elyratde.ga/
104.21.10.177200 OK 8.1 kB IP 104.21.10.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9537)
Hash 38f2982c4cdb783c5d0cd851e31ed9b2
d21bdcb4943e979c420f51c73bef0db2b23870f0
10f1e61b9d5e822fb58dffa5e46f5577361f04bb1617a796170cef4b6ef4c780
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET / HTTP/1.1
Host: elyratde.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 22:50:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ch1c=b
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFVV2%2BwNcENEOHcqVVfI0aCuwfTxnxLEaFTBDCMoqrgBFkVfXXP8b5fDJ9GmwDe5DoHwfI11VeUtYF1VXFuCmKFOcLWa%2B6gyCQKMj0XPYtKdlF3%2BjTdKjVSVFE8bgA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 788973fd29e9fac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17257
Expires: Fri, 13 Jan 2023 03:38:24 GMT
Date: Thu, 12 Jan 2023 22:50:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11622
Expires: Fri, 13 Jan 2023 02:04:29 GMT
Date: Thu, 12 Jan 2023 22:50:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 12 Jan 2023 22:41:51 GMT
content-type: application/json
age: 536
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0f4ecf4f26be1ba09e61135b1b488bf4
f16b8277e00033bc990a8bcce54b693cb3c87d62
3018c2a228f0a894d217e8e8b0b8dd060527f06879cd2f469bac6c8766acbbf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3018C2A228F0A894D217E8E8B0B8DD060527F06879CD2F469BAC6C8766ACBBF8"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18459
Expires: Fri, 13 Jan 2023 03:58:26 GMT
Date: Thu, 12 Jan 2023 22:50:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MmeL2lUy/D5ds6GyWbb5Z1o/VFJmnoB0iIt95sUDdShGQwVtwl08oP+4LmcKVvpxKpii0IWA63VzF5e9fsN+1A==
x-amz-request-id: V63PSCBN8PW5RMC6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 12 Jan 2023 22:02:40 GMT
age: 2887
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
104.17.25.14200 OK 24 kB URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65326)
Hash 171026535fb10ddf0131169269c0cd4d
459236224fcbc0bca78a203f88ea288d9c91dac3
0b7ea71663b3ade0216bf7b328f2cd8631c44aaa6a03e579bb3597917e0d1298
GET /ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://elyratde.ga
Connection: keep-alive
Referer: http://elyratde.ga/
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 22:50:47 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 23779
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5f2c377f-2722e"
Last-Modified: Thu, 06 Aug 2020 17:01:51 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 155643
Expires: Tue, 02 Jan 2024 22:50:47 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn94B6K1mJDGlbrfbm1qPc5eSiphDe8tVygeCkM4eDaH%2BqikVGLtV8cDbeheYmPXmm7OTinDAbcC82%2BhKZ5zxIlESKr9NsnHyI%2FmegZGr8VYW0w4QjWSqC7vhQ8vzgmaTuxbeBIK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 788973ff9dc51c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i
142.250.74.74200 OK 1.6 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i
IP 142.250.74.74:0
Hash a9721e0fadb241cf81b8b98ca970f85f
55918d9d38d8eccaa2e9512370800ecf4a9160c2
1d737ff99c581adcd73f094d94e99b14bdb8fe8f9b1748cb5e7fe9c33e87f841
GET /css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elyratde.ga/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 12 Jan 2023 22:50:47 GMT
Date: Thu, 12 Jan 2023 22:50:47 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 22:50:47 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash aabd4cb92d42e0c9e2d3860118029a6c
53325cdd89f9a117ac79dff7cedfd6370b07f33b
d9bc7a65b7e179ebd42170d0d43372e90739264df1f87a511ee0aab5ab012e85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1d0042b96e1d5629f92d924a1826da92
96ca2626598559511838aa3d2060f0a8c69f5b0d
ae7b18f058a30a250ffad71a40af13e3fcf97661f5fbe4850b648fe9c103974b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/1.1 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://elyratde.ga
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7748
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 11 Jan 2023 14:29:45 GMT
