emdlvr.com/44my
104.21.51.219301 Moved Permanently 231 B IP 104.21.51.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1de05a9b393c96fe6776160308d3d2b8
9a85a2fb24d640f51a6b14bfae6329d9fd592531
b099a773236ad01cd432d675513d2f63e045148bbb59b542e155dad5e951941a
Analyzer Verdict Alert fortinet Phishing
GET /44my HTTP/1.1
Host: emdlvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 12 Nov 2022 10:43:51 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: upgrade-insecure-requests
Location: https://emdlvr.com/44my
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8vTPJ%2BK9tP0wmSXx0Ve4mXf8faZLbx9XFPDdeMqIZafhprRXwlHfeg7KYS9liLtZw59D%2FmmNDnMY4v%2BGwvpc0tNmnJxlJhfKAZq3I0HsJB2tTmowzEZqZmAgG7l"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 768eab47db1eb527-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12807
Expires: Sat, 12 Nov 2022 14:17:18 GMT
Date: Sat, 12 Nov 2022 10:43:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8391107bfc5e4673e8a706f90f63768
5295ed0b1cb8bad4d3e851049acc7f0270937d12
ed5c27510100ffc4481be474ebcb020d147c645beb110604d5284eeeb8b97c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED5C27510100FFC4481BE474EBCB020D147C645BEB110604D5284EEEB8B97C02"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3157
Expires: Sat, 12 Nov 2022 11:36:28 GMT
Date: Sat, 12 Nov 2022 10:43:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3993
Cache-Control: max-age=89649
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:51 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 11:38:00 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nXoLfME3twRYxylc2VjQtDziqaAH3ECdrj7xO53fEJtXfnW2eGlqO95StzvyomFfm5uIasUUf3Q=
x-amz-request-id: WVH21H9Y2WVRP8S1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 10:12:57 GMT
age: 1854
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 09:44:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3582
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f66b24e53f8c0d696f9ff61ec98e7624
3353baff169fb975f9b0ab0a581e89cdc866faab
104892f25877aa8d08edb1d59d9ff2ded58096e2b92912e4539d91d5afcf9d2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6204
Cache-Control: max-age=145805
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:52 GMT
Etag: "636ef739-118"
Expires: Mon, 14 Nov 2022 03:13:57 GMT
Last-Modified: Sat, 12 Nov 2022 01:30:33 GMT
Server: ECS (amb/6B98)
X-Cache: HIT
Content-Length: 280
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 10:43:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f66b24e53f8c0d696f9ff61ec98e7624
3353baff169fb975f9b0ab0a581e89cdc866faab
104892f25877aa8d08edb1d59d9ff2ded58096e2b92912e4539d91d5afcf9d2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6205
Cache-Control: max-age=145805
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:52 GMT
Etag: "636ef739-118"
Expires: Mon, 14 Nov 2022 03:13:57 GMT
Last-Modified: Sat, 12 Nov 2022 01:30:33 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 09:44:48 GMT
cache-control: public,max-age=3600
age: 3544
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a307b67b194fc3225a4a86575fca7ae1
5ddc7c3d2302c18fa577651720f4295954522640
8005fbd9a97fc40e58703ef125147f7eb4d32c2537915daf2e260ed63c2c7fd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=171312
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:52 GMT
Etag: "636f7318-116"
Expires: Mon, 14 Nov 2022 10:19:04 GMT
Last-Modified: Sat, 12 Nov 2022 10:19:04 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a307b67b194fc3225a4a86575fca7ae1
5ddc7c3d2302c18fa577651720f4295954522640
8005fbd9a97fc40e58703ef125147f7eb4d32c2537915daf2e260ed63c2c7fd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=171312
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:52 GMT
Etag: "636f7318-116"
Expires: Mon, 14 Nov 2022 10:19:04 GMT
Last-Modified: Sat, 12 Nov 2022 10:19:04 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6507
Cache-Control: max-age=87087
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:52 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:55:19 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
172.67.214.203200 OK 50 kB URL HTTP/2 get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
IP 172.67.214.203:0
Hash 8002d3dc122c84d95444917e8308e2c5
d27341853c73e0898f0ecc36fd541d13727dc818
0f05e32ab06f0a832b030a45ec78bb9ac3005bb0c7b1e6d94ebb6325e0dd9d36
GET /video/?aff_id=3438&subid=agi1112vistaclear HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emdlvr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 10:43:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OpUe4boWvGlSrMFvic1Of%2FwSsDD1%2BVfSnX16Uo7FOWfpNjEt0HXhrEI867YewonXgn4x%2Fy55uMlcQ2tqF0Hja6znnk29BcUXyDpZf2hNtBLD6dRJPc25h3O3%2BFcSzWGPcWC2ckEtu0P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 768eab4d6fc1b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4b01094abe63d3e4923f252f0c039fe7
8c5814463774a0dc794d1230a204893464d4607e
59b7ff9c36d4adf4201f58f633c4c18ab66f81db58ba93d24c78f0e39d93bba0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=144274
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:52 GMT
Etag: "636f097a-117"
Expires: Mon, 14 Nov 2022 02:48:26 GMT
