cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
200 OK 10 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (59158)
Hash c4af24ce595437830af0a401897698b2
06b7f92dd894a9edb0aeb9d040b489460ecff593
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
GET /ajax/libs/font-awesome/5.15.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: text/css; charset=utf-8
content-length: 10472
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5fff7431-e7d0"
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1453415
expires: Fri, 29 Nov 2024 01:31:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0FsCF3YydpEjUBh5Xmep4RFIg%2Bu75Djm2y0RBeXlggNzCJg5AvVN9%2BjKjKuSKS8cWyXhAQ4uhj26siI1GlCd1H%2Fxrj%2Fb9vy%2FAIE857k5F3xOjw%2FtbE4sy8Je7gKOFUiUjAOwDp2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8331baa61fd456a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
200 OK 5.8 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash e9365fe85b7e4db79a87015e52c3db6c
2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 107885
expires: Fri, 29 Nov 2024 01:31:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BKZwjWKtYdN1OojOuVQ3jrExnnCUm5fkqqV4EsWj279Cmk4%2BAxO%2FVeaTEpnN3JpKiubOMgjHtIIFH6Fan8dH5N0bMKAMmQKKUr1RYGE7JigIvcEaTRP0kZn5YcJbLr4JUHnjaZg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8331baa64feb56a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
200 OK 11 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash 79877fb82de8ca50845081e3c9a201c5
4f6ea69c0e03431ffa1a097a45453b5b3b246d8b
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
GET /npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
content-encoding: br
accept-ranges: bytes
date: Sun, 10 Dec 2023 01:31:34 GMT
age: 646518
x-served-by: cache-fra-eddf8230030-FRA, cache-bma1628-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10883
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/logo.png
404 Not Found 53 B URL GET HTTP/2 cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/logo.png
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type ASCII text, with no line terminators
Hash cb71d2b197dd6af21b39e0261fb1497c
9ab080da6e72161e565846ba4fe9a3279f8f9acf
a3abb1833e1a60b26006a99e3ca8c8aefff91c61003548a8f34fc6c92d62acd7
GET /gh/AlexHostX/mlbb@main/old/logo.png HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=600, s-maxage=600
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
etag: W/"30-mrCA2m5yFh5WWEa6T+mjJ5+Pms8"
content-encoding: br
accept-ranges: bytes
date: Sun, 10 Dec 2023 01:31:34 GMT
age: 571
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1628-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/facebook_white.png
200 OK 29 kB URL GET HTTP/2 cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/facebook_white.png
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced
- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /gh/gowebid/assets@main/go_login/facebook_white.png HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"7075-ic4uy2YKkLjm7RszVEPXdnxZ8oo"
accept-ranges: bytes
date: Sun, 10 Dec 2023 01:31:34 GMT
age: 20941
x-served-by: cache-fra-eddf8230025-FRA, cache-bma1628-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28789
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/vk.webp
200 OK 1.6 kB URL GET HTTP/2 cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/vk.webp
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type RIFF (little-endian) data, Web/P image
- data
Hash 8e2c62ec296ece5f6a69e2cfd1133310
a6ae37e62d2f201d0e783df0890df55bc11d52e0
ac250ff6fe61157727de9e17fedeb5c162452fc1aa031c4c1fe2f8eb3290ed98
GET /gh/gowebid/assets@main/go_login/vk.webp HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"63a-pq435i0vIB0OeD3wiQ31W8EdUuA"
accept-ranges: bytes
date: Sun, 10 Dec 2023 01:31:34 GMT
age: 23915
x-served-by: cache-fra-eddf8230049-FRA, cache-bma1628-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1594
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/google.svg
200 OK 959 B URL GET HTTP/2 cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/google.svg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type SVG Scalable Vector Graphics image
- , ASCII text, with very long lines (2026), with no line terminators
Hash 848700651ce9c04987e04f292c598cba
976fc1619e149ed6161d834d5e3c3be7b7957669
f0562ef3624d99ef205211177586097eb7ebd8f5b31711d335a74d368c75ec27
GET /gh/gowebid/assets@main/go_login/google.svg HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"7ea-l2/BYZ4UntYWHYNNXjw757eVdmk"
content-encoding: br
accept-ranges: bytes
date: Sun, 10 Dec 2023 01:31:34 GMT
age: 24648
x-served-by: cache-fra-eddf8230119-FRA, cache-bma1628-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 959
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
200 OK 28 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://subdi28.nag4.com.tr
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1279592
expires: Fri, 29 Nov 2024 01:31:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLBUnwTZGDtteiyNl6ayyS8ClzEONabKSI4NMq6yyX2Bg3hnlVouuvkA0EP8twk29%2FCV4%2FfQK9dsFujYP5KSwbNlzEGrB656cEoUAyRcdjxhVUar83RYp3RqZrZ4tgCJyL7nuzBF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8331baa6c81f56a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/mlbb.webp
200 OK 55 kB URL GET HTTP/2 cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/mlbb.webp
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type RIFF (little-endian) data, Web/P image
- data
Hash 903889e33eee9dc3c5e0931f33c0b814
621b1593bb4deb35f3858a25e2638ab5e22b5c16
78d66ff1ab1bd23f7fd6d9cdb93854881cb8f0b69e8a301faaf4f4eab058d19e
GET /gh/gowebid/assets@main/go_login/mlbb.webp HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"d682-YhsVk7tN6zXzhYol4mOKteIrXBY"
accept-ranges: bytes
date: Sun, 10 Dec 2023 01:31:34 GMT
age: 6587
x-served-by: cache-fra-eddf8230088-FRA, cache-bma1628-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54914
X-Firefox-Spdy: h2
filebagasarya.com/img/border/border5.gif
200 OK 57 kB URL GET HTTP/2 filebagasarya.com/img/border/border5.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectfilebagasarya.com
FingerprintF0:8B:F1:70:76:A3:14:5A:6C:27:24:64:49:E8:8F:71:89:4C:AF:BF
ValidityTue, 31 Oct 2023 12:31:08 GMT - Mon, 29 Jan 2024 12:31:07 GMT
File type GIF image data, version 89a, 250 x 336
- data
Hash a11d5e80b7883c717300fd362305a449
bbc08c8ceee464f9aa5fd417145a3c371dcb6876
71b56e5a447fb4b743f7fc5d5bfbc3e4540668c46f5bda6b9050f2d0c7952612
GET /img/border/border5.gif HTTP/1.1
Host: filebagasarya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: image/gif
content-length: 56575
cache-control: public, max-age=604800
expires: Mon, 11 Dec 2023 21:03:04 GMT
last-modified: Wed, 09 Nov 2022 12:29:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 448109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bn12szVVqa2%2FVQW3bkqV%2BZrYT1UjmaL1dtwv3yBmEoZCeYUAuE9wuSSXY2BLZM9GeM4kH4mxDDork95Cs1QaCr4ht2MIgySAT2T90iTtywes5IaWrKOQRyyYJkiJfnFQMUK6IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8331baa72d6eb50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