Expires: Thu, 11 Jan 2024 14:29:45 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:21:30 GMT
Content-Type: font/woff2
Age: 116462
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/1.1 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://elyratde.ga
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7816
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 12 Jan 2023 01:16:15 GMT
Expires: Fri, 12 Jan 2024 01:16:15 GMT
Cache-Control: public, max-age=31536000
Age: 77672
Last-Modified: Wed, 27 Apr 2022 16:11:40 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
216.58.207.227200 OK 26 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 26240, version 1.0\012- data
Hash 4a90976686fcbd8296c7d7fccc04c273
bcb82e93ac7ad1fa2af6a37009a200f79f4cb4e5
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://elyratde.ga
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 26240
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Jan 2023 07:08:46 GMT
Expires: Sat, 06 Jan 2024 07:08:46 GMT
Cache-Control: public, max-age=31536000
Age: 574921
Last-Modified: Mon, 15 Aug 2022 18:14:37 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://elyratde.ga
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 09 Jan 2023 19:26:15 GMT
Expires: Tue, 09 Jan 2024 19:26:15 GMT
Cache-Control: public, max-age=31536000
Age: 271472
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
i.ytimg.com/vi/9xunhk5qLa4/maxresdefault.jpg
142.250.74.118200 OK 104 kB URL HTTP/2 i.ytimg.com/vi/9xunhk5qLa4/maxresdefault.jpg
IP 142.250.74.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 104 kB (104070 bytes)
Hash 906bcd827fd342d067d06116d33f77f5
3715f8ae407fd64faf1eabf054687764a0d9ad56
130880a2fe39e3a372a2b5aa9ffef69d4626c3db04be7e59b0a10b314cbe0e11
GET /vi/9xunhk5qLa4/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://elyratde.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 104070
date: Thu, 12 Jan 2023 22:50:47 GMT
expires: Fri, 13 Jan 2023 00:50:47 GMT
cache-control: public, max-age=7200
etag: "1430009839"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1d0042b96e1d5629f92d924a1826da92
96ca2626598559511838aa3d2060f0a8c69f5b0d
ae7b18f058a30a250ffad71a40af13e3fcf97661f5fbe4850b648fe9c103974b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash aabd4cb92d42e0c9e2d3860118029a6c
53325cdd89f9a117ac79dff7cedfd6370b07f33b
d9bc7a65b7e179ebd42170d0d43372e90739264df1f87a511ee0aab5ab012e85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/d759e46a/www-player.css
142.250.74.78200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/d759e46a/www-player.css
IP 142.250.74.78:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8a6331ed48be29c59230b0c7360068de
22a20436f427d6b8e26eb30ed9aab51a43d389bf
72f0818ab04697fc29d331b2add584f3cd5e269446c7297300701a4666c9d95e
GET /s/player/d759e46a/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/QpUzdL1ulAc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49911
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 18:40:50 GMT
expires: Tue, 09 Jan 2024 18:40:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 Jan 2023 01:16:55 GMT
content-type: text/css
age: 274197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/d759e46a/www-embed-player.vflset/www-embed-player.js
142.250.74.78200 OK 109 kB URL HTTP/2 www.youtube.com/s/player/d759e46a/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (679)
Size 109 kB (109234 bytes)
Hash d6d44fc5442dbdbacf595df7b41c745d
3d55815689dd977c56e84d49e2dbff3e538946f3
6bb633d958de3cbfec73ff275ce39dd66ada8952f76cdcc3485eec1c4391d0c0
GET /s/player/d759e46a/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/QpUzdL1ulAc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109234
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 18:40:50 GMT
expires: Tue, 09 Jan 2024 18:40:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 Jan 2023 01:16:55 GMT
content-type: text/javascript