Last-Modified: Sat, 12 Nov 2022 02:48:26 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 1.8 kB IP 142.250.74.35:0
Hash c039c3ddc25d7dc565bdac4a1e67200e
59703d3ae24734e35b28458550b5b8464f109970
db9f590b40192a151f36730d45ae90030686fed202ec956c250fbc440082a447
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NXRWNWV
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NXRWNWV
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 8e25278441c610fd4ab35a7176663c8f
032b8dd0348fab109af73ad9a9bb29c994db6984
f46433f2de6cb9658e2f1cf44d1b0d4c76005a175a21eeb13db0ee277c3af695
GET /gtm.js?id=GTM-NXRWNWV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 10:43:52 GMT
expires: Sat, 12 Nov 2022 10:43:52 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.161.231.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.231.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZGpeK8KX1lZoQLRhK4GQPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xNg0u8wjuPSX/NeJVWJsvzOTbu8=
display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6574
172.66.43.115200 OK 1.6 kB URL HTTP/2 display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6574
IP 172.66.43.115:0
Hash 62e2b786709931e8cb44d5c1ac4526fe
b2b39f9d5e007cd661baaca95ed9ed9740fda4f5
b2ba6923c860843f307fed2a7c14684cbc6800c5d6171b614ee71d0fadf35db5
GET /v1/disclaimer?id=disclaimer&account_id=6574 HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 10:43:53 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 768eab4fcd2e1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/css/bootstrap.min.css
172.67.214.203200 OK 101 kB URL HTTP/2 get.vistaclear2020.com/includes/css/bootstrap.min.css
IP 172.67.214.203:0
File type ASCII text, with very long lines (65324)
Size 101 kB (100808 bytes)
Hash 3db5c5d75ba5428704fa4ef92bb009d7
6e061feea5a370117bdeb06b6bec9ad145c33f43
fb93aecaec5317e769a244b217caf423420bf45bf3143e389e620328f5f01706
GET /includes/css/bootstrap.min.css HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 10:43:52 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 02 Aug 2022 08:42:31 GMT
etag: W/"27293-60412265-2b6cec;gz"
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iGUIcBDJCgrNj5qrvgLKuwpMUaIL5AqAzcNXxNGG58zefi3pjmCBF21ia8HsMbeHNnZW7DHPfzosgr6h6GKXrFebH1pQ%2B0DN9zU9lqfDOvNwhC61t7bji5Xaz5sxc6Xw1u10d7gNZHR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 768eab4e7916b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 21e62dc5ed53094ea9eb654972cd19ad
338efa322545fa9dc8604614e06660ebce547746
e99318e6b3388a9586a849b2c15cf152fbe70423e315190387e8f8fbdead67b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116207
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:53 GMT
Etag: "636e9bd8-117"
Expires: Sun, 13 Nov 2022 19:00:40 GMT
Last-Modified: Fri, 11 Nov 2022 19:00:40 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:46:16 GMT
expires: Fri, 10 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 133057
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 12:31:58 GMT
expires: Sun, 05 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 598315
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-EHC18Y9QGN>m=2oeb90&_p=1595624427&cid=2049742522.1668249833&ul=en-us&sr=1280x1024&_s=1&sid=1668249832&sct=1&seg=0&dl=https%3A%2F%2Fget.vistaclear2020.com%2Fvideo%2F%3Faff_id%3D3438%26subid%3Dagi1112vistaclear&dr=https%3A%2F%2Femdlvr.com%2F&dt=Vista%20Clear%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-EHC18Y9QGN>m=2oeb90&_p=1595624427&cid=2049742522.1668249833&ul=en-us&sr=1280x1024&_s=1&sid=1668249832&sct=1&seg=0&dl=https%3A%2F%2Fget.vistaclear2020.com%2Fvideo%2F%3Faff_id%3D3438%26subid%3Dagi1112vistaclear&dr=https%3A%2F%2Femdlvr.com%2F&dt=Vista%20Clear%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-EHC18Y9QGN>m=2oeb90&_p=1595624427&cid=2049742522.1668249833&ul=en-us&sr=1280x1024&_s=1&sid=1668249832&sct=1&seg=0&dl=https%3A%2F%2Fget.vistaclear2020.com%2Fvideo%2F%3Faff_id%3D3438%26subid%3Dagi1112vistaclear&dr=https%3A%2F%2Femdlvr.com%2F&dt=Vista%20Clear%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get.vistaclear2020.com
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://get.vistaclear2020.com
date: Sat, 12 Nov 2022 10:43:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1bb279167832b97b5e80041e8975740c
48d5f288978ea6717b16e0f96974a23603361cc2
894d4dd927851fb6078c3bd527e3f424c4e3ad3f6ebdfa7c0fee089e0ce044cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4879
Cache-Control: max-age=151321
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:53 GMT
Etag: "636f11f3-1d7"
Expires: Mon, 14 Nov 2022 04:45:54 GMT
Last-Modified: Sat, 12 Nov 2022 03:24:35 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: iQxtuKPmn2Mi7px1QlErQ+PbmFX2OexbW5wYOafhB9qoi0Y9xlbfxJ/XGRSfZyehAgLaPdpRTbIueZDuJuYZIw==
content-length: 27337
x-fb-trip-id: 1904183273
date: Sat, 12 Nov 2022 10:43:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1bb279167832b97b5e80041e8975740c
48d5f288978ea6717b16e0f96974a23603361cc2
894d4dd927851fb6078c3bd527e3f424c4e3ad3f6ebdfa7c0fee089e0ce044cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5454
Cache-Control: max-age=151896
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:53 GMT
Etag: "636f11f3-1d7"
Expires: Mon, 14 Nov 2022 04:55:29 GMT
