a87af2cc6b5a200cb7475783ec9abe87b0aa1
POST /s/gts1d4/RqdHDfd5UTc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wl-apps.yourwebsite.life/social-icons/1.0.35/components/FollowUs/ssr.css
130.211.24.164200 OK 1.6 kB URL HTTP/2 wl-apps.yourwebsite.life/social-icons/1.0.35/components/FollowUs/ssr.css
IP 130.211.24.164:0
File type ASCII text, with very long lines (5697), with no line terminators
Hash ba7eb484d57323cddd3c4228ec166293
2d230f88b14ca0d2b527829e5b7f08d9e80f2dd1
7295921183910a18f5e888a71c6260b1331fd855d26e5f179154df52e3586019
GET /social-icons/1.0.35/components/FollowUs/ssr.css HTTP/1.1
Host: wl-apps.yourwebsite.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycds1Ai-EYiNdEesH-9NSc3TOJFrPBG5QTFPvY9GDmpcUQa37RIaAlsXdk6G2rw1MRVgyuDNnWP9cVyBhS_vTQw76r_ReTiqF
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1664966169542061
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1587
content-encoding: gzip
x-goog-hash: crc32c=w3ND9g==, md5=un60hNVzI83dPEIo7BZikw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1587
access-control-allow-origin: *
server: UploadServer
date: Mon, 30 Jan 2023 14:05:09 GMT
expires: Tue, 30 Jan 2024 14:05:09 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 10:36:09 GMT
etag: "ba7eb484d57323cddd3c4228ec166293"
content-type: text/css
age: 88626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
wl-apps.yourwebsite.life/social-icons/1.0.35/components/SocialIcons/ssr.css
130.211.24.164200 OK 1.5 kB URL HTTP/2 wl-apps.yourwebsite.life/social-icons/1.0.35/components/SocialIcons/ssr.css
IP 130.211.24.164:0
File type ASCII text, with very long lines (5346), with no line terminators
Hash 9bafff4287cb37b9a02589c6260edfbd
d6e9b9628d6db6472effa06257f50eaf0adefa4c
3cdf958f0eb719db3eb7df4a48e3065b6e54f4fbb79531850b2d8a450b57a806
GET /social-icons/1.0.35/components/SocialIcons/ssr.css HTTP/1.1
Host: wl-apps.yourwebsite.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvyhBcI4__-kxJ5HSdAnei2Oo1xTPXSY5T3ghXGPUC686Hs0VbR7xk1EO53Ce2iu1aZQAxOl8jcOpCT_CNn95o3MQ
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1664966167588301
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1476
content-encoding: gzip
x-goog-hash: crc32c=E3Bn1A==, md5=m6//QofLN7mgJYnGJg7fvQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1476
access-control-allow-origin: *
server: UploadServer
date: Mon, 30 Jan 2023 02:27:50 GMT
expires: Tue, 30 Jan 2024 02:27:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 10:36:07 GMT
etag: "9bafff4287cb37b9a02589c6260edfbd"
content-type: text/css
age: 130465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/RqdHDfd5UTc
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/RqdHDfd5UTc
IP 216.58.211.3:0
Hash b08f1860ab2c539735061b97ee14140f
ae690c49f8d7793af6a6d496285da6790244fcf6
3b6089e49b0db8fb5254900fa95a87af2cc6b5a200cb7475783ec9abe87b0aa1
POST /s/gts1d4/RqdHDfd5UTc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.165.1.70101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.1.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Aef55VMYQCV5fDm51lUHtg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OrnGdS5Uy0i973AH5e7PpDOf8/U=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aec352657815f12ffe0688a87de78b38
b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e
7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3516
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Last-Modified: Tue, 31 Jan 2023 13:43:39 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: soduT3Etv9NgB2HBc0JxXTz9/4BbDisbvr2KYJvQPmcR5FS/jGekxHqJ3+kXONxTydFEt03pHi+YbcOtWhchqQ==
content-length: 27843
x-fb-trip-id: 1679558926
date: Tue, 31 Jan 2023 14:42:15 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aec352657815f12ffe0688a87de78b38
b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e
7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3516
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:15 GMT
Last-Modified: Tue, 31 Jan 2023 13:43:39 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
api.site.dleaf.com/api/website/session/save
35.205.43.99204 No Content 0 B URL HTTP/1.1 api.site.dleaf.com/api/website/session/save
IP 35.205.43.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/website/session/save HTTP/1.1
Host: api.site.dleaf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://waterstoneranch.com/
Origin: https://waterstoneranch.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Tue, 31 Jan 2023 14:42:16 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://waterstoneranch.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,PUT,POST,PATCH,DELETE
Access-Control-Allow-Headers: content-type
strict-transport-security: max-age=2592000
api.site.dleaf.com/api/website/session/save