age: 274197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/d759e46a/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.78200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/d759e46a/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.78:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/d759e46a/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/QpUzdL1ulAc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 14:34:47 GMT
expires: Thu, 11 Jan 2024 14:34:47 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 Jan 2023 01:16:55 GMT
content-type: text/javascript
age: 116160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e04c434a47671cee0907c41fd7e5d029
a57ab374a416e4b5c5c43eebb140bdb6669ff4b3
e4ff7d1f0fad5746e18d3a1f9c3fb61700e7de0bb06c335751f3a85a44330e6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:47 GMT
Etag: "63c00cef-118"
Server: ECS (amb/6BC8)
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 21:48:03 GMT
expires: Fri, 12 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 3764
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 16:40:43 GMT
expires: Fri, 12 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 22205
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
elyratde.ga/favicon.ico
104.21.10.177404 Not Found 139 B IP 104.21.10.177:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c9da507c6990a2c6e7b4ae97f4cb5158
697ea5562b99040af8436b0988bdb64842241273
193d87f6c6a008dad50e2011d12f99671b02e6626f816a7c1f26ed24bf113e09
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /favicon.ico HTTP/1.1
Host: elyratde.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elyratde.ga/
Cookie: ch1c=b
HTTP/1.1 404 Not Found
Date: Thu, 12 Jan 2023 22:50:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qjsgcIuuUp6534Rvj%2BcziUTIQuN3mtDhYmNJkhyFbFKInXN6KJIrTHc7Vto%2BxExnhzJ4Y%2BHZcUJlngkE6IrjKuvGqWpHrrQ9kTCpLqeLMSmkUHdhPSGVper5pBVsA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 788974021c67fac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 12 Jan 2023 22:33:45 GMT
age: 1023
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
image.winudf.com/v2/image/Y29tLm1vYmluY3ViZS53c2Uuc2NfM1BGQ1U1X3NjcmVlbnNob3RzXzFfNTA0M2MyODM/screen-1.jpg?fakeurl\u003d1\u0026type\u003d.jpg
104.26.9.22404 Not Found 19 B URL HTTP/2 image.winudf.com/v2/image/Y29tLm1vYmluY3ViZS53c2Uuc2NfM1BGQ1U1X3NjcmVlbnNob3RzXzFfNTA0M2MyODM/screen-1.jpg?fakeurl\u003d1\u0026type\u003d.jpg
IP 104.26.9.22:0
Hash ed8e25241e4691d196358d9797ffa2ef
b6fe28edab84ab0ca06090463a3511dfa8394072
c65d30a98bee3e9eb2928380cd535caadfeb8ec0ed5b9507af545da467113db2
GET /v2/image/Y29tLm1vYmluY3ViZS53c2Uuc2NfM1BGQ1U1X3NjcmVlbnNob3RzXzFfNTA0M2MyODM/screen-1.jpg?fakeurl\u003d1\u0026type\u003d.jpg HTTP/1.1
Host: image.winudf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://elyratde.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 12 Jan 2023 22:50:48 GMT
content-type: text/plain; charset=utf-8
content-length: 19
etag: a1381d21
x-content-type-options: nosniff
x-cache: MISS
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMgGsaUd8AmZrui84nPJ%2BQCsqch7jSVaUJ7m70j1hvcuB1E34GKskAlYGMmF5PI6hwF8%2Fq2wwWAsGYqP5kkrg8gopvgIoPyE%2BIcyNFD1wDUQLT11KwM9%2F%2FwkCg1CfwMjSXo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
server: cloudflare
cf-ray: 788973ffe9d1b511-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1362750c01a8e1a2db32aa73ae46a48d
a423b43f2bd52bd4ec38b760a674866a1294c5ad
f0f57e27c4ec8f1cd8e05f530edc37fb1e4a94ffe92e5729939998346f2e204f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6394
Cache-Control: max-age=129752
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Etag: "63bfcda6-1d7"
Expires: Sat, 14 Jan 2023 10:53:20 GMT
Last-Modified: Thu, 12 Jan 2023 09:06:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 90b213e442f9a7ac8cdfc2fe2393a6c3
7b17f3118b45f09b02fc1adea3638b606d0e5504
f17b9e9fa99ce11df3e6f7b09abf8c4e768e3b0b3eba0ea0a49cee894ad4ea87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 84bc2060900846c99a69d9e3d277993d