Last-Modified: Sat, 12 Nov 2022 03:24:35 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16310
Expires: Sat, 12 Nov 2022 15:15:44 GMT
Date: Sat, 12 Nov 2022 10:43:54 GMT
Connection: keep-alive
tracking.buygoods.com/track/?a=6574&firstcookie=0&referrer=https%3A%2F%2Femdlvr.com%2F&product=vista1,vista3,vista6&sessid2=
172.66.40.234200 OK 2.3 kB URL HTTP/2 tracking.buygoods.com/track/?a=6574&firstcookie=0&referrer=https%3A%2F%2Femdlvr.com%2F&product=vista1,vista3,vista6&sessid2=
IP 172.66.40.234:0
File type ASCII text, with CRLF line terminators
Hash 996a80c02dd663fbf2736d7ef0c4c320
e2a27bb5871fad7430fc81a3bee755ff4858bc7b
b2901d69a1a1e629a47bb70608269f9313c656d94d332396a2e2e9ae0bb39801
GET /track/?a=6574&firstcookie=0&referrer=https%3A%2F%2Femdlvr.com%2F&product=vista1,vista3,vista6&sessid2= HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 10:43:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 768eab50eeabfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
age: 46722
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 084ca839d34b15916cd2f5034440a1ef
7764777ce9a862c1590712ef33032df72edefffd
b8893d7f327f88316cb909ded7fd8f4e1809190a7da807677785bf953f6e33fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8482
x-amzn-requestid: 79e5e211-afc8-4531-b361-6f6f3386f16e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUGJsIAMF7Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-5a0ba4a93eba91c81ba3a9bc;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CxrOwBRw0YlwOnKPJZI7h7YEwOAYS3ZtFa8q2o5rDvQct6pehCAFAg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:51:43 GMT
age: 46331
etag: "7764777ce9a862c1590712ef33032df72edefffd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 567bcdef39653e949301b97714168c31
8669185a5f338e34026c48310c88c5a9d8caa1c2
7ecaa9ceaa0a60e608e62571108fbcf49f6fa2b3e77feacbf52d319beda40db1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2eaa4311-959b-4a18-8135-b4ce754c0765.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7533
x-amzn-requestid: 985674ba-be97-4ca3-babb-594c61f8d6c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM8BEqFIAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1e6-3abc6a525f2a2bde14465b7e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DRfYKF1_Z56kxeaprUhH1Ng8MgW0Z6Xx_yWwiO3MnswRFY482udCjg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:43:48 GMT
age: 46806
etag: "8669185a5f338e34026c48310c88c5a9d8caa1c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 701700f42e1b0e528a63c3bd2a4c54e7
a3af603900538ea10e094981d298a0b37d0ab896
c84ac2d3524eb950a433aa01e1226d995d87948452e4e135a4661094923ca465
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4268
x-amzn-requestid: 19d2f4e7-b6c1-4093-b54c-70a9a476ad89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEwYIAMFg7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-6e2f5a6147153e5c32cc4499;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1tbxcsSYcJuquYxeYfqcwaQaHpWmL9jwX31h1ZIyXO6i5A8gIbFQmA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "a3af603900538ea10e094981d298a0b37d0ab896"
content-type: image/jpeg
age: 46722
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PrJoEROPymrtc0egNlWRoOMjohiCo3zReD01qAHwByaSiXarfRS0XQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:43 GMT
age: 45791
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f09e254cd6f2e29b3bf198cc5d58a46f
fa34520e849bf746ff43aec3d28beb9e4be44f4d
2e29eace95fd8cb5b6d77df880d2044ecab4206cba47931c3a95e77c1b4e9d9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 2a2d20f4-3aa5-475e-8ec2-fc569766335e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhQGAhIAMFrjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-26dc0259793ec94814f3d41a;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OKFzEoCVITStAPxYzhksarrlTkVeATx6AzBnEK32WLFaOeEIwLMu_Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "fa34520e849bf746ff43aec3d28beb9e4be44f4d"
content-type: image/jpeg
age: 46722
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 825b44d24d8bc851404dded7ee683a42
2887c729f065c930e405c4d2a39132e4716701c0
09076a8b67da7f3a4fc47d793de28b62433a97dd68d9b1ffb27355c27fad9b14
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 23dd8b12572b78e5d32d491b3d0d9d32
718c3e3abcc55c295c72e5ee4e5441fe5acc1363
f72c359246ea96d4f28bbc5aee8d4d24fcba9f47dfc691693f6c49e370d9b103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 10:29:05 GMT
expires: Sat, 12 Nov 2022 10:44:05 GMT
cache-control: public, max-age=900
age: 889
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.226302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 12 Nov 2022 10:43:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 825b44d24d8bc851404dded7ee683a42
2887c729f065c930e405c4d2a39132e4716701c0
09076a8b67da7f3a4fc47d793de28b62433a97dd68d9b1ffb27355c27fad9b14
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
get.vistaclear2020.com/includes/css/fontawesome.min.css
172.67.214.203200 OK 13 kB URL HTTP/2 get.vistaclear2020.com/includes/css/fontawesome.min.css
IP 172.67.214.203:0
File type ASCII text, with very long lines (58749)
Hash b0698e510c6a689ad29b4e1325245f39
380564814228ddd9a13531232ac20b2d01c1d378