35.205.43.99200 OK 68 B URL HTTP/1.1 api.site.dleaf.com/api/website/session/save
IP 35.205.43.99:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 701f325ae73d77fb693122e42bcd7b3e
7a636f7c63f7cb602e046dd11f53f8bf01ba0692
ac9a493172f8f048325bb54573a2fefb5ab9c1de56bbaf6598a6f3258d3f3e44
POST /api/website/session/save HTTP/1.1
Host: api.site.dleaf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 101
Origin: https://waterstoneranch.com
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 14:42:16 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 68
Connection: keep-alive
Access-Control-Allow-Origin: https://waterstoneranch.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,PUT,POST,PATCH,DELETE
Set-Cookie: wba_user_id=lL56dswk4o-q1evy; path=/api/website/session/save; expires=Wed, 31 Jan 2024 14:42:16 GMT
strict-transport-security: max-age=2592000
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14209
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 14:42:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14209
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 14:42:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14209
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 14:42:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14209
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 14:42:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 63532
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 45942
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 46778
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:52 GMT
age: 39085
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:24:36 GMT
age: 40661
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 60840
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1348865619207352&ev=PageView&dl=https%3A%2F%2Fwaterstoneranch.com%2F&rl=&if=false&ts=1675176154139&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675176154138.1274646442&it=1675176153904&coo=false&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1348865619207352&ev=PageView&dl=https%3A%2F%2Fwaterstoneranch.com%2F&rl=&if=false&ts=1675176154139&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675176154138.1274646442&it=1675176153904&coo=false&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1348865619207352&ev=PageView&dl=https%3A%2F%2Fwaterstoneranch.com%2F&rl=&if=false&ts=1675176154139&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675176154138.1274646442&it=1675176153904&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 31 Jan 2023 14:42:17 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 87b6e9121cb09b7740f291542732376f
648db04ab2d15fa230281db2a891789692b7e28b
5962a34641511e5bc5c68608e134c548c53d141a2bc8177b01c11f9459070ba8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150523
Date: Tue, 31 Jan 2023 14:42:17 GMT
Etag: "63d8b9c3-1d7"
Expires: Thu, 02 Feb 2023 08:31:00 GMT
Last-Modified: Tue, 31 Jan 2023 06:48:35 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: paERJ2Z1QY-WxU7FSYEroFNyfUPZ-DkeE-84_ieDtca44R29iuGpOg==
Age: 6145
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 87b6e9121cb09b7740f291542732376f
648db04ab2d15fa230281db2a891789692b7e28b
5962a34641511e5bc5c68608e134c548c53d141a2bc8177b01c11f9459070ba8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 14:42:17 GMT
Etag: "63d8b9c3-1d7"
Last-Modified: Tue, 31 Jan 2023 13:55:10 GMT
Server: ECS (dcb/7FA3)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Pp3wVuo1Lv57l7XsVd0WZajMmGFjrxFGEHL8Ob-f7UHhuohxYSMT8Q==
Age: 2828
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.endorsal.io/check/fomo/6358640b62db8e04e79e5196?ref=https%3A%2F%2Fwaterstoneranch.com%2F
3.132.102.44204 No Content 0 B URL HTTP/1.1 api.endorsal.io/check/fomo/6358640b62db8e04e79e5196?ref=https%3A%2F%2Fwaterstoneranch.com%2F
IP 3.132.102.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /check/fomo/6358640b62db8e04e79e5196?ref=https%3A%2F%2Fwaterstoneranch.com%2F HTTP/1.1
Host: api.endorsal.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin
Referer: https://waterstoneranch.com/
Origin: https://waterstoneranch.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Headers: access-control-allow-origin
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 31 Jan 2023 14:42:17 GMT
Server: nginx/1.14.1
Vary: Access-Control-Request-Headers
X-Powered-By: Express