filebagasarya.com/img/border/BoxOn5.gif
200 OK 292 kB URL GET HTTP/2 filebagasarya.com/img/border/BoxOn5.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectfilebagasarya.com
FingerprintF0:8B:F1:70:76:A3:14:5A:6C:27:24:64:49:E8:8F:71:89:4C:AF:BF
ValidityTue, 31 Oct 2023 12:31:08 GMT - Mon, 29 Jan 2024 12:31:07 GMT
File type GIF image data, version 89a, 400 x 400
- data
Size 292 kB (292194 bytes)
Hash 7e401dd325f8aef37c381b18d7b0cf7b
4047da02c0bcd09ea8a0cc2c3b43877ef92a8d09
dafb31342c91066cef658261471ec0b8728e1018b91ea27beb6f82e8246c3a0b
GET /img/border/BoxOn5.gif HTTP/1.1
Host: filebagasarya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: image/gif
content-length: 292194
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 09:23:33 GMT
last-modified: Wed, 09 Nov 2022 12:13:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 58080
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2y95amYgt2qrm4joztRVoSzSfqESRR4Lt%2FISmKIIFpIUHeVP9Giwibhdm5u3tB3cVPKalgrpoGpOCfqTQoyIXO0vASFQdhFBINAYE1vCcn8WuSQ3w%2BZxQI8VjH9LirYjEpksQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8331baa72d6db50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css
404 Not Found 14 B URL GET HTTP/2 rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgithack.com
FingerprintE0:4C:6A:3D:28:60:EF:AD:74:3C:0F:96:F0:1E:27:17:61:4F:F6:1E
ValiditySat, 04 Nov 2023 09:58:56 GMT - Fri, 02 Feb 2024 09:58:55 GMT
File type ASCII text, with no line terminators
Hash 3be7b8b182ccd96e48989b4e57311193
78fb38f212fa49029aff24c669a39648d9b4e68b
d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sun, 10 Dec 2023 01:31:35 GMT
content-length: 14
x-content-type-options: nosniff
x-github-request-id: 5FA4:6EC6:15798CD:1686A2B:65751350
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1702171472.391257,VS0,VE150
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: de6349feb97162e962f77409cea70bb47c17c3bc
source-age: 0
cache-control: max-age=300, public
x-githack-cache-status: STALE
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORm9N929HRYQlxFw%2F8yynttnXNvkP6irprSdmHE73TYtfqbjvpOXWKLfx%2FARVCTdVTJ0jRpH%2F6qQBnTXoNzbJsZodaikT7vJjbxSTfi%2BsKDiMhUZzxWT00Z%2FFAsfCkVfbUR47io%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa78d614e1a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css
404 Not Found 14 B URL GET HTTP/2 rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgithack.com
FingerprintE0:4C:6A:3D:28:60:EF:AD:74:3C:0F:96:F0:1E:27:17:61:4F:F6:1E
ValiditySat, 04 Nov 2023 09:58:56 GMT - Fri, 02 Feb 2024 09:58:55 GMT
File type ASCII text, with no line terminators
Hash 3be7b8b182ccd96e48989b4e57311193
78fb38f212fa49029aff24c669a39648d9b4e68b
d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sun, 10 Dec 2023 01:31:35 GMT
content-length: 14
x-content-type-options: nosniff
x-github-request-id: 56A0:B614:FC713C:108FFEC:6575149A
via: 1.1 varnish
x-served-by: cache-hel1410022-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1702171803.893323,VS0,VE147
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 98494a9fcf8ecaa68512831583f1aca49fa10311
source-age: 0
cache-control: max-age=300, public
x-githack-cache-status: MISS
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDneLhprZJeU6Ewm1gvERpFifQEd5ly%2FqDX43hB9hM0iQZ6KUyiiyS%2FRbATjq84%2BABYX7wE2GL%2FkXIL2x62Ymtp4MFAz8ggSO3qZ3o5woZgaTwhcs1elTNEJgctnD4Ew3A1g6Ks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa78d634e1a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css
404 Not Found 14 B URL GET HTTP/2 rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgithack.com
FingerprintE0:4C:6A:3D:28:60:EF:AD:74:3C:0F:96:F0:1E:27:17:61:4F:F6:1E
ValiditySat, 04 Nov 2023 09:58:56 GMT - Fri, 02 Feb 2024 09:58:55 GMT
File type ASCII text, with no line terminators
Hash 3be7b8b182ccd96e48989b4e57311193
78fb38f212fa49029aff24c669a39648d9b4e68b
d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sun, 10 Dec 2023 01:31:35 GMT
content-length: 14
x-content-type-options: nosniff
x-github-request-id: 4DF0:B614:FC4341:108CE60:65751406
via: 1.1 varnish
x-served-by: cache-hel1410034-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1702171656.534277,VS0,VE154
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 01c08972dad0ba768204732e0154b2de6f08a80a
source-age: 0
cache-control: max-age=300, public
x-githack-cache-status: HIT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9gzWBMAko2ssiWKOtBGRnmhkeqDzp7m0iQDxcLCrZLVU4XmuEXIsbaBUAuX90zvS4x3hCbrFq6rU3R%2F5h09eXcai0xTs2brHwXRHVaDvXj6WrAPt7jA0bgK6nFZgHzwhNFpJ2M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa79d674e1a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/dm/2500.jpg
200 OK 81 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/dm/2500.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3
- data
Hash 8f66c7a0904e304b14cd3cbbd31eafb8
92d81b84c9554f8ac5c1a85f21ded1659e709287
8dff9b35c156d6e7f4cdbf0c3499d5a41dd673360cd3ebb92d34b44b0ee6d9ad
GET /2022/06/29/ML/dm/2500.jpg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 81165
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:57:12 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sfo7MoTvQXy3z9XAWxPxeC9NHx%2BLVu7btkcDic4gp38%2BLMbdhLaYbIgm7IHb5fn2Gx4kmV5rZdnrMpHuZ4imkulcBnQGT3UztIWwvu8zmtWwhjaD6jvkYOlwDGcqCM5i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa88e61d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.ibb.co/pJ8Pdw3/IMG-20230606-232904.jpg
200 OK 45 kB URL GET HTTP/2 i.ibb.co/pJ8Pdw3/IMG-20230606-232904.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectibb.co
FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C
ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 257x413, components 3
- data
Hash 0c48a92a9e96f2a35fa988faea33f131
a48c2a5ac556ab1cf0402681628a8df066da918f
84e433a5646f806c628ce45dfcedb02c5fcc167627316fa0054c930e8691f37c
GET /pJ8Pdw3/IMG-20230606-232904.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: image/jpeg
content-length: 44890
last-modified: Wed, 07 Jun 2023 04:53:06 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/bjtDz2L/IMG-20230606-232840.jpg
200 OK 48 kB URL GET HTTP/2 i.ibb.co/bjtDz2L/IMG-20230606-232840.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectibb.co
FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C
ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 258x413, components 3
- data
Hash 81564b35d0943c62c5d137bd527a45a2
c7bb510b6057a5cef1641290d9d565ad6d1c4b36
34320e0bab1291da5a336343d210202a340df9a46ef69577228e69e9bcc36d21
GET /bjtDz2L/IMG-20230606-232840.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: image/jpeg
content-length: 47522
last-modified: Wed, 07 Jun 2023 04:53:07 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/border/1.jpeg
200 OK 14 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/border/1.jpeg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 127x125, components 3
- data
Hash c3f23c759474b52b605376efbc3358ca
8aa3921a9d9996aa58400f7789c1b3a8d6bef993
bbfc84c4fbf2b869a000a32099492c9978c23d3a80695805c2c9fc8678b256d5
GET /2022/06/29/ML/border/1.jpeg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 13882