4d2299740c23d207fbc1a56d7676a58d62d4df0e37f97b652ce1f20527bedf50
GET /includes/css/fontawesome.min.css HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 10:43:52 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 10 Nov 2022 12:18:34 GMT
etag: W/"e637-60412265-2b6ced;gz"
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2B6gsW24XZc12PhBapkc%2FaqiPsohW7ihvFh8vcvUlENPYJ2P4548dGgDzhWa7aUP9YsedaoEZZ23iRUrpKULzi1WNbLMwmoAOTbj0vzEkzbJQOVoVN1R5Uus%2F7cp%2F8lX%2BV%2BFMV%2B7glRc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 768eab4e7917b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 12 Nov 2022 10:43:54 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a7d7a5379a732fc5eadab78de886cc31
6df8c63644e97bf57262415f24e270c718e1758b
c355159cc937a19485f62cc446530f319749237e147adbb2c5784d1d2c20ed64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 767a61fd05360904be79aa4971858fa2
b35a4c33d75fa42c04a59335a05ebb633008c362
a84a2b820e035e0bb058642b341fefe005905938ff0e1e4aa8a2ccb2f4582dfc
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 12 Nov 2022 10:43:54 GMT
server: ESF
cache-control: private
content-length: 30894
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
142.250.74.164200 OK 100 kB URL HTTP/2 www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
IP 142.250.74.164:0
Size 100 kB (100271 bytes)
Hash 4d8965ec42a729b4dfc96101f5bdc35a
2a31359a08357fc135a48731e970f4f1eaf35d60
b15397f213a1cdb3fad012228b0c42f55711b646fd2ddcee2cd9b646f135dcea
GET /js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 06:09:06 GMT
expires: Thu, 09 Nov 2023 06:09:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 275688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 562149e460e7949cc1e3726ac7c854bf
90c304ab2081e4d04e1c6a176e8193787986a0b2
9f83f2b72570abc2c662aacf80e9eac0ab0410de0e147b2f786767edd4dcc4fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-yWoHCB6YuibfRCCa-QONjGyInqw1wx96T1Q=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-yWoHCB6YuibfRCCa-QONjGyInqw1wx96T1Q=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash e8157af81b11f73148cc743f2b0a4f1b
7f087ada66df8aad4796401989cbe722e046e6a9
52c11306053959a9d81f734827c36c10471ff85c6147519022c337720fc0d412
GET /ytc/AMLnZu-yWoHCB6YuibfRCCa-QONjGyInqw1wx96T1Q=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 13 Nov 2022 10:43:54 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 12 Nov 2022 10:43:54 GMT
server: fife
content-length: 1102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 562149e460e7949cc1e3726ac7c854bf
90c304ab2081e4d04e1c6a176e8193787986a0b2
9f83f2b72570abc2c662aacf80e9eac0ab0410de0e147b2f786767edd4dcc4fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 12 Nov 2022 10:43:54 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 301561448a978149303db92d16ddcfa6
844493c3fc9e77be418e50b16dcf0507a205282c
e031afcb1608ae524f1db3cf4a930d39d20721e2c3124b002fd23697945b51e1
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 986
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 12 Nov 2022 10:43:54 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1665153503829428&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834134&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668249833347&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1665153503829428&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834134&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668249833347&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1665153503829428&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834134&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668249833347&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 10:43:54 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=650634019303740&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834146&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668249833347&coo=false&rqm=GET
31.13.72.36200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=650634019303740&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834146&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668249833347&coo=false&rqm=GET
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Hash 04782d3d15bab3c891364abbd183e0ec
407071da7402595c2333f0bf192e35631020c404
19968c95fb7a2831a73470287b7d9c9b7f8932295a952304caffa92d6deff999
GET /tr/?id=650634019303740&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834146&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668249833347&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 10:43:54 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=650634019303740&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834139&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668249833347&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=650634019303740&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834139&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668249833347&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=650634019303740&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834139&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668249833347&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 10:43:54 