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-88G14ENHFW>m=2oe1p0&_p=633294946&cid=1212469373.1675176154&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675176153&sct=1&seg=0&dl=https%3A%2F%2Fwaterstoneranch.com%2F&dt=Waterstone%20Turkish%20Ranch%20%7C%20Outside%20of%20Houston&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-88G14ENHFW>m=2oe1p0&_p=633294946&cid=1212469373.1675176154&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675176153&sct=1&seg=0&dl=https%3A%2F%2Fwaterstoneranch.com%2F&dt=Waterstone%20Turkish%20Ranch%20%7C%20Outside%20of%20Houston&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-88G14ENHFW>m=2oe1p0&_p=633294946&cid=1212469373.1675176154&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675176153&sct=1&seg=0&dl=https%3A%2F%2Fwaterstoneranch.com%2F&dt=Waterstone%20Turkish%20Ranch%20%7C%20Outside%20of%20Houston&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://waterstoneranch.com
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://waterstoneranch.com
date: Tue, 31 Jan 2023 14:42:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.youtube.com/vi/ViLP4FWgkIU/maxresdefault.jpg
142.250.74.46200 OK 104 kB URL HTTP/2 img.youtube.com/vi/ViLP4FWgkIU/maxresdefault.jpg
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 104 kB (104316 bytes)
Hash 8817d04293b54ba4b6c3a2bd68ef3e4f
fe9a613401415c87096f695b9b51f472b16305a3
f81748a6e49c48f78efd2d721cd8e5e69ea116dc3941789b565914e2136946b3
GET /vi/ViLP4FWgkIU/maxresdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 104316
date: Tue, 31 Jan 2023 14:42:17 GMT
expires: Tue, 31 Jan 2023 16:42:17 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.46200 OK 569 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.46:0
File type ASCII text, with very long lines (509)
Hash 6fd9cbe75de02774fc3499f8cbdc5092
7f93f67d0b957a71eefac6f2dfaaa8a4dbbeb305
d5fbe6f7d8875eed163930c0ebf8da97f3b1b1724828177df392ef9670ea6fd7
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 31 Jan 2023 14:42:17 GMT
date: Tue, 31 Jan 2023 14:42:17 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=SSWjelIHukw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=uPFtRR2-h5o; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 14:42:17 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRneU5qY3lNems1T1RZME5URTFOUT09EMnR5J4GGMnR5J4G; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 14:42:17 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+734; expires=Thu, 30-Jan-2025 14:42:17 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
noembed.com/embed?url=https://youtu.be/ViLP4FWgkIU&format=json
151.101.129.91200 OK 669 B URL HTTP/2 noembed.com/embed?url=https://youtu.be/ViLP4FWgkIU&format=json
IP 151.101.129.91:0
File type JSON data\012- , ASCII text, with very long lines (669), with no line terminators
Hash 2f2ef1eda231920c118ac2226f797794
9e9e3b9342f050f1197be373264c7e0689d73d00
bbe7986eaeec759fb5a1cba317e943ee15d45e3541989a826cf068e9d0e71bc9
GET /embed?url=https://youtu.be/ViLP4FWgkIU&format=json HTTP/1.1
Host: noembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://waterstoneranch.com/
Origin: https://waterstoneranch.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 31 Jan 2023 14:42:17 GMT
age: 0
x-served-by: cache-chi-kigq8000077-CHI, cache-bma1622-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675176138.751457,VS0,VE155
access-control-allow-headers: Origin, Accept, Content-Type
access-control-allow-methods: GET
access-control-allow-origin: *
content-length: 669
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 424894
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 406454
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.endorsal.io/render/fomo/?id=63af630fb6488e639fa61573
3.132.102.44204 No Content 0 B URL HTTP/1.1 api.endorsal.io/render/fomo/?id=63af630fb6488e639fa61573
IP 3.132.102.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /render/fomo/?id=63af630fb6488e639fa61573 HTTP/1.1
Host: api.endorsal.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin
Referer: https://waterstoneranch.com/
Origin: https://waterstoneranch.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Headers: access-control-allow-origin
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 31 Jan 2023 14:42:18 GMT
Server: nginx/1.14.1
Vary: Access-Control-Request-Headers
X-Powered-By: Express
Connection: keep-alive
api.endorsal.io/render/fomo/?id=63af630fb6488e639fa61573
3.132.102.44200 OK 11 kB URL HTTP/1.1 api.endorsal.io/render/fomo/?id=63af630fb6488e639fa61573
IP 3.132.102.44:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (57731), with no line terminators
Hash 045e207ff5d7316dacde960e4e34fbb0
821e103c9af769ed2c5e002a4699e8d7abb32236
eeaf3e986018de13dc98bfc0c083975f940c27a04404a08ce56bc7b0daf0804e
GET /render/fomo/?id=63af630fb6488e639fa61573 HTTP/1.1
Host: api.endorsal.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://waterstoneranch.com/
Access-Control-Allow-Origin: *
Origin: https://waterstoneranch.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/json; charset=utf-8
Date: Tue, 31 Jan 2023 14:42:18 GMT
ETag: W/"e1e3-yBTgZjVjTJJRyvHSZSKYDJybjTw"