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:56:38 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HG%2BukUNZZ17P%2FMDh1vrDh2%2BjU6wBU1kVuAaOjHnLsCt6dMEcYtSLeWvePkGf1dgXmxJ%2Fah9FQtWyQt9gUpW1sdtN6FsBHsKKWT39c9rcJWYiqkaeI2EG%2Fn%2BySHaU1NkN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e92d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/border/3.jpeg
200 OK 12 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/border/3.jpeg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 124x127, components 3
- data
Hash 943b4a00399dc4e693e4931cf33bef96
df0216e09753f2d2ca2efe7e5baa4b600308d020
de0441e81786232488b2a73e9c56e78040cdd2f9adf82dcda25f4e9d166fd925
GET /2022/06/29/ML/border/3.jpeg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 12468
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:56:42 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPw4xoIP09tIFt2PIuPq876in6MFRhN2TEk%2BK47v%2BkxXYo5mS66reWfbTHOvbi95DyNceg2K%2Fyl7mR%2Bbig1joMG3LNQ%2Bmddwo%2B1MSEmI393BCkNSWdHqUGOiO7FKEi07"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e90d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/border/6.jpeg
200 OK 14 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/border/6.jpeg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 130x130, components 3
- data
Hash 8d8317eea9213928e3c0319cf237e8ab
34073433e542bfcae6c627a09796828e6b2758f0
5eee23e2ba4c13b2a0d20266aa99d61d20f41725365760f63821ceaf836914b2
GET /2022/06/29/ML/border/6.jpeg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 13578
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:56:48 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULDBAqPQovV%2FMbU2Z%2BxlYbeuV6Ejgu52F8cfv7Eh7CTyOVq%2BlUCb%2FsNv7xl3ziEId1NvlpyOhbICOuYZcpJ%2FPuLzHPN7iAZAul6PQsHj3rPirQqWVszJrWcVlNkhAd9d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e9ad97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/border/8.jpeg
200 OK 12 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/border/8.jpeg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 135x131, components 3
- data
Hash bb3a6821a831388426333e7ff7c21b93
9b3ed817773e8a3cc88e7a7493855b0a68525444
afb9170b3c58fb81966bcf994426ada17c689040546525719b51b527bf4bee06
GET /2022/06/29/ML/border/8.jpeg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 12391
cache-control: public, max-age=604800
expires: Sun, 10 Dec 2023 02:59:12 GMT
last-modified: Wed, 29 Jun 2022 01:56:52 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 599543
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYiBX%2BNo45d3Aa4TMydhpETZ%2B3Q8aexLBO2nl4dX%2F7GDvSC3NhSjI7RXoXTtRCd4Z5%2FNqf89tO48K66eupUswfgRD0zwNxv%2FwHcV4UhbdWxzS4GfkwXkkvX6tZrsNzVR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e96d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/border/5.jpeg
200 OK 13 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/border/5.jpeg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x135, components 3
- data
Hash 110de4b3386b174aa91799da526a5fa4
ca04da5930727af1dbcbe934b42dce6fe170fa72
567c71f609014824e4e9d15baccf60508b5a6fd9c32b89f4809b3f2d9dcd61f1
GET /2022/06/29/ML/border/5.jpeg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 12875
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:56:46 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9w9DZ9bDPM8vh%2F4mqRDYWzobMkxV2WXfikt%2BGQMvLvAxeKitcJ8Q%2FzallB4eYh3xnvideRpYtexU11s3mZ1Xmp%2FmeIf%2BzAXrMnaiOWKXE4zUA7M3WfznP4W5OoaW1YL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89eaad97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/border/4.jpeg
200 OK 12 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/border/4.jpeg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 137x131, components 3
- data
Hash ed0142f6c936e02fa902084dfb20d32f
a551891b9b27510ad06787329490b9614875519c
292e4dab178b1ff88f05e2cf3060f3ff3af4eb09d22d8b70e19b5c4cce119c6e
GET /2022/06/29/ML/border/4.jpeg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 11944
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:56:44 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adM3F3DSg1hT7GufDj7hN8NVdb309k9zDjxZ9lwAs3KmejNlz1BYZlmNB1nla33nvdqTF68qlgFG4qxLvMjSaOzF9egZxoNHrTDwWHsXAWrH4enAv3CW8MRQeO%2BxSceu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89eabd97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/border/7.jpeg
200 OK 10 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/border/7.jpeg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 123x125, components 3
- data
Hash a45314cdf40507ef02c3ee779d608aca
bece15ef6fcb3339a5c9d32545a49d883ced5299
fb91a9fbfacfb720ffe9403476f8f0320cb6387492413191ef944555579dbe31
GET /2022/06/29/ML/border/7.jpeg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 10538
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:56:50 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksBVj%2BOyYlbQxQvXhVa6aj7cxB0q6aL4B%2FavtA6L9W2gBidsNzdicRA%2FJskgZZ1GnKguJfotbObh7LVx4EmEjkfsyY5PooElWXl9RNkeEosD%2FMAM5Nq5c1t2yhto2iKU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e98d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/border/10.jpeg
200 OK 14 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/border/10.jpeg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 129x123, components 3
- data
Hash 5594fba93fa048c23b78ab94585d2c06
13ce3970dfd6ff588fc50fb18cf09f5016d9daf7
682d7221d4009f85742bf6e94480a7c7b552e26cec03f8bff41e5406d48dd39f
GET /2022/06/29/ML/border/10.jpeg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 13776
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:56:56 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcZ3m2ZzRmg8XRpVbIuzrbTwo2fjFizVtoJlZG4yLvwt8%2BzCwvoHjQPpaAL60mxBTSKwghrwiqnb9HzW%2FMwfj7UMyU%2Bqo%2FkfFBydIskJI0ennvNIdcqP9n%2BypRLABYwP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89eb0d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/border/9.jpeg
200 OK 12 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/border/9.jpeg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x125, components 3
- data
Hash 12b66031d66c51b1861e2e964def545d
78e00bc755458b2662979fab06e3aeebeb5abf1c
336abc805d5ecf4e7b22df535cf7ccbedb2e0f7e4a8a78d2d5f67a3fa0f9ce02
GET /2022/06/29/ML/border/9.jpeg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 11893
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:56:54 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1f%2FNg2Z52nSF8wpl7lFz8T3rs8evsMQqy%2FuQiJGuW1GxG%2BkOT4CrypLHfElJ6fvvgG84MJFwgUiE2fwAIvuVEHHAFgn63pdc3hs9uZMDQPnNZ9AFIDzOjoigw5W4tmrd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89eb1d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/border/2.jpeg
200 OK 12 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/border/2.jpeg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 137x130, components 3
- data
Hash 89dd611dc90e68c564dd9a332a461c40
6fa24fa9061cb2a6f0b5424854e4de35600ae2f5
1e714f2533ca0e0913503199304bc6ce466ec054705866c2ae340fe596ad4d05
GET /2022/06/29/ML/border/2.jpeg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 12408