7c437f95f94f13f8257583c0062b1dc314303eec
5410ccdbfc43753b3031e067ec1f8cd96b5a49cbc2a7808ab81a7422a89b33d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 22:47:37 GMT
expires: Thu, 12 Jan 2023 23:02:37 GMT
cache-control: public, max-age=900
age: 191
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 12 Jan 2023 22:50:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 90b213e442f9a7ac8cdfc2fe2393a6c3
7b17f3118b45f09b02fc1adea3638b606d0e5504
f17b9e9fa99ce11df3e6f7b09abf8c4e768e3b0b3eba0ea0a49cee894ad4ea87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b1f465f2178efe2786ee28d13fb5e76d
777860d696be5da2a3e844ff1d29e8589cafe5a9
27d9f7abe75dd3a91116324e0f0769191432f1425ebdc17ffa67085e7c747deb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0781cf77974e952683ab5c7ca2b194
2c8ad5f8e41f21e754983651d041a0e48520f5fe
6de0d87eb34209dcd25d8057f206ca2fba4afe08bea15ea0deedd7736fb5c09b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3b4c0e800eb76badb34a8c28d52b085e
01dcf7432a95bcace9cff3bec53ef1a266cdb17f
59edd95dd80b7d697e4a0ad55e9ef84ada16b729e4ef8b92a9a505989e893b3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 12 Jan 2023 22:50:48 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.40.156.74101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.156.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 53oNsde15crpMVn1NmOIaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gQSJwZc3inj36iq4iJMQWkEkzCA=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 418cc0013b870a3e893a890d6962312b
837c5288a29dd6d9a5c418e34d635100e9f206d8
f97954804b50167f137f2fd67fe3a95efe35b4b7dc75d64f22a996388f78d792
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
216.58.211.4200 OK 14 kB URL HTTP/2 www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (35786)
Hash ab1d51e6cf1d842260dab25a4332649c
0c814f9168dff9647a797787c2109a568904fedb
4b4e6a92912d486accd192aec1f4ba5ffee3658019c01e98199976a192941f09
GET /js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 18:08:18 GMT
expires: Fri, 12 Jan 2024 18:08:18 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 16950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash da7ff7640fb7daa75f001fcfa7e7a545
ab929b43d610a26121dadd0b59dc187b1fe6d35f
8c218e6e4cca195d8a3436a733f9b8c69cbcef88215a09c8ef5d5d82cd0f3906
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 12 Jan 2023 22:50:48 GMT
server: ESF
cache-control: private
content-length: 30566
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b1f465f2178efe2786ee28d13fb5e76d
777860d696be5da2a3e844ff1d29e8589cafe5a9
27d9f7abe75dd3a91116324e0f0769191432f1425ebdc17ffa67085e7c747deb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 94b3851fdf453ccc8b2811666f0e75b6
368cbc57c06510dd49c697beabb2b55cd94251fb
9fa7350969af6fdecad31fee10e336d87996e921c6e2a2e3c0db55ee5f8976d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu9hLpM6meKT5EYx1_SdSbYmqbruX-6r9EuacLWw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 5.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9hLpM6meKT5EYx1_SdSbYmqbruX-6r9EuacLWw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 7efb749fc6dbc3671cce3b911beccc43
2862afb3c541fae2970f9999703616e45b5f0779
488101767db63e31aaeb5f198253ee286999e0a93005cadf0f3638583b8b74b6
GET /ytc/AMLnZu9hLpM6meKT5EYx1_SdSbYmqbruX-6r9EuacLWw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5199
x-xss-protection: 0
date: Thu, 12 Jan 2023 20:22:02 GMT
expires: Sun, 08 Jan 2023 20:27:08 GMT
cache-control: public, max-age=86400, no-transform
age: 8926
etag: "v1ec5"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 369a4ab78242abec248f6b88008a1399
4375b764b0924e68be4cd510f47a82be045576b1
964e5a697a13aebd30c22e520ff45ec6a8de1286913d2fde1edd88f57c9bf47c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 94b3851fdf453ccc8b2811666f0e75b6
368cbc57c06510dd49c697beabb2b55cd94251fb