Server: nginx/1.14.1
X-Powered-By: Express
Content-Length: 11303
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash bf0b4a1326381ca6600115125549d110
b9547df16eac627e61d68ae7e7443c415d586c8c
fa023ed4c9db20484d6a2c144647a4c763c43efae8bac1f561ec71f058d86b8c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:27:52 GMT
expires: Tue, 31 Jan 2023 14:42:52 GMT
cache-control: public, max-age=900
age: 867
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 31 Jan 2023 14:42:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 33e403367d183257be0f03f28da923d2
a586e4052008741f8f535e7bd12a94bde81b264e
82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c3a242e6132fe39e40953523bb8d3175
c9914952910c863f533f0c7bf6451b77b12d10b7
423bd4744c6b389c23fccdfab4dc8731bf553232a6bf14782c946183e8119a04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 31 Jan 2023 14:42:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36000)
Hash b40bdd235c7883921e2b18743b3aea21
9aaa96e2ec231327ba976911513989568c56c7c1
8b00f3a7d9b7acabf6b991926d7543944771ce1431efd342dea743192ec667e3
GET /js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14173
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 21:20:34 GMT
expires: Sat, 27 Jan 2024 21:20:34 GMT
cache-control: public, max-age=31536000
age: 321705
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/ViLP4FWgkIU/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgTyg7MA8=&rs=AOn4CLBF2rRA7Pfsj89SHJImApk66czJJw
142.250.74.182200 OK 82 kB URL HTTP/2 i.ytimg.com/vi/ViLP4FWgkIU/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgTyg7MA8=&rs=AOn4CLBF2rRA7Pfsj89SHJImApk66czJJw
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 9e0fab393c47c2b73d56fc80e663fe1c
e74bc6914115fbf1c504292b6e88847be29a1042
34782b13838fde6eafe676d45f5f8e1967b8c7588f25e6ba3ef983f8ef49bf40
GET /vi/ViLP4FWgkIU/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgTyg7MA8=&rs=AOn4CLBF2rRA7Pfsj89SHJImApk66czJJw HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 81504
date: Tue, 31 Jan 2023 14:42:19 GMT
expires: Tue, 31 Jan 2023 16:42:19 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c3a242e6132fe39e40953523bb8d3175
c9914952910c863f533f0c7bf6451b77b12d10b7
423bd4744c6b389c23fccdfab4dc8731bf553232a6bf14782c946183e8119a04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 31 Jan 2023 14:42:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 71fe1a199e4e0c4b617fe99abad56e95
12cca4121f8f1d6e557c5163c2fc7e7425be3033
b34ed9efd258a1183269ebcc8ad773d3cdcac90c5685196b2620e59bfb9afab1
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 892
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 14:42:19 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AL5GRJVc6GuXvWfRlkVkT3cNr4LlKwsbEk-sC8Edsp5tNg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.7 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJVc6GuXvWfRlkVkT3cNr4LlKwsbEk-sC8Edsp5tNg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, description= , software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash f3c06323a0374286eb9f35c0be3dbb6a
cda38841a48486513563ac791edf22f605d56e69
65ab277242a4068cd28b7fd48bff9a6775212348db73e574fe2269e52f8d4065
GET /ytc/AL5GRJVc6GuXvWfRlkVkT3cNr4LlKwsbEk-sC8Edsp5tNg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v34d1"
expires: Wed, 01 Feb 2023 14:42:19 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 14:42:19 GMT
server: fife
content-length: 2695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 511e1ab7d4505c4c221430760e5b962f
6b8c2646c11c585e56c78a680c30e6672a5c84b0
e916560e8bd3df3f82a9a75cc163989229838c17f5e18572119bc2eda0344d62
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 269364a671d1eea8cfea514e17faa205
0b24ee477849252c95eb28e841c19dc673ab7e3b
e21ab9222d6c4ad247994983d12bf12137cf5b563ac28bb35e6dd878abd18b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=jL&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2010000&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=video%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=2832116&dur=59.993&lmt=1672262572200232&mt=1675175346&fvip=3&keepalive=yes&fexp=24007246&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFwPrs-RcRTkO18D_SMpXhSnaUuFoaJ8OG0ZJ26Y8JqoCIFAJZhkLwcWS3DQP7u5v3El7On9ko0rZtGnAY23DuDKq&alr=yes&sig=AOq0QJ8wRAIgQW9sna5ObuEwYJ-PL59E1kU5mnq84Tpv_TGu3uW866ICIG98NznGVcx1cW34cjSIorLyKxJKyMh0lNQY17vaXYyt&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&range=0-135597&rn=1&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