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:56:40 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jstjufMiqxtLhHW6m0EPlHgCfD5j19My40aQDjzl7xHR22aVNQf0cmFwvrCMUBMWSWyu6yf6OahJHSYPxqe5P1DTKZwRZKIf65TsoVk6KwZfsDIbE71L0Bbz7K7BWRgO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e91d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/dm/1000.jpg
200 OK 64 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/dm/1000.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3
- data
Hash 2f3a912fb5a0576b7884466a499d546a
c5f08eeee75a0d0ebfd8f887f7b43939c7578df8
6e8a2198ba7e7e8c1e71c908445c2274bdbd48d414fbb0a7fc044df49c3ab0cd
GET /2022/06/29/ML/dm/1000.jpg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 63898
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:57:08 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdADtUbtXwsar2N7pYkpzuiKvAHzxXf5oueodOyhZSC8uqpKw07E97xY80CLV6cXEtvSbVNNMP%2FKvGieOBLWechxAsWb2z9x3agGh0Ta4D47yLvnFMzWMjQsucTbkoBV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e9fd97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.ibb.co/1T0H17d/Picsart-23-07-03-17-42-40-981.png
200 OK 229 kB URL GET HTTP/2 i.ibb.co/1T0H17d/Picsart-23-07-03-17-42-40-981.png
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectibb.co
FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C
ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT
File type PNG image data, 284 x 463, 8-bit/color RGBA, non-interlaced
- data
Size 229 kB (229044 bytes)
Hash faf47dfb7640095ac4ebfd450a193710
6dcc10d8332a664d48dd9e7177e1344bd0af9866
8ed8bae7a749e80ec35fc9298495825ed0253e8238849ac5d6df407095d666cd
GET /1T0H17d/Picsart-23-07-03-17-42-40-981.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: image/png
content-length: 229044
last-modified: Mon, 03 Jul 2023 10:54:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/dm/500.jpg
200 OK 64 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/dm/500.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3
- data
Hash a5ad315a073e74e09b2d4d8294f15a94
57f386aa235168725dedfab8763bfba9a9e77fe4
32cf399c29db81a1e0362fbd3a925ab217fee31de6a092c2396807a2ade9a6cb
GET /2022/06/29/ML/dm/500.jpg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 63592
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:57:06 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVtHq8mlUVc9UcKOSTzH2igw0Gzdjn0verPBKQS3rIoAMZUCK0qdT9ARyuZZ4CQ3FI9Se8267fYM7VYmRbhjQ0xKzSwKMFiT1x6IyTluAahvrHweZkfnufpcFl1yQcCa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89ea1d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/dm/1500.jpg
200 OK 70 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/dm/1500.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3
- data
Hash 71fdfc59ac4b79cd315f750e2f4d6dbd
12d5c30c5832d81d20f71575a480b696441b6ba8
a3f8bf6e347121460e5aabb4779bfb7f0f7e32166c414a1458e20ec6bc8761ac
GET /2022/06/29/ML/dm/1500.jpg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 69616
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:57:10 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OX%2BjByl9UJZFGaQfrLUOiaElX8mHzDpeLesKOANxb5dkHGTs1%2FLSYw%2BI02FMLNEU8Wmy0%2BA5mAvHcLnDfDOt%2B%2F9VvqMVh%2BKypEhL1kbjdeGfVTGOcgObVxazsi2pTzob"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e9dd97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.postimg.cc/X7kfYXd5/Xavierjjk.jpg
200 OK 94 kB URL GET HTTP/2 i.postimg.cc/X7kfYXd5/Xavierjjk.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, progressive, precision 8, 506x800, components 3
- data
Hash bebfb2bdc7b0ee0d937d6cf40a9f39c3
865fad0863e4bb3d56579c5c6cdc35329a4984e9
736f845a35a4ac7765f06e0e53eafd9fb0af93c9b8e57c81e69e216ae93c6efb
GET /X7kfYXd5/Xavierjjk.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 93792
last-modified: Sat, 18 Feb 2023 08:24:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/dm/5000.jpg
200 OK 82 kB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/dm/5000.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3
- data
Hash c890d2d8fabf64205bd762858235f7ab
de805d94df0985d9500905318002589a3c5c3706
e83fbcfc8112158d8a8afd66acebbbad99d942217ecad0c0975c2f4e4db7a216
GET /2022/06/29/ML/dm/5000.jpg HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 81805
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:57:14 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzTXODmo3HEmECGRtft4R9Bf3F5khS5un2J%2BC3Gs4divmMaI8%2B5VLpYySAh3vMPiswYeHuDcKEn5ywcfTScC8hbhARCI4o4bsZk5N5wS95pd3Ifcg2LOdiq8U6TdfSKp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa9bfcbd97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.postimg.cc/GtBgPbpx/logomlbb.jpg
200 OK 61 kB URL GET HTTP/2 i.postimg.cc/GtBgPbpx/logomlbb.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x512, components 3
- data
Hash 9f602c1275722021bfb42118bbf79eee
758416272e3c5823859b24d44e35d717489a93a9
b5500bc7fcd02d9b01c99538465d5b7d520d812f23d7b8439b3d5a7c5fb740f4
GET /GtBgPbpx/logomlbb.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 60757
last-modified: Fri, 21 Oct 2022 22:45:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/zBxc86C7/Kof-Dyroth.jpg
200 OK 45 kB URL GET HTTP/2 i.postimg.cc/zBxc86C7/Kof-Dyroth.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 436x704, components 3
- data
Hash e8c74535ecdfffaf06f1765cb807cb87
8988da66c4827ba7dd909d575ec16b54364a6665
e3582fea2ed252d5a4c9909c757eec32dcf05a701ab9ecb3cbc35f37515682c9
GET /zBxc86C7/Kof-Dyroth.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 44747
last-modified: Wed, 25 Jan 2023 09:24:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/3wH6BgrX/KofGuin.jpg
200 OK 50 kB URL GET HTTP/2 i.postimg.cc/3wH6BgrX/KofGuin.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 438x702, components 3
- data
Hash e54fd6b9e5a7fdea3c0dd8c51db73ead
5c1f9183a272c3603afa4205cbf0fc6bbae0bbc8
dd9ea515f398672c68a2bfec5c8150a58089902fc761e652b2bc46b2aa2bff09
GET /3wH6BgrX/KofGuin.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 49670
last-modified: Wed, 25 Jan 2023 09:24:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/KYRBfNV7/Juliann-Jjk.jpg
200 OK 97 kB URL GET HTTP/2 i.postimg.cc/KYRBfNV7/Juliann-Jjk.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, progressive, precision 8, 507x800, components 3
- data
Hash 5b2db935ca85a4bf03d3c657636f0dbe
5e1acb08c6e979d77dfa1245313cfd03082d1737
25e29dd364ac6d0f36230b39ab793fb739596f673640f22a7bb8ca35b56329b1
GET /KYRBfNV7/Juliann-Jjk.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 96763
last-modified: Sat, 18 Feb 2023 08:24:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/tTqc0px7/KofGs.jpg
200 OK 103 kB URL GET HTTP/2 i.postimg.cc/tTqc0px7/KofGs.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, progressive, precision 8, 506x800, components 3
- data
Size 103 kB (102784 bytes)
Hash 34e2a9b649b03d4e1de541ab68310619
2387285430509e836967bab6dbb9e8c324767755
2c661c7ee91af249cbd1bcce6d3f4bb42574030f46af39c09756aff7c3da1cca
GET /tTqc0px7/KofGs.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 102784