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=985770698745745&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834136&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668249833347&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=985770698745745&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834136&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668249833347&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=985770698745745&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834136&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668249833347&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 10:43:54 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1665153503829428&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834141&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668249833347&coo=false&rqm=GET
31.13.72.36200 OK 604 B URL HTTP/2 www.facebook.com/tr/?id=1665153503829428&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834141&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668249833347&coo=false&rqm=GET
IP 31.13.72.36:0
Hash 36ac46fc100eb6b676cfe4ac6a9051da
59b50601d475be6957438cafd45af19b21239765
41195e1febd8bc0bdc66879b6f62ea4ec3676de85b508036e7443e91cfdf2706
GET /tr/?id=1665153503829428&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834141&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668249833347&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 10:43:54 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=985770698745745&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834143&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668249833347&coo=false&exp=c1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=985770698745745&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834143&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668249833347&coo=false&exp=c1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=985770698745745&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668249834143&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668249833347&coo=false&exp=c1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 10:43:54 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 81ccbb7902c863166f53a39640243ffa
dfafdca34fcbe6216aca0fd5f4546d619de158e4
9cbbd3060811fdf09a697c428feac29738d4a443a64330b5a74164c8574fc4ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 81ccbb7902c863166f53a39640243ffa
dfafdca34fcbe6216aca0fd5f4546d619de158e4
9cbbd3060811fdf09a697c428feac29738d4a443a64330b5a74164c8574fc4ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=251&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1628750&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=audio%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=59542755&dur=4012.501&lmt=1616273605294414&mt=1668249450&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALYsn6haWmDn7DG6raI6nUFgznn5zYNi2FJaNI2QN3spAiEA2cwBgql5qALilncTk-e3asiPY6GRVnX2C47hkAFHkfE%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAP6relweyQiZ3kbbcSC4wyiQ8AFXOHvpkv1MvuX2E8YqAiEAziOkZt6s1A4kP96j5EQM9_zvJy7ptOEzhwG3xU8OOvk%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&range=0-72917&rn=2&rbuf=0
91.90.45.173200 OK 1.0 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=251&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1628750&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=audio%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=59542755&dur=4012.501&lmt=1616273605294414&mt=1668249450&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALYsn6haWmDn7DG6raI6nUFgznn5zYNi2FJaNI2QN3spAiEA2cwBgql5qALilncTk-e3asiPY6GRVnX2C47hkAFHkfE%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAP6relweyQiZ3kbbcSC4wyiQ8AFXOHvpkv1MvuX2E8YqAiEAziOkZt6s1A4kP96j5EQM9_zvJy7ptOEzhwG3xU8OOvk%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&range=0-72917&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1032), with no line terminators
Hash 8423e1f3dbba48f27d34b710546634ab
6f7b21458bd18229a2552dee75796b37f15697de
6f453c49dd2086107042bf2784a59c15f61dbb89a5838e318cfaff2c17ccb93d
GET /videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=251&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1628750&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=audio%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=59542755&dur=4012.501&lmt=1616273605294414&mt=1668249450&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALYsn6haWmDn7DG6raI6nUFgznn5zYNi2FJaNI2QN3spAiEA2cwBgql5qALilncTk-e3asiPY6GRVnX2C47hkAFHkfE%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAP6relweyQiZ3kbbcSC4wyiQ8AFXOHvpkv1MvuX2E8YqAiEAziOkZt6s1A4kP96j5EQM9_zvJy7ptOEzhwG3xU8OOvk%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&range=0-72917&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sat, 12 Nov 2022 10:43:54 GMT
Expires: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1032