91.90.45.173200 OK 1.3 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=jL&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2010000&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=video%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=2832116&dur=59.993&lmt=1672262572200232&mt=1675175346&fvip=3&keepalive=yes&fexp=24007246&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFwPrs-RcRTkO18D_SMpXhSnaUuFoaJ8OG0ZJ26Y8JqoCIFAJZhkLwcWS3DQP7u5v3El7On9ko0rZtGnAY23DuDKq&alr=yes&sig=AOq0QJ8wRAIgQW9sna5ObuEwYJ-PL59E1kU5mnq84Tpv_TGu3uW866ICIG98NznGVcx1cW34cjSIorLyKxJKyMh0lNQY17vaXYyt&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&range=0-135597&rn=1&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1264), with no line terminators
Hash 73c9cd0c3af73e0671d2bf80bc717e98
dd207e01474c1afa79d810bee65b6a61e4a2bf50
bb66542296a37492ec50ba4ceedbfc7ca68f45990d36f23de24ff960923ef424
POST /videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=jL&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2010000&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=video%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=2832116&dur=59.993&lmt=1672262572200232&mt=1675175346&fvip=3&keepalive=yes&fexp=24007246&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFwPrs-RcRTkO18D_SMpXhSnaUuFoaJ8OG0ZJ26Y8JqoCIFAJZhkLwcWS3DQP7u5v3El7On9ko0rZtGnAY23DuDKq&alr=yes&sig=AOq0QJ8wRAIgQW9sna5ObuEwYJ-PL59E1kU5mnq84Tpv_TGu3uW866ICIG98NznGVcx1cW34cjSIorLyKxJKyMh0lNQY17vaXYyt&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&range=0-135597&rn=1&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y= HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 31 Jan 2023 14:42:19 GMT
Expires: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1264
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&mh=jL&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2010000&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&mt=1675175346&fvip=3&keepalive=yes&fexp=24007246&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPgtF3QStSasF3FS0zpfiQxmY8mkByoeG72WViPmqgW3AiEA03uWX9_jjCI9lcybkOoO4ZxOBl8GsK8IDIkEh9pcjgw%3D&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&range=0-65916&rn=2&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
91.90.45.173200 OK 1.2 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&mh=jL&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2010000&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&mt=1675175346&fvip=3&keepalive=yes&fexp=24007246&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPgtF3QStSasF3FS0zpfiQxmY8mkByoeG72WViPmqgW3AiEA03uWX9_jjCI9lcybkOoO4ZxOBl8GsK8IDIkEh9pcjgw%3D&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&range=0-65916&rn=2&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1188), with no line terminators
Hash e1213e7f59e4911916c4a1313df55efd
b41f5f98eecaa674ff56c73c332344d3f56abe49
f610361e7ef23c23694636e8bc6f64e77e40cb47f8a143e888c8e8490ca12e7a
POST /videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&mh=jL&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2010000&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&mt=1675175346&fvip=3&keepalive=yes&fexp=24007246&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPgtF3QStSasF3FS0zpfiQxmY8mkByoeG72WViPmqgW3AiEA03uWX9_jjCI9lcybkOoO4ZxOBl8GsK8IDIkEh9pcjgw%3D&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&range=0-65916&rn=2&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y= HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 31 Jan 2023 14:42:19 GMT
Expires: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1188
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 269364a671d1eea8cfea514e17faa205
0b24ee477849252c95eb28e841c19dc673ab7e3b
e21ab9222d6c4ad247994983d12bf12137cf5b563ac28bb35e6dd878abd18b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3b951c545ecab41d6b10ef148a8ea83d
8b1dd9b33c00e0802f590981b32e71b1c10398a7
a8032f6dcd52ddf576305741ca87d851532057a76aa987623277ccb859936f31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 69d928e816328ede04ac4ebae31ce4b4
4b01c41a007c625d0da9383a8fb9eb6dea66bd50
4f0ef0b94da439560ffbb5a80f29d1a457368f7fe417732204e39033111a823c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=video%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=2832116&dur=59.993&lmt=1672262572200232&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgQW9sna5ObuEwYJ-PL59E1kU5mnq84Tpv_TGu3uW866ICIG98NznGVcx1cW34cjSIorLyKxJKyMh0lNQY17vaXYyt&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=jL&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675176073&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgeFjvZaLUuMfmW3RxdeUsuZX86ROTJutAUIv4ZEn2eBoCIQCdyS-ecQoB6EdOHOYQLogt6fo1IVvdxQ2_JApZi8DnqA%3D%3D&range=0-135597&rn=4&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