last-modified: Wed, 25 Jan 2023 09:24:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/R0QYbNqj/Kof-Aurora.jpg
200 OK 47 kB URL GET HTTP/2 i.postimg.cc/R0QYbNqj/Kof-Aurora.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 440x716, components 3
- data
Hash 48db21cfd4c983e467afc5b95e9d495f
1251a18a37cbeb91a218ef6669f4d81d24d30879
e92f1d8e83e67bc786af305dadcab0deffb49482e9aa692d845a01a04aacd925
GET /R0QYbNqj/Kof-Aurora.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 46740
last-modified: Wed, 25 Jan 2023 09:24:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/T2SdY89s/hayasura.jpg
200 OK 54 kB URL GET HTTP/2 i.postimg.cc/T2SdY89s/hayasura.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 260x467, components 3
- data
Hash 34d12f31f3c7228ceb27e21d329369ab
6516a7d0f90f6797c237e39859aca83f223515a4
caa8a866029dcd69c9a071d24774db7f19667a9fa468da768af1dece08b8899b
GET /T2SdY89s/hayasura.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 53917
last-modified: Tue, 29 Nov 2022 10:08:55 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/qvm22YmM/melisajjk.jpg
200 OK 106 kB URL GET HTTP/2 i.postimg.cc/qvm22YmM/melisajjk.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, progressive, precision 8, 501x800, components 3
- data
Size 106 kB (105847 bytes)
Hash 9181ee3e6a0d25b733e062dbb8f6fc45
0e56d08fb24926d1ac8155cb6a56c014d2d13736
333084ed15f981521cbaa68900b14a6fc0b4d4543dd179bb3ca66a1110828275
GET /qvm22YmM/melisajjk.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 105847
last-modified: Sat, 18 Feb 2023 08:24:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/3NWbR19T/KofChou.jpg
200 OK 105 kB URL GET HTTP/2 i.postimg.cc/3NWbR19T/KofChou.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, progressive, precision 8, 505x800, components 3
- data
Size 105 kB (104799 bytes)
Hash ca0811a06534d223a3a57f9493c1dd88
670f663f8ac42d410dcc85903aab5b04e10cba3c
70e81e9c0252ead26b1d0655f626848b90a48948b22eccd9956478f32b110e1c
GET /3NWbR19T/KofChou.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 104799
last-modified: Wed, 25 Jan 2023 09:24:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/QMw5y7G2/yinJjk.jpg
200 OK 128 kB URL GET HTTP/2 i.postimg.cc/QMw5y7G2/yinJjk.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, progressive, precision 8, 504x800, components 3
- data
Size 128 kB (128130 bytes)
Hash 3f6981c04f317b18dd3eb63ddeeb1f84
8e78e5ce78934f83c091ea046d3fa87d1d715836
7413334af58d3a56d2489ab49fa4f09e48bf70432d5bbdf10979ae63749bd819
GET /QMw5y7G2/yinJjk.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 128130
last-modified: Sat, 18 Feb 2023 08:24:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/7PpTvN9D/Bagasarya-Leo-Abbsy.jpg
200 OK 119 kB URL GET HTTP/2 i.postimg.cc/7PpTvN9D/Bagasarya-Leo-Abbsy.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 498x800, components 3
- data
Size 119 kB (119327 bytes)
Hash 9ecc4e3a8f5d710f944e37db4e128b85
7156a594ff018ec2d6846371e60c47253e176147
c0c214d03f233f2d5fcf7eb0c1e8ae66088c4a80844d7b9556492540fb2079bc
GET /7PpTvN9D/Bagasarya-Leo-Abbsy.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 119327
last-modified: Tue, 10 Jan 2023 00:40:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/j5XsWJpd/Bagasarya-Dyroth-Cl.jpg
200 OK 103 kB URL GET HTTP/2 i.postimg.cc/j5XsWJpd/Bagasarya-Dyroth-Cl.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 511x800, components 3
- data
Size 103 kB (103434 bytes)
Hash 0613eaf19e7a525c88401a24b4e0167c
604f4dad35a953a3190f1ce9b1e123f56f2311db
7f7a6ff1dd92de0e5b5dab2f581feb4a4233b75b8827a37f259203e3188a6e2e
GET /j5XsWJpd/Bagasarya-Dyroth-Cl.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/jpeg
content-length: 103434
last-modified: Sat, 07 Jan 2023 02:59:23 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/xqy1krt/Kimyy.gif
200 OK 1.3 MB URL GET HTTP/2 i.ibb.co/xqy1krt/Kimyy.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectibb.co
FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C
ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT
File type GIF image data, version 89a, 314 x 480
- data
Size 1.3 MB (1297708 bytes)
Hash e19be366bf2e8bf008f722a876dbe829
684fb0780b1fee4ab9d7439f92c33de5d78d3cb6
3046e763f8bd33cdcce5c970faf8cf2d44fd36edca393048fb75a7bf6754d574
GET /xqy1krt/Kimyy.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: image/gif
content-length: 1297708
last-modified: Sat, 16 Jul 2022 19:17:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/zbpCdRf/Ling1.gif
200 OK 1.4 MB URL GET HTTP/2 i.ibb.co/zbpCdRf/Ling1.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectibb.co
FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C
ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT
File type GIF image data, version 89a, 258 x 400
- data
Size 1.4 MB (1432328 bytes)
Hash b6918ae9cb1444a802e47a744d0c2968
7fe86c0a82a77664e84f2308c4798548098e3485
baf87c9c950823c2f6fcc20ed4c7d80bc481cc4c6afd3f948fe8165767697aa8
GET /zbpCdRf/Ling1.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: image/gif
content-length: 1432328
last-modified: Sat, 06 Aug 2022 06:27:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/Kx12yz6/Lawack.gif
200 OK 1.3 MB URL GET HTTP/2 i.ibb.co/Kx12yz6/Lawack.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectibb.co
FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C
ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT
File type GIF image data, version 89a, 244 x 396
- data
Size 1.3 MB (1312055 bytes)
Hash 0e3433a84395e8feca91378e450cc9ae
ac1f64a5f5325e00442a76fab87577ee39884f00
8708b5a9b195a6c881a7226bd5033c23e8fc733a517c70c372dc5bff4b128655
GET /Kx12yz6/Lawack.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 1312055
last-modified: Sat, 06 Aug 2022 06:34:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/Qd81BZcV/kaguraclouds.png
200 OK 858 kB URL GET HTTP/2 i.postimg.cc/Qd81BZcV/kaguraclouds.png
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type PNG image data, 491 x 800, 8-bit/color RGB, non-interlaced
- data
Size 858 kB (857923 bytes)
Hash 7a724a7eb9afbbaf043fc37831edf0e4
374710a6246b6b7a479f120095c4d0c4ab891a88
23a4c7212f36e9c04581fa7d0de4146d7c42b6244c3062d35afe4cf753bb5a6c
GET /Qd81BZcV/kaguraclouds.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/png
content-length: 857923
last-modified: Wed, 13 Sep 2023 10:20:55 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/QMBB58CN/fredinneobest.png
200 OK 982 kB URL GET HTTP/2 i.postimg.cc/QMBB58CN/fredinneobest.png
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type PNG image data, 504 x 800, 8-bit/color RGB, non-interlaced
- data
Size 982 kB (982044 bytes)
Hash 3b188bbb09695602569b579222cdf540
aac6fe1086746a08e2bb2f8fb4b1f16423a8059e
c32af5a3978033c6b9083a0a78d17314b762a18420f5ee21fcaf3a56a37fc070
GET /QMBB58CN/fredinneobest.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/png
content-length: 982044
last-modified: Wed, 13 Sep 2023 10:20:55 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/DzbZ0xp8/lylianeobeast.png
200 OK 992 kB URL GET HTTP/2 i.postimg.cc/DzbZ0xp8/lylianeobeast.png
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type PNG image data, 503 x 800, 8-bit/color RGB, non-interlaced