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1628750&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=video%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&mt=1668249450&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTiLhNNGIfboMtjBxlATHJYLEei2L6AZo8ieLH9OYbikCIQDiXz5jo179dtAs9y9NgDBF_jPvF6lctHpe9xKKM3ip7Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAP6relweyQiZ3kbbcSC4wyiQ8AFXOHvpkv1MvuX2E8YqAiEAziOkZt6s1A4kP96j5EQM9_zvJy7ptOEzhwG3xU8OOvk%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&range=0-164056&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1628750&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=video%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&mt=1668249450&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTiLhNNGIfboMtjBxlATHJYLEei2L6AZo8ieLH9OYbikCIQDiXz5jo179dtAs9y9NgDBF_jPvF6lctHpe9xKKM3ip7Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAP6relweyQiZ3kbbcSC4wyiQ8AFXOHvpkv1MvuX2E8YqAiEAziOkZt6s1A4kP96j5EQM9_zvJy7ptOEzhwG3xU8OOvk%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&range=0-164056&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1115), with no line terminators
Hash 85425a231f994688392a00391d0fdb62
f1298d6c12ab4970547748fb7a9af4406775fe52
8287ae93428cbeb039eb92b7db4afaf53ee89ab87c13d9d32c60656f154a6042
GET /videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1628750&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=video%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&mt=1668249450&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTiLhNNGIfboMtjBxlATHJYLEei2L6AZo8ieLH9OYbikCIQDiXz5jo179dtAs9y9NgDBF_jPvF6lctHpe9xKKM3ip7Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAP6relweyQiZ3kbbcSC4wyiQ8AFXOHvpkv1MvuX2E8YqAiEAziOkZt6s1A4kP96j5EQM9_zvJy7ptOEzhwG3xU8OOvk%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&range=0-164056&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sat, 12 Nov 2022 10:43:54 GMT
Expires: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1115
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 81ccbb7902c863166f53a39640243ffa
dfafdca34fcbe6216aca0fd5f4546d619de158e4
9cbbd3060811fdf09a697c428feac29738d4a443a64330b5a74164c8574fc4ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 557fc016874475a1a014019b46509cde
82499956bc46b937465fbc356225508f85235c15
3db6143fe0faf3cb8084f09b7338a77b7281a65bb42343db2e0428caa396b540
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 557fc016874475a1a014019b46509cde
82499956bc46b937465fbc356225508f85235c15
3db6143fe0faf3cb8084f09b7338a77b7281a65bb42343db2e0428caa396b540
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5goeenez.googlevideo.com/videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=251&source=youtube&requiressl=yes&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=audio%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=59542755&dur=4012.501&lmt=1616273605294414&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALYsn6haWmDn7DG6raI6nUFgznn5zYNi2FJaNI2QN3spAiEA2cwBgql5qALilncTk-e3asiPY6GRVnX2C47hkAFHkfE%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668249684&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAORTu1lpLWMqtbXVA2tfGow19z4ju7s6UDj_QBqZcq3IAiAmeiE7DfsTMAKA7qH4z5RUtuvDkIH1uyQNkdUinEas9A%3D%3D&range=0-72917&rn=3&rbuf=0&pot=D91d1sysPfuE3WWThtk_KqV1O6IlpiZpOhISiSlEegOshEtIubVtUF7MhX7E-Ar5ZZJcPRoVFZw5PqX0nHcJwcHKYykLGMPCJ0ACm5UOBGHZTjOzNJZLmalsMfLm4IBdeScgZ_8=
74.125.111.6200 OK 73 kB URL HTTP/1.1 rr1---sn-5goeenez.googlevideo.com/videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=251&source=youtube&requiressl=yes&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=audio%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=59542755&dur=4012.501&lmt=1616273605294414&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALYsn6haWmDn7DG6raI6nUFgznn5zYNi2FJaNI2QN3spAiEA2cwBgql5qALilncTk-e3asiPY6GRVnX2C47hkAFHkfE%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668249684&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAORTu1lpLWMqtbXVA2tfGow19z4ju7s6UDj_QBqZcq3IAiAmeiE7DfsTMAKA7qH4z5RUtuvDkIH1uyQNkdUinEas9A%3D%3D&range=0-72917&rn=3&rbuf=0&pot=D91d1sysPfuE3WWThtk_KqV1O6IlpiZpOhISiSlEegOshEtIubVtUF7MhX7E-Ar5ZZJcPRoVFZw5PqX0nHcJwcHKYykLGMPCJ0ACm5UOBGHZTjOzNJZLmalsMfLm4IBdeScgZ_8=
IP 74.125.111.6:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 769c5a0efa206fa8c5ad965df13609d4
d8dfd5191736eccb2265faadc40ca7b6463c762f
a4e26c5760adc1ad994c6e3798cef7bec7af5ac208979582f37bf126597a6ea5
GET /videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=251&source=youtube&requiressl=yes&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=audio%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=59542755&dur=4012.501&lmt=1616273605294414&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALYsn6haWmDn7DG6raI6nUFgznn5zYNi2FJaNI2QN3spAiEA2cwBgql5qALilncTk-e3asiPY6GRVnX2C47hkAFHkfE%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668249684&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAORTu1lpLWMqtbXVA2tfGow19z4ju7s6UDj_QBqZcq3IAiAmeiE7DfsTMAKA7qH4z5RUtuvDkIH1uyQNkdUinEas9A%3D%3D&range=0-72917&rn=3&rbuf=0&pot=D91d1sysPfuE3WWThtk_KqV1O6IlpiZpOhISiSlEegOshEtIubVtUF7MhX7E-Ar5ZZJcPRoVFZw5PqX0nHcJwcHKYykLGMPCJ0ACm5UOBGHZTjOzNJZLmalsMfLm4IBdeScgZ_8= HTTP/1.1
Host: rr1---sn-5goeenez.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 20 Mar 2021 20:53:25 GMT
Content-Type: audio/webm
Date: Sat, 12 Nov 2022 10:43:55 GMT
Expires: Sat, 12 Nov 2022 10:43:55 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 72918