74.125.111.40200 OK 1.3 kB URL HTTP/1.1 rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=video%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=2832116&dur=59.993&lmt=1672262572200232&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgQW9sna5ObuEwYJ-PL59E1kU5mnq84Tpv_TGu3uW866ICIG98NznGVcx1cW34cjSIorLyKxJKyMh0lNQY17vaXYyt&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=jL&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675176073&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgeFjvZaLUuMfmW3RxdeUsuZX86ROTJutAUIv4ZEn2eBoCIQCdyS-ecQoB6EdOHOYQLogt6fo1IVvdxQ2_JApZi8DnqA%3D%3D&range=0-135597&rn=4&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
IP 74.125.111.40:0
File type ASCII text, with very long lines (1265), with no line terminators
Hash b7303b37e4b043c9bc8ef57c948819f8
7e314786de5513b3c0997e15713c531b4b50966d
0b1fc555a33056bd85d0ae803a45a02cea08012df96c460a15f4f872933fcc8d
POST /videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=video%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=2832116&dur=59.993&lmt=1672262572200232&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgQW9sna5ObuEwYJ-PL59E1kU5mnq84Tpv_TGu3uW866ICIG98NznGVcx1cW34cjSIorLyKxJKyMh0lNQY17vaXYyt&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=jL&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675176073&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgeFjvZaLUuMfmW3RxdeUsuZX86ROTJutAUIv4ZEn2eBoCIQCdyS-ecQoB6EdOHOYQLogt6fo1IVvdxQ2_JApZi8DnqA%3D%3D&range=0-135597&rn=4&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y= HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 31 Jan 2023 14:42:19 GMT
Expires: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1265
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=jL&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675176073&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANJxteJRvkQTAo_kasBePxC9FZoV-mZQ5vOz6EGIV2r-AiEA5lcTB-RSd86Di4CrVVMTef7TN9IdLLJ_2u4Pj5YQJdI%3D&range=0-65916&rn=3&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
74.125.111.40200 OK 1.2 kB URL HTTP/1.1 rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=jL&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675176073&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANJxteJRvkQTAo_kasBePxC9FZoV-mZQ5vOz6EGIV2r-AiEA5lcTB-RSd86Di4CrVVMTef7TN9IdLLJ_2u4Pj5YQJdI%3D&range=0-65916&rn=3&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
IP 74.125.111.40:0
File type ASCII text, with very long lines (1193), with no line terminators
Hash 54113028c084b9ff3960398013d5c655
be58d103b15920b8b0a4de6f5259bb21776e2854
54611da4dba495afea7818d05026ea3179943641ca3313f8bb3376019d7fa827
POST /videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=jL&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675176073&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANJxteJRvkQTAo_kasBePxC9FZoV-mZQ5vOz6EGIV2r-AiEA5lcTB-RSd86Di4CrVVMTef7TN9IdLLJ_2u4Pj5YQJdI%3D&range=0-65916&rn=3&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y= HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 31 Jan 2023 14:42:19 GMT
Expires: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1193
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 69d928e816328ede04ac4ebae31ce4b4
4b01c41a007c625d0da9383a8fb9eb6dea66bd50
4f0ef0b94da439560ffbb5a80f29d1a457368f7fe417732204e39033111a823c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=jL&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675176073&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgBJg8xsg3n7Z0lK2R2aAskpIV7BanCXfJwzfB9lcjnqICICrOqXF9Chbi1dnZ_e6G8WgOysUFnsAbwUAyhcyh1t5J&range=0-65916&rn=7&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
74.125.111.40200 OK 1.2 kB URL HTTP/1.1 rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=jL&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675176073&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgBJg8xsg3n7Z0lK2R2aAskpIV7BanCXfJwzfB9lcjnqICICrOqXF9Chbi1dnZ_e6G8WgOysUFnsAbwUAyhcyh1t5J&range=0-65916&rn=7&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
IP 74.125.111.40:0
File type ASCII text, with very long lines (1199), with no line terminators
Hash afc37ef3dc7c22cce1b4af1f63ba7cce
517ee1e8b53d8b9e101bf671a310c283027081bb
30824ea0252e1b6f88408eeed0f810d9e37d9245eb097b75b92a934ebbb4c2ab
POST /videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=jL&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675176073&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgBJg8xsg3n7Z0lK2R2aAskpIV7BanCXfJwzfB9lcjnqICICrOqXF9Chbi1dnZ_e6G8WgOysUFnsAbwUAyhcyh1t5J&range=0-65916&rn=7&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y= HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 31 Jan 2023 14:42:19 GMT
Expires: Tue, 31 Jan 2023 14:42:19 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1199