- data
Size 992 kB (992144 bytes)
Hash 6c97fe6f90d3c2e5bf0983e6ccda181c
82f3777573109f4d32156da024fc20a576c8ed65
9fad965544ebd07fcf9fa61bd9dc6c499f3cd7009b2ddace6d1f4ee433a93e16
GET /DzbZ0xp8/lylianeobeast.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/png
content-length: 992144
last-modified: Wed, 13 Sep 2023 10:20:55 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/ZWBtLcW/pamda.gif
200 OK 1.7 MB URL GET HTTP/2 i.ibb.co/ZWBtLcW/pamda.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectibb.co
FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C
ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT
File type GIF image data, version 89a, 248 x 406
- data
Size 1.7 MB (1692485 bytes)
Hash 902b78e16521e0cfaf73710b27b567b7
c9a306e9f12bfc8cc649c356f21eb689405d70ef
a1d0a85d58f6ffc848af4f45e32407fa7cc21e719acbf618be28f19a59b09cd3
GET /ZWBtLcW/pamda.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: image/gif
content-length: 1692485
last-modified: Sat, 06 Aug 2022 06:33:09 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
images2.imgbox.com/70/97/DX49oJPE_o.png
200 OK 842 kB URL GET HTTP/1.1 images2.imgbox.com/70/97/DX49oJPE_o.png
IP
ASN #30880 SpaceDump IT AB
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoGetSSL
Subject*.imgbox.com
FingerprintC6:95:D3:4F:93:91:25:67:D4:E7:4F:4F:27:C3:8A:CC:7E:6F:D4:92
ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
File type PNG image data, 586 x 959, 8-bit/color RGBA, non-interlaced
- data
Size 842 kB (841563 bytes)
Hash 9a509d8631c1c76f955ca8de185b99eb
a722efd8cfdd36576da5d6ebaab0346ae445fa29
ba1c8202455b24db07de9f85cea4c429c1a7dcd36d618e2dc9be74329c8d2bfb
GET /70/97/DX49oJPE_o.png HTTP/1.1
Host: images2.imgbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx/1.18.0
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/png
content-length: 841563
last-modified: Sun, 08 Oct 2023 11:05:33 GMT
etag: "cd75b-6073273cf7940"
expires: Sat, 24 Feb 2024 18:42:30 GMT
cache-control: max-age=10530546
x-cache: HIT
x-whom: srv1535
accept-ranges: bytes
images2.imgbox.com/b4/1b/pARc9JyN_o.png
200 OK 866 kB URL GET HTTP/1.1 images2.imgbox.com/b4/1b/pARc9JyN_o.png
IP
ASN #30880 SpaceDump IT AB
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoGetSSL
Subject*.imgbox.com
FingerprintC6:95:D3:4F:93:91:25:67:D4:E7:4F:4F:27:C3:8A:CC:7E:6F:D4:92
ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
File type PNG image data, 585 x 960, 8-bit/color RGBA, non-interlaced
- data
Size 866 kB (866265 bytes)
Hash 10b9535d33027a4b2b4f0495bf20f76a
8830e29126a51774ce01f650e50ee74a3821a435
12d1d8c4a335ac078083543f8d4f1db66c7ba32bdba9932b33a0b99dea1d71d0
GET /b4/1b/pARc9JyN_o.png HTTP/1.1
Host: images2.imgbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx/1.14.2
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/png
content-length: 866265
last-modified: Sun, 08 Oct 2023 11:05:26 GMT
etag: "d37d9-607327364a980"
expires: Sat, 24 Feb 2024 18:42:30 GMT
cache-control: max-age=10530546
x-cache: HIT
x-whom: srv1535
accept-ranges: bytes
file.gifan.id/2022/06/29/ML/skin/Lance-Hero.gif
200 OK 2.0 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Lance-Hero.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 156 x 264
- data
Size 2.0 MB (1997580 bytes)
Hash 7daa7d572c5eb0a18197db0c38381a6d
58b4cfd05eac1d5ba8267c0a9aabb16e6de80a46
1e6aa13905b48a0a77832b43758703d1ba81817d3ab47f3acba64615de214de4
GET /2022/06/29/ML/skin/Lance-Hero.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 1997580
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:55:18 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAl9VN9aYnTkUU3sTK6F%2BwdBenOLUSv2oes9sOnaF1qJSfJFy7hkMBOL1LCvQma%2BKJto8Ps3bAWkNrKQ6LeL52dVyskdQzDfLcYgNz8XGRn4Jtj%2B8PsDH7TeuFClGh81"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e8ed97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Valir-Heli.gif
200 OK 2.2 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Valir-Heli.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 168 x 274
- data
Size 2.2 MB (2171199 bytes)
Hash 06d19a497eef7ea3c7b43e60de1adff0
8b5ee547993f60efad0da26c95c69435fe407248
a67bf92f5baf3adb08135edc15b88fef237168111f107b32a783d9eea8f76883
GET /2022/06/29/ML/skin/Valir-Heli.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 2171199
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:55:38 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHHOuT0V2c8P1iOesUGJY%2FDs60%2BKklWEl%2Fa0ZjN6eDMEm%2Fd9B0IxS1llUnN0GV%2B8V4ohGfOUMKJI2JnktkZiIxb3jyBSv%2BKmffCPR%2BHKTRrjdRHJD5WpZzzJAu%2FTYE6N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89ea2d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Valehero.gif
200 OK 2.3 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Valehero.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 168 x 272
- data
Size 2.3 MB (2283696 bytes)
Hash 0500d81075ce591a2241a402ec41c774
00344ebf189dbbf52bc7c236fc0fb3d7c14a6853
3a7789f155963c8ce64d9787af622580498a14258bfd4d7eae31a6872cb3bee9
GET /2022/06/29/ML/skin/Valehero.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 2283696
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:55:36 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihDPabC6Dq9pfrrLLJG%2BTHOi70GSIeNRfAIRcsEAHoL21r6kK6Nc93kZRjirVflzSbIurWmmcq7J5OyI1ybgidiJDp5F3ACejpn38z0qdZ7C7oJy0BoQWfWF4%2Fd7GOnG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89ea3d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.postimg.cc/wjY9Lhnc/brunoneymar.png
200 OK 1.9 MB URL GET HTTP/2 i.postimg.cc/wjY9Lhnc/brunoneymar.png
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type PNG image data, 246 x 409, 8-bit/color RGBA, non-interlaced
- data
Size 1.9 MB (1893632 bytes)
Hash b0c20ae0035d0934a4ef552b83255ead
4ceeac411aaa2144eaff5cecd11b985980ead0a2
e297e53f20d7c78a6e59841a2fa5559dd758563a693d21984de9efcbc2325472
GET /wjY9Lhnc/brunoneymar.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/png
content-length: 1893632
last-modified: Tue, 29 Nov 2022 10:08:55 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/jSPK54M6/bagasarya-Gs11.gif
200 OK 2.0 MB URL GET HTTP/2 i.postimg.cc/jSPK54M6/bagasarya-Gs11.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 244 x 408
- data
Size 2.0 MB (2046046 bytes)
Hash 283a81f933c0738025d452d14d1627a3
59fc7c635231fb8d82015811789977ecc9c6724e
9152b097e93f3d12b8771d91fe64cb5a1ae7bf88b650640222ef89e3ce07f7ec
GET /jSPK54M6/bagasarya-Gs11.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 2046046
last-modified: Wed, 09 Nov 2022 08:45:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/sX2tpY4N/bagasarya-ceci-CC.gif
200 OK 1.7 MB URL GET HTTP/2 i.postimg.cc/sX2tpY4N/bagasarya-ceci-CC.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 246 x 402
- data
Size 1.7 MB (1659411 bytes)
Hash a14aeef074b70e21bf410ce4bf9cdd36
cae01ef781051252e59b3ff01c7525efdc82be58
faae6435b7477b196f3a7f58b1f9e050903518efe735bd5927eda7b326fc7c47
GET /sX2tpY4N/bagasarya-ceci-CC.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 1659411