9fa7350969af6fdecad31fee10e336d87996e921c6e2a2e3c0db55ee5f8976d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 22:50:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 12 Jan 2023 22:50:49 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0f7b2ebac9a87c93bab54bcc7b76c2c0
783027a7ed3af58979ddbf7ee16d741a9935702c
71252f782cb012f411449886c18b5fb9d7f5abaa15e1bbe3050e851bbba36b36
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1176
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 12 Jan 2023 22:50:49 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4883
Expires: Fri, 13 Jan 2023 00:12:12 GMT
Date: Thu, 12 Jan 2023 22:50:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4883
Expires: Fri, 13 Jan 2023 00:12:12 GMT
Date: Thu, 12 Jan 2023 22:50:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4883
Expires: Fri, 13 Jan 2023 00:12:12 GMT
Date: Thu, 12 Jan 2023 22:50:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4883
Expires: Fri, 13 Jan 2023 00:12:12 GMT
Date: Thu, 12 Jan 2023 22:50:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7792e19-fdcf-4706-b221-7d3353e6b9ae.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7792e19-fdcf-4706-b221-7d3353e6b9ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba61442e6ededd7b49f6244613df0e63
385f45b5920174ca20bcc2d9c02eedb4641f48a9
5e5cd1fd026dc72d0c3c5032fbae17f3383c64ee2714808c892c094353f31012
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7792e19-fdcf-4706-b221-7d3353e6b9ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5990
x-amzn-requestid: 54a83ca0-eb61-4212-8c98-e1e182b860ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsZiEeBoAMF7kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2770-3565b4d43d28ee3c0fd16ed0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SUICoi37lPgXPQu4PTLCmc-6l2G9SHKz8f2qhZgHBMEbuuSi5zMiaQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 03:36:22 GMT
age: 69267
etag: "385f45b5920174ca20bcc2d9c02eedb4641f48a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf607d81-8ffa-40b2-99b8-aa5c1239186f.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf607d81-8ffa-40b2-99b8-aa5c1239186f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9354abfecddf75fd2bb984513f385cc
3d71edaa5d7ee522d792057f3e03cde57df24505
e9595fbc51992b0eda6495c7074c4e9498d837b3de08493f9af3370123372249
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf607d81-8ffa-40b2-99b8-aa5c1239186f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7937
x-amzn-requestid: 4806ead5-b4d3-41ce-9593-ae48766c6b04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecS3vHjkoAMFWnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb31ca-55bc2dce379e4e894029ecd5;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:12:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _5jwIJvOx6NuVkR6eXWfTQBbQwkmxKgh7a3HlTrRlvVujfa5cf1TgA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 07:58:08 GMT
age: 53561
etag: "3d71edaa5d7ee522d792057f3e03cde57df24505"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76af8d19-4a05-460d-a524-bb2b3c3953fa.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76af8d19-4a05-460d-a524-bb2b3c3953fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96a47a24ef363784de868a15fc60c7ac
b1b57ae6a1e9a8aacf00c54b07cfa2971f0bafdb
ec788e13d652db77adb67e597a120df9e83d52d5eec75bee0f1b25b680d01d6e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76af8d19-4a05-460d-a524-bb2b3c3953fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7246
x-amzn-requestid: 5004aed5-9fe7-494c-bf60-7128ade12dfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eph5yFH1oAMF-FQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c07d0b-6a9e5d35623bee671a840841;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4R-7YJimkZQ8lfM8705VhKrhy5FwD1HS--C47k8Z-4S7yDsIbHFdlA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 22:08:47 GMT
etag: "b1b57ae6a1e9a8aacf00c54b07cfa2971f0bafdb"
content-type: image/jpeg
age: 2522