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr4---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5golr7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=jL&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1675176046&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANf5K8cMnRH-moAqtIbietB6rqJgG7IzYm3gAV9Tjd8vAiEAmxyNbWKDDbGLhugen3v2mlzsbUMw2AuBYcsrCQ67Eho%3D&range=0-65916&rn=8&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
74.125.8.105200 OK 66 kB URL HTTP/1.1 rr4---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5golr7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=jL&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1675176046&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANf5K8cMnRH-moAqtIbietB6rqJgG7IzYm3gAV9Tjd8vAiEAmxyNbWKDDbGLhugen3v2mlzsbUMw2AuBYcsrCQ67Eho%3D&range=0-65916&rn=8&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
IP 74.125.8.105:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash eaa7463bc6e7139c6d63c1321ecc51b4
fcee7d4967c2f5a1a9af3cb5cf889afaf7a19b45
43983f6047e99ad339a26ba1dadf792d0e303bc8beb5567de1317750f56b826d
POST /videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=251&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=audio%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=1064079&dur=60.021&lmt=1672262571016836&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAK9v_1OTYS66I1DTQCIMWYcxP1jc54yJ4VGP4hZKdQWEAiEA33FXmCV-5t66WEW12n7vYs3OguRY6_iChAcWHMkGcLo%3D&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5golr7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=jL&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1675176046&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANf5K8cMnRH-moAqtIbietB6rqJgG7IzYm3gAV9Tjd8vAiEAmxyNbWKDDbGLhugen3v2mlzsbUMw2AuBYcsrCQ67Eho%3D&range=0-65916&rn=8&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y= HTTP/1.1
Host: rr4---sn-5hne6nzs.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 28 Dec 2022 21:22:51 GMT
Content-Type: audio/webm
Date: Tue, 31 Jan 2023 14:42:20 GMT
Expires: Tue, 31 Jan 2023 14:42:20 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65917
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr4---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=video%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=2832116&dur=59.993&lmt=1672262572200232&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgQW9sna5ObuEwYJ-PL59E1kU5mnq84Tpv_TGu3uW866ICIG98NznGVcx1cW34cjSIorLyKxJKyMh0lNQY17vaXYyt&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5golr7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=jL&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1675176046&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgc_vhI5TcVhgC2TWwXrMX9NLVFfmTdv9L-K9qy6hcmokCIA_rysMSQqQxNNo3_LPOv2AlNmYySq9MYZ8dBiD7_xLV&range=0-135597&rn=5&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
74.125.8.105200 OK 136 kB URL HTTP/1.1 rr4---sn-5hne6nzs.googlevideo.com/videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=video%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=2832116&dur=59.993&lmt=1672262572200232&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgQW9sna5ObuEwYJ-PL59E1kU5mnq84Tpv_TGu3uW866ICIG98NznGVcx1cW34cjSIorLyKxJKyMh0lNQY17vaXYyt&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5golr7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=jL&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1675176046&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgc_vhI5TcVhgC2TWwXrMX9NLVFfmTdv9L-K9qy6hcmokCIA_rysMSQqQxNNo3_LPOv2AlNmYySq9MYZ8dBiD7_xLV&range=0-135597&rn=5&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y=
IP 74.125.8.105:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 136 kB (135598 bytes)
Hash d1ba0b710d09d66cbdc2bf1887004609
a9bd8d709d32fcd986605f6a0656a6cabab9a9e9
48fa38a4a5218ddd40dcfc75ccf08d8a424dce49874f50167841770ddbc94164
POST /videoplayback?expire=1675197739&ei=yyjZY_K_IY-I0u8P9rqt4AE&ip=91.90.42.154&id=o-ANGt2U5mm2ysETxQxKmVTkyd2_4vQrU8yWoJCL3QnZcS&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=H3gIhggWDFkWXt7Gxmo6QkV8r3NMB_M&vprv=1&mime=video%2Fwebm&ns=autD9RDN_X_Cyta410o4hPwL&gir=yes&clen=2832116&dur=59.993&lmt=1672262572200232&keepalive=yes&fexp=24007246,24462255&beids=24462255&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=MC95ql6Ynx21qw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgQW9sna5ObuEwYJ-PL59E1kU5mnq84Tpv_TGu3uW866ICIG98NznGVcx1cW34cjSIorLyKxJKyMh0lNQY17vaXYyt&cpn=abA1Zh1Dxe1jZDP-&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5golr7s&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=jL&mm=34&mn=sn-5hne6nzs&ms=ltu&mt=1675176046&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgc_vhI5TcVhgC2TWwXrMX9NLVFfmTdv9L-K9qy6hcmokCIA_rysMSQqQxNNo3_LPOv2AlNmYySq9MYZ8dBiD7_xLV&range=0-135597&rn=5&rbuf=0&pot=D4fcr0GJCCR9h-eDFjdTiL2Ys1x-XHRwkmR_InsrFFV9q8ODXZuCRq2Zvk0kLXZMu_IOEI18j5IIP2i4hZOVJyi91XY9bLK4h9PpDuiOpU6dcdSOLeSlnzG4zNwkwWnkb3Moc1ZQ08Y= HTTP/1.1