last-modified: Wed, 09 Nov 2022 08:45:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/440HWWbV/bagasarya-kagura.gif
200 OK 2.2 MB URL GET HTTP/2 i.postimg.cc/440HWWbV/bagasarya-kagura.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 248 x 408
- data
Size 2.2 MB (2213856 bytes)
Hash 8b0bc792f38c2a91e333de6d83269d9f
ad8e738db3ac6bc3e446d89c6ac6478f1f866a0c
332bfa59b460b26f0dcaac2ca3ade0b6a145854f193cc301e48651ee7e53e935
GET /440HWWbV/bagasarya-kagura.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 2213856
last-modified: Fri, 07 Oct 2022 20:07:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/brZDzn8Z/bagasarya-yuzong.gif
200 OK 2.2 MB URL GET HTTP/2 i.postimg.cc/brZDzn8Z/bagasarya-yuzong.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 244 x 400
- data
Size 2.2 MB (2202236 bytes)
Hash ce91e535415c785d4097a42d36c7b5f7
3e39b1c594694d9063d01c21ef93c758d2e00445
6dcc82be0efd15b9892c27552c9d5eea46c5e221f7801a06bec0757a6e359521
GET /brZDzn8Z/bagasarya-yuzong.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 2202236
last-modified: Fri, 07 Oct 2022 20:07:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/kK0Jct8/1000.gif
200 OK 2.5 MB URL GET HTTP/2 i.ibb.co/kK0Jct8/1000.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectibb.co
FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C
ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT
File type GIF image data, version 89a, 306 x 464
- data
Size 2.5 MB (2491725 bytes)
Hash 29e8b24f23dac9f5c783618d77b9a723
185438a861b287c04ba40d0b7bd6950faa53a031
402b488e356387d49c7dd25e691c91b5a9d89b2c327e32d239c2d2a565449f92
GET /kK0Jct8/1000.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: image/gif
content-length: 2491725
last-modified: Sat, 16 Jul 2022 05:00:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/j6Hz5L5/ezgif-2-c70f622cb5.gif
200 OK 2.8 MB URL GET HTTP/2 i.ibb.co/j6Hz5L5/ezgif-2-c70f622cb5.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectibb.co
FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C
ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT
File type GIF image data, version 89a, 296 x 472
- data
Size 2.8 MB (2754633 bytes)
Hash a0d69973fa012a2ff6b0150f70e4d2bf
4d0ded05e7fe2917a12efbf202d100b08c80ba64
6b5467dcc32bc30067c30add7063243a0908884d561081af36bd6a5ef83592bb
GET /j6Hz5L5/ezgif-2-c70f622cb5.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: image/gif
content-length: 2754633
last-modified: Wed, 03 Aug 2022 14:23:26 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Bruno-Hero.gif
200 OK 2.6 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Bruno-Hero.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 168 x 274
- data
Size 2.6 MB (2619008 bytes)
Hash 40fea27cb9481ed87e5b02c47f4ec1c9
6afa46d4227b330b5cb536fb9fa482e14d3056b6
458bd1e7919460b5e5b98300e8a060092e360683177a74d350a7ca019e32ae03
GET /2022/06/29/ML/skin/Bruno-Hero.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 2619008
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:51:16 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wTFVEqLh2Y4PdusOxmmUY94hU6%2BYCUDhd7cldM7plRTJY%2Bm2tD%2FH95xmAgjyhLQB9XOx5a6JbJrTt%2FJZU4q%2B0dqR9xWep%2FRUc2WIqbVtqc7yCfVMYZKFN4wZ0HOcqJH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e8ad97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/EsmeHero.gif
200 OK 2.7 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/EsmeHero.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 166 x 274
- data
Size 2.7 MB (2720064 bytes)
Hash a6d7184a2c284975281122ef7909c95a
b6e229858e5976dc8a6da19c66ecec80fac05af6
7d54a52f29f2eedf9d1557405f8f2331b22fa05e0982349f1cf93d9539613cd3
GET /2022/06/29/ML/skin/EsmeHero.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 2720064
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:51:10 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCNZ%2Ftbtrcy8AcFOMA3I0UOWzqoMrus5clcdFjmuMmBwXMKpkeLES2Q2ycXa5Twwwn6QBZ9mdZ8EbDTrNsu22fuAE5PoAFY7fTqXh4JLaiE1rshgcLEyw%2BXLiteAUjaj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89ea8d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Balmond-Cl.gif
200 OK 3.0 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Balmond-Cl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 193 x 320
- data
Size 3.0 MB (3015376 bytes)
Hash 0d8aff50e3645572903e3df3f6b6e665
f4129a3000c012af19aff09dfafe78e5c79c861d
0a6864b6821594e7d8437f94fd301c7511cedbf819529370c28d17753bbad1d9
GET /2022/06/29/ML/skin/Balmond-Cl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 3015376
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:51:00 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAfUp6dLkNd292Cjk%2BIg1zrG3xW3k4ENbH11hy%2FUwpHT%2B9ZUMq3koc%2FxRdwRrel3DyE6bq5N77g8cgO%2F4awwf4BiAg7f5mZxhUo37znxhhKRNH4XCvHglt3YzGya2T9x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89ea9d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/YssCl.gif
200 OK 2.5 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/YssCl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 162 x 266
- data
Size 2.5 MB (2514913 bytes)
Hash 8087cea3cb95aff725f300a74ad7b048
1fc8e227ed1375dc72234c519d6ebe11172293fa
d9389c94b82c44017fe83f43f19b37e1a17977a600b381549e7966e430367094
GET /2022/06/29/ML/skin/YssCl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 2514913
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:55:28 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Th9SW1124KdcIlwloDf%2FJHN%2BexIxm6HWgvxfzZVyGebrpRiV50XxU%2B1gv%2BSJ%2Blu%2BlCa1W2h0iFGcPE17REbZiyk%2BhEineApQoyshgVfqI3IgIvGpeJrEJgGTfPnf83gY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa9afc6d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg
404 Not Found 53 B URL GET HTTP/3 cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type ASCII text, with no line terminators
Hash cb71d2b197dd6af21b39e0261fb1497c
9ab080da6e72161e565846ba4fe9a3279f8f9acf
a3abb1833e1a60b26006a99e3ca8c8aefff91c61003548a8f34fc6c92d62acd7
GET /gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
content-length: 53
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=600, s-maxage=600
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
etag: W/"30-mrCA2m5yFh5WWEa6T+mjJ5+Pms8"
content-encoding: br
accept-ranges: bytes
date: Sun, 10 Dec 2023 01:31:41 GMT
age: 363
x-served-by: cache-fra-eddf8230046-FRA, cache-bma1622-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
i.postimg.cc/bN33BG7N/bagasarya-BG.jpg
200 OK 7.7 kB URL GET HTTP/2 i.postimg.cc/bN33BG7N/bagasarya-BG.jpg
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x240, components 3
- data
Hash 4b33a2d2bbdb8e8fbfb4db51e7999c13
e55f03e22839ffc1641d141eb242102e07d5e644
6a0530efd80ed5297f9393818c10151658b2f4c43dc829954856787f5564bc34
GET /bN33BG7N/bagasarya-BG.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:41 GMT
content-type: image/jpeg
content-length: 7672
last-modified: Fri, 21 Oct 2022 22:20:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Alphabsy.gif
200 OK 3.7 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Alphabsy.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 195 x 320
- data
Size 3.7 MB (3683660 bytes)