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-5goeenez.googlevideo.com/videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=video%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTiLhNNGIfboMtjBxlATHJYLEei2L6AZo8ieLH9OYbikCIQDiXz5jo179dtAs9y9NgDBF_jPvF6lctHpe9xKKM3ip7Q%3D%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668249684&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNFikK0zCBimuBD5VmMUSvicU9uwmzbkfoTCxxcO2Y9cCIQD-4MY6Q3fN7D8iZMcREOJAAOHDOVcVFol9ewtAE9pTgg%3D%3D&range=0-164056&rn=4&rbuf=0&pot=D91d1sysPfuE3WWThtk_KqV1O6IlpiZpOhISiSlEegOshEtIubVtUF7MhX7E-Ar5ZZJcPRoVFZw5PqX0nHcJwcHKYykLGMPCJ0ACm5UOBGHZTjOzNJZLmalsMfLm4IBdeScgZ_8=
74.125.111.6200 OK 164 kB URL HTTP/1.1 rr1---sn-5goeenez.googlevideo.com/videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=video%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTiLhNNGIfboMtjBxlATHJYLEei2L6AZo8ieLH9OYbikCIQDiXz5jo179dtAs9y9NgDBF_jPvF6lctHpe9xKKM3ip7Q%3D%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668249684&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNFikK0zCBimuBD5VmMUSvicU9uwmzbkfoTCxxcO2Y9cCIQD-4MY6Q3fN7D8iZMcREOJAAOHDOVcVFol9ewtAE9pTgg%3D%3D&range=0-164056&rn=4&rbuf=0&pot=D91d1sysPfuE3WWThtk_KqV1O6IlpiZpOhISiSlEegOshEtIubVtUF7MhX7E-Ar5ZZJcPRoVFZw5PqX0nHcJwcHKYykLGMPCJ0ACm5UOBGHZTjOzNJZLmalsMfLm4IBdeScgZ_8=
IP 74.125.111.6:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 164 kB (164057 bytes)
Hash 4fe403031aafda61e6575746e7aa54e3
44b2eab9eac1938503a4542d67b5e1d1daad74f6
81ffb466fbc2e2e3f115f90ffba79c881b8db35a69f22b5ec04ab57b4746efdb
GET /videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=video%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTiLhNNGIfboMtjBxlATHJYLEei2L6AZo8ieLH9OYbikCIQDiXz5jo179dtAs9y9NgDBF_jPvF6lctHpe9xKKM3ip7Q%3D%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668249684&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNFikK0zCBimuBD5VmMUSvicU9uwmzbkfoTCxxcO2Y9cCIQD-4MY6Q3fN7D8iZMcREOJAAOHDOVcVFol9ewtAE9pTgg%3D%3D&range=0-164056&rn=4&rbuf=0&pot=D91d1sysPfuE3WWThtk_KqV1O6IlpiZpOhISiSlEegOshEtIubVtUF7MhX7E-Ar5ZZJcPRoVFZw5PqX0nHcJwcHKYykLGMPCJ0ACm5UOBGHZTjOzNJZLmalsMfLm4IBdeScgZ_8= HTTP/1.1
Host: rr1---sn-5goeenez.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 20 Mar 2021 21:11:31 GMT
Content-Type: video/webm
Date: Sat, 12 Nov 2022 10:43:55 GMT
Expires: Sat, 12 Nov 2022 10:43:55 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 164057
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 557fc016874475a1a014019b46509cde
82499956bc46b937465fbc356225508f85235c15
3db6143fe0faf3cb8084f09b7338a77b7281a65bb42343db2e0428caa396b540
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 10:43:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5goeenez.googlevideo.com/videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=video%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTiLhNNGIfboMtjBxlATHJYLEei2L6AZo8ieLH9OYbikCIQDiXz5jo179dtAs9y9NgDBF_jPvF6lctHpe9xKKM3ip7Q%3D%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668249684&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNFikK0zCBimuBD5VmMUSvicU9uwmzbkfoTCxxcO2Y9cCIQD-4MY6Q3fN7D8iZMcREOJAAOHDOVcVFol9ewtAE9pTgg%3D%3D&range=164057-188811&rn=6&rbuf=4325&pot=D91d1sysPfuE3WWThtk_KqV1O6IlpiZpOhISiSlEegOshEtIubVtUF7MhX7E-Ar5ZZJcPRoVFZw5PqX0nHcJwcHKYykLGMPCJ0ACm5UOBGHZTjOzNJZLmalsMfLm4IBdeScgZ_8=
74.125.111.6200 OK 25 kB URL HTTP/1.1 rr1---sn-5goeenez.googlevideo.com/videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=video%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTiLhNNGIfboMtjBxlATHJYLEei2L6AZo8ieLH9OYbikCIQDiXz5jo179dtAs9y9NgDBF_jPvF6lctHpe9xKKM3ip7Q%3D%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668249684&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNFikK0zCBimuBD5VmMUSvicU9uwmzbkfoTCxxcO2Y9cCIQD-4MY6Q3fN7D8iZMcREOJAAOHDOVcVFol9ewtAE9pTgg%3D%3D&range=164057-188811&rn=6&rbuf=4325&pot=D91d1sysPfuE3WWThtk_KqV1O6IlpiZpOhISiSlEegOshEtIubVtUF7MhX7E-Ar5ZZJcPRoVFZw5PqX0nHcJwcHKYykLGMPCJ0ACm5UOBGHZTjOzNJZLmalsMfLm4IBdeScgZ_8=
IP 74.125.111.6:0
Hash 8cdb237f619903a5dd8d60030dc8d199
d6309feb226e85e38e2c9701d6fd3697e083931e
85038e1f79ac0ff797bd026cb7660eb1c7970060f880247c924fa03fade114c4
GET /videoplayback?expire=1668271434&ei=6nhvY-KwGNTA7QSM9YXgBw&ip=91.90.42.154&id=o-AMOXCSweRdWUyJS7cwQbsKzmWtlGNHqsuEnvzmsGQyEn&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmsLvwPWxm3YK2mflQFSA9TQyLE&vprv=1&mime=video%2Fwebm&ns=0ptWXPBmrqOO4EN8l8pzai4J&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=6lIp82kd_BuH9A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTiLhNNGIfboMtjBxlATHJYLEei2L6AZo8ieLH9OYbikCIQDiXz5jo179dtAs9y9NgDBF_jPvF6lctHpe9xKKM3ip7Q%3D%3D&alr=yes&cpn=674jqnmgfo_lYx_9&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668249684&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNFikK0zCBimuBD5VmMUSvicU9uwmzbkfoTCxxcO2Y9cCIQD-4MY6Q3fN7D8iZMcREOJAAOHDOVcVFol9ewtAE9pTgg%3D%3D&range=164057-188811&rn=6&rbuf=4325&pot=D91d1sysPfuE3WWThtk_KqV1O6IlpiZpOhISiSlEegOshEtIubVtUF7MhX7E-Ar5ZZJcPRoVFZw5PqX0nHcJwcHKYykLGMPCJ0ACm5UOBGHZTjOzNJZLmalsMfLm4IBdeScgZ_8= HTTP/1.1
Host: rr1---sn-5goeenez.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 20 Mar 2021 21:11:31 GMT