Host: rr4---sn-5hne6nzs.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 28 Dec 2022 21:22:52 GMT
Content-Type: video/webm
Date: Tue, 31 Jan 2023 14:42:20 GMT
Expires: Tue, 31 Jan 2023 14:42:20 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 135598
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
api.endorsal.io/fomo/
3.132.102.44204 No Content 0 B IP 3.132.102.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fomo/ HTTP/1.1
Host: api.endorsal.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://waterstoneranch.com/
Origin: https://waterstoneranch.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 31 Jan 2023 14:42:21 GMT
Server: nginx/1.14.1
Vary: Access-Control-Request-Headers
X-Powered-By: Express
Connection: keep-alive
api.endorsal.io/fomo/
3.132.102.44200 OK 1.4 kB IP 3.132.102.44:0
File type HTML document, ASCII text, with very long lines (560)
Hash 6d2870a3679341bf72a6a8f71cccf02e
3a53142d6dea22ece5fc9b0427c2628444992900
0af6760e9133d5c18a3a8908674b3ad845e17fdb7630de13c1d5acb69b2ef53c
POST /fomo/ HTTP/1.1
Host: api.endorsal.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://waterstoneranch.com/
Content-Type: application/json
Origin: https://waterstoneranch.com
Content-Length: 1436
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 31 Jan 2023 14:42:21 GMT
ETag: W/"641e-UV3iVYcUSUl8XT0Wz9zCXXxhiNk"
Server: nginx/1.14.1
X-Powered-By: Express
Content-Length: 1432
Connection: keep-alive
d3gciqzneb4vr5.cloudfront.net/fit-in/24x24/endorsal-icon.png
54.230.245.185200 OK 2.2 kB URL HTTP/2 d3gciqzneb4vr5.cloudfront.net/fit-in/24x24/endorsal-icon.png
IP 54.230.245.185:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e43f36f6fced2b517e52f1fa39da237c
c50f98465f4f1d2e2148745fa88d0d7e829f2262
e1cfd01deb072a9a531b58993295caa4f37709355bd51ba815f6793ba13a1b45
GET /fit-in/24x24/endorsal-icon.png HTTP/1.1
Host: d3gciqzneb4vr5.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2189
date: Sat, 03 Dec 2022 09:56:12 GMT
x-amzn-requestid: 584f1642-74b2-430f-9b18-ea335696d779
last-modified: Tue, 03 Sep 2019 19:24:06 GMT
access-control-allow-headers: Content-Type, Authorization
x-amz-apigw-id: ckGBfHVkIAMF-9A=
cache-control: max-age=31536000,public
access-control-allow-methods: GET
x-amzn-trace-id: Root=1-638b1d3c-1664029c4345962d347bf73d;Sampled=0
access-control-allow-credentials: true
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6XVn5EpJpR9tI3LwiZtb6DNlSfqOAo8Om50264vWwzdHWJl86M6OIQ==
age: 5114769
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb1a5e0a2bb1cacf87189373c118adf4
079974268f755aa38fb2cb32b8bcb748353c793f
1b0519e6bfca30a31b83d427302f7e22140f5b2da6f13cac37ea9c07abc42676
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11095
x-amzn-requestid: dc7c00e2-cd2d-4265-8763-3dd7dbe223ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkFyEhJIAMFjpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f1-541a17c362e95dfa5e90f58f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UuPN6Nq84hFgUDMbvpLTysWfU1JcRiecGH3tkdqDOOXBo9hVhmpMBA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:54:44 GMT
age: 60459
etag: "079974268f755aa38fb2cb32b8bcb748353c793f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d2oeplw15jeq9j.cloudfront.net/widgets/widget.min.js
54.230.111.111200 OK 0 B URL HTTP/2 d2oeplw15jeq9j.cloudfront.net/widgets/widget.min.js
IP 54.230.111.111:0
GET /widgets/widget.min.js HTTP/1.1
Host: d2oeplw15jeq9j.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 10:25:00 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: awuyj_nZ6gHMDgMQbt49XVAcBhIE49o0
server: AmazonS3
content-encoding: gzip
date: Tue, 31 Jan 2023 02:51:06 GMT
cache-control: max_age=31536000
etag: W/"bdf92dff1b909b38590858afe94263ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bfLHEgVR1Xeu-0sRua2xq2gCXvVbc3JYtrTOYlqOvd22FblCjdTEog==
age: 44453
X-Firefox-Spdy: h2
cdn.endorsal.io/widgets/fomo.min.js
54.230.111.14200 OK 0 B URL HTTP/2 cdn.endorsal.io/widgets/fomo.min.js
IP 54.230.111.14:0
GET /widgets/fomo.min.js HTTP/1.1
Host: cdn.endorsal.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://waterstoneranch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 23 Feb 2022 13:04:49 GMT
x-amz-version-id: kYMztpRyEeYURv._Q_5b5FQDTV9g.al5
server: AmazonS3
content-encoding: gzip
date: Tue, 31 Jan 2023 09:26:11 GMT
cache-control: max_age=31536000
etag: W/"701ac59ca84915ea6abb75a171a377ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y-LyKnfpks1VHmu2_QnVCqdW-RwzY7ZaRnK3JCICe1u6pJpN-vVu3Q==
age: 18967
X-Firefox-Spdy: h2