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c7f0f7b-f89e-4c1d-bcb0-8320165c0799.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c7f0f7b-f89e-4c1d-bcb0-8320165c0799.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1cff64e08720bab2f19d7f3649776cb
9a3a7926851f5b902977cd16430e1cc4289bd222
b3dadac3a431a57c0c2cb3627dfcba8d81917efc0f227d9b7c9cd356e072a28f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c7f0f7b-f89e-4c1d-bcb0-8320165c0799.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6903
x-amzn-requestid: a2fc704c-527e-4837-bc23-e8b5e4019247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eph5yFSPoAMFgsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c07d0b-6285f903388bea457838e844;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V0xcYoGRUqRXPJwDlhcggpPF-U6uUWjkL_Du6V6GKp1Pe7jf7qXe-w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 22:06:27 GMT
age: 2662
etag: "9a3a7926851f5b902977cd16430e1cc4289bd222"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F193388df-66d1-4b0b-a76a-1bceb229f97d.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F193388df-66d1-4b0b-a76a-1bceb229f97d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d51665a3de125668caaa8dd7b0a000d6
87b5fbde66fefcbaaf29819989564963066c6fbc
2c0feea5fbcdad197412b0c07f9caf933685e7e023b3e84df7f92e021331c48d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F193388df-66d1-4b0b-a76a-1bceb229f97d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9771
x-amzn-requestid: 3c3eac1d-07c9-4755-bbae-a2c0b2b50183
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eph7iFzwoAMF8Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c07d16-30bcb44a7d99a0295b0aee70;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iauWiLHJBG7KGhoiBTKUr-KFr4ROM_RBtfo0_H734iHClgwtubB99A==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 22:02:02 GMT
age: 2927
etag: "87b5fbde66fefcbaaf29819989564963066c6fbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 14:00:13 GMT
age: 31836
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/embed/QpUzdL1ulAc
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/embed/QpUzdL1ulAc
IP 142.250.74.78:0
GET /embed/QpUzdL1ulAc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://elyratde.ga/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 12 Jan 2023 22:50:47 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=9_hTHrOBtLU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=ZMg55OxzGTo; Domain=.youtube.com; Expires=Tue, 11-Jul-2023 22:50:47 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU0Tnprd01UazVNVEk0TlRBek9EZzNNUT09EMedgp4GGMedgp4G; Domain=.youtube.com; Expires=Tue, 11-Jul-2023 22:50:47 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+577; expires=Sat, 11-Jan-2025 22:50:47 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js
IP 142.250.74.78:0
GET /s/player/d759e46a/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/QpUzdL1ulAc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 611140
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 16:18:28 GMT
expires: Fri, 12 Jan 2024 16:18:28 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 Jan 2023 01:16:55 GMT
content-type: text/javascript
age: 23539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn6.aptoide.com/imgs/e/7/1/e71698a1b7a864d76389dcbc3efdea3b_screen.png?h\u003d464
104.22.11.83200 OK 0 B URL HTTP/2 cdn6.aptoide.com/imgs/e/7/1/e71698a1b7a864d76389dcbc3efdea3b_screen.png?h\u003d464
IP 104.22.11.83:0
GET /imgs/e/7/1/e71698a1b7a864d76389dcbc3efdea3b_screen.png?h\u003d464 HTTP/1.1
Host: cdn6.aptoide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://elyratde.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 22:50:48 GMT
content-type: image/png
last-modified: Thu, 04 May 2017 13:17:50 GMT
vary: Accept-Encoding
etag: W/"590b29fe-1b8dc"
cache-control: max-age=315360000, public
content-encoding: gzip
x-cache-status: HIT
x-lb-source: lb12
cf-cache-status: MISS
server: cloudflare
cf-ray: 78897401caa3b527-OSL
X-Firefox-Spdy: h2