Content-Type: video/webm
Date: Sat, 12 Nov 2022 10:43:55 GMT
Expires: Sat, 12 Nov 2022 10:43:55 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 24755
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
r2---sn-aigl6nek.googlevideo.com/videogoodput?id=o-AEUx6Udw2HhfOznnP6UZP0BCsONzhbMl1YQ4KDa2unAD&source=goodput&range=0-4999&expire=1668253434&ip=91.90.42.154&ms=pm&mm=35&pl=24&nh=IgpwcjA1LmxocjI1KgkxMjcuMC4wLjE&sparams=id,source,range,expire,ip,ms,mm,pl,nh&signature=6AFCF327252513D8CF3EC35D36B684500789EE97.0EE2916FBF011F433D146343ABC4F6A7DC3D6944&key=cms1&cpn=674jqnmgfo_lYx_9
173.194.183.103200 OK 5.0 kB URL HTTP/1.1 r2---sn-aigl6nek.googlevideo.com/videogoodput?id=o-AEUx6Udw2HhfOznnP6UZP0BCsONzhbMl1YQ4KDa2unAD&source=goodput&range=0-4999&expire=1668253434&ip=91.90.42.154&ms=pm&mm=35&pl=24&nh=IgpwcjA1LmxocjI1KgkxMjcuMC4wLjE&sparams=id,source,range,expire,ip,ms,mm,pl,nh&signature=6AFCF327252513D8CF3EC35D36B684500789EE97.0EE2916FBF011F433D146343ABC4F6A7DC3D6944&key=cms1&cpn=674jqnmgfo_lYx_9
IP 173.194.183.103:0
Hash 6ff7588099c7c7a77727c48c07cdc9c7
ca8f8ca9c951a8d17a76e2fb9e676e4a0f90686f
4a33f4c002fcbcb9468a4de48718352950fb620f61d6683cc088b19961b7df59
GET /videogoodput?id=o-AEUx6Udw2HhfOznnP6UZP0BCsONzhbMl1YQ4KDa2unAD&source=goodput&range=0-4999&expire=1668253434&ip=91.90.42.154&ms=pm&mm=35&pl=24&nh=IgpwcjA1LmxocjI1KgkxMjcuMC4wLjE&sparams=id,source,range,expire,ip,ms,mm,pl,nh&signature=6AFCF327252513D8CF3EC35D36B684500789EE97.0EE2916FBF011F433D146343ABC4F6A7DC3D6944&key=cms1&cpn=674jqnmgfo_lYx_9 HTTP/1.1
Host: r2---sn-aigl6nek.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 12 Nov 2022 10:44:00 GMT
Date: Sat, 12 Nov 2022 10:44:00 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 5000
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1655bda0-593c-40c8-bd9d-5c094248551b.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1655bda0-593c-40c8-bd9d-5c094248551b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dea29172117b20fbba50877b6137a82c
4f059d139749207c70d8387abb5d8be54e97bca3
1a18bc2b4413225fb560a705ef5d228b6faa648f4908a51661be443d6d04001b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1655bda0-593c-40c8-bd9d-5c094248551b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6771
x-amzn-requestid: 15d0cccd-10d5-4a58-91ba-181cd48d02a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMipFOqIAMFzYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec143-45dc19d1418acd1261b050e5;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wAXmVLj9L-TESuUQLMk2wvi9GH_A_kesPJUDIXN-6GLywdRpeNsYJQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:13 GMT
age: 46728
etag: "4f059d139749207c70d8387abb5d8be54e97bca3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
emdlvr.com/44my
104.21.51.219200 OK 0 B IP 104.21.51.219:0
Analyzer Verdict Alert fortinet Phishing
GET /44my HTTP/1.1
Host: emdlvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 12 Nov 2022 10:43:52 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Executive 3.2.6 http://prettylink.com
set-cookie: prli_click_53=44my; expires=Mon, 12-Dec-2022 10:43:52 GMT; Max-Age=2592000; path=/
prli_visitor=636f78e82ac67; expires=Sun, 12-Nov-2023 10:43:52 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wqyd3cbc9EMIGkYGx60sNkACfrPz8r%2BrIkUO7NImREwcZsjNo8cByWNDLtz9izc0syctr5OZix286FFIef5%2FjGNpXyFb%2FQN3umZ8VN5sVv33%2BN78zjRvdx65yjd5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 768eab4a2afcb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.174:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sat, 12 Nov 2022 10:43:53 GMT
date: Sat, 12 Nov 2022 10:43:53 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=zHlgB9q0610; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Xsskkbyzn4E; Domain=.youtube.com; Expires=Thu, 11-May-2023 10:43:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+906; expires=Mon, 11-Nov-2024 10:43:53 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/css/poppins.css
172.67.214.203200 OK 0 B URL HTTP/2 get.vistaclear2020.com/includes/css/poppins.css
IP 172.67.214.203:0
GET /includes/css/poppins.css HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 10:43:52 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=348
cache-control: public, max-age=604800
etag: W/"15c-60412265-2b6cef;gz"
expires: Fri, 18 Nov 2022 20:43:05 GMT
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avM0TP5Yio7rsLDwAlRablKkVmQ8lEuSqInNOkTs6Jqn3jD9Jfauw0Z8543OqpgBJ1W3QFCAv3nLkje3H0chaF2TVRs3qxq%2BIgGRlSfvCZoJQW0kdjwxLLosffe0vqAnGkOXiYiVU6GG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 768eab4e7919b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.maxweb.com/conversion/iframe/?a=6605&token=6bbae26b12e89951101d4f1816aaa7b5
172.66.43.113200 OK 0 B URL HTTP/2 go.maxweb.com/conversion/iframe/?a=6605&token=6bbae26b12e89951101d4f1816aaa7b5
IP 172.66.43.113:0
GET /conversion/iframe/?a=6605&token=6bbae26b12e89951101d4f1816aaa7b5 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 10:43:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Sat, 12 Nov 2022 11:43:53 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 768eab51bc5c0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2