Hash 315d439f4dbed7d628b012e840260d4a
8629154861f3c4ff6e9e3c194506ecd18abd2a13
b205cfcfac527d4ce50bed482b3dc38e18e3d9f44a24fcd271ae3bcfec725ece
GET /2022/06/29/ML/skin/Alphabsy.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 3683660
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:50:50 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNN15M8pHPpBZBugYXuOKN30gqNCZaVG22Xk%2FQJzP1XIUUNgyPRJTnZ%2BHqoem9B%2Bi%2BXqL8VP1gMcL8btO4Di6dse1Vt3cKdC1T0fsgrzlu8Nia%2BQdFfYUqaHyFYW%2FeOP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e95d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/LingCl.gif
200 OK 3.5 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/LingCl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 201 x 320
- data
Size 3.5 MB (3537877 bytes)
Hash 0b925ec632728797e842c89d1a1910fd
b0694a5817e94607433f8cff1b4db6c38d2f7d05
31b0a899c2b5ddad15599fc1768613dfa059e9637cee8d49ea82b40038ad1951
GET /2022/06/29/ML/skin/LingCl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 3537877
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:55:22 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjnuLv4v22pVdkdfXCJF4Dj6IMxkLzJzk2G0cJFksJ4E8oanHowJjr1A45HG8Kum3UWttJLea97x02v9qcaof5pfSF%2FuUH54oa21GH6PdRFytu60RwtihDdfK6HBD%2FDd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e8cd97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/BadangCl.gif
200 OK 3.9 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/BadangCl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 198 x 320
- data
Size 3.9 MB (3883913 bytes)
Hash e3f9d0a9db046388d1261f575eda15c7
3437ef99433f5cf310acb99ed6402ef7490616b6
e60b7dfcc7021246f7ad0b0f536305c586f372a9a6e2e532a5bbcc546e5e54d5
GET /2022/06/29/ML/skin/BadangCl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 3883913
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:50:56 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVh3TqsRkf963O5yTL14lpRkF5Jk7PCxh5hDA%2Bw7Be5EkXsqzrpu0fByMGn7bjbhZwLcHIwcfvo2yJ4mbZUwNAAWd9LV66%2FXlItzkYaSxXyw2os1bVhlvEy03DPmd3it"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa9bfcad97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/AldousCl.gif
200 OK 3.5 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/AldousCl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 196 x 320
- data
Size 3.5 MB (3498248 bytes)
Hash 566ab198df3bd9fd95fe9c5e6415df0e
4b2627739c47ec8d61b3a82c4967794baeab60a8
6344f5dc259c2412240089b85394e891734aa5332676b958e7c52b24d1d2ee88
GET /2022/06/29/ML/skin/AldousCl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 3498248
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:50:40 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXTYIAcIoEwn7iJyqZzZrtq5JKV15VupKtsVM3RYKaWFhwMmY5hgTtNKDn6KmZMHT3%2B3kxl4vRYBUNqcMz4ood407Uvn8TQGihmwRK4qy9gl83wBIfY5KN0bxvPdfvIl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa9bfc8d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Grangerclll.gif
200 OK 4.2 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Grangerclll.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 197 x 320
- data
Size 4.2 MB (4175605 bytes)
Hash 5e05c807d953b9598c8ea3c3ae352077
4e616a7390c9541da600c9f26e1cb9b7482bddcc
4a5bf258a8913f63d5ee57061d263f419a9034a7dbaa644ec788fdf4b5477855
GET /2022/06/29/ML/skin/Grangerclll.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 4175605
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:51:06 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQiir4d14mPM23%2B1g2QogV1iVBhD11SUiskRvsjBdRkfDhgGQzl6nrvzcQHYkALL4g1ipQBu5arHUXJwHBQMi1btbFoxVnQUwVj6ZFdmJaM28aGAB7nhgAvNyymhOPy1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa88e66d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/ChouHero.gif
200 OK 4.4 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/ChouHero.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 200 x 320
- data
Size 4.4 MB (4411705 bytes)
Hash 7f9a767a7b8dde0b54a05b06283055ed
cef2bd430c9ebea67472e0f398ac38b0161c1aab
77c0c5b2327b6d68804cf045738cd868b377c7c8e25e3285d31f19a30ac33eb3
GET /2022/06/29/ML/skin/ChouHero.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 4411705
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:51:12 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAEMJ4bGGzfOYZStdCUDf2M%2BoEjO6azliD%2FkXjWnEkjydQ9PoHvbnQ5VHuOC8TvWykEQFVRE8PcZuUY%2BAQRP6Ucx3c1xV4%2BDB4yOU7gpwrxGywvDF9ZLAoMiNqjoCRsC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89ea6d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/s/player/dee96cfa/www-player.css
200 OK 48 kB URL GET HTTP/3 www.youtube.com/s/player/dee96cfa/www-player.css
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 845ee0ded13b742ad523443fddc5545f
577a5583a2cc9f7fbf229dbfffbecbe5439245f3
c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f
GET /s/player/dee96cfa/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 08 Dec 2023 11:47:54 GMT
expires: Sat, 07 Dec 2024 11:47:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 135828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js
200 OK 99 kB URL GET HTTP/3 www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type ASCII text, with very long lines (682)
Hash 1ec56351518b48128e4142b179f11741
3825a262c5751358078c8150ad125abed66a6d10
749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089
GET /s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98658
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:56:02 GMT
expires: Fri, 06 Dec 2024 15:56:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 207340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js
200 OK 785 kB URL GET HTTP/3 www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type ASCII text, with very long lines (555)
Size 785 kB (785445 bytes)
Hash 9459127d7e5023c6be7247a7ad4c0dfa
a1dff52b1aaaf8e7796b9d656a3cb6547ab0d3c0
3ff5693fee0b60651698141bd74761199a493fb834c1ceba6ceeb21d510de528
GET /s/player/dee96cfa/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 785445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:04:15 GMT
expires: Fri, 06 Dec 2024 16:04:15 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 206847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT
File type Web Open Font Format (Version 2), TrueType, length 14964, version 1.0
- data
Hash d6d554615ae9902f2173476e77d079fa
b5064acc8ba1c63153bfab733b915092e2b62cb6
4a0ce7a531a41b6fb56b8027541951ffe1ad67ab9e49a12ee4816247178d5bca
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://subdi28.nag4.com.tr
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:41:41 GMT
expires: Fri, 06 Dec 2024 15:41:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:55:07 GMT
content-type: font/woff2
age: 208202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:54:46 GMT
expires: Fri, 06 Dec 2024 15:54:46 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 207417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:43:10 GMT
expires: Fri, 06 Dec 2024 15:43:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 208113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.postimg.cc/RhMrKC0Y/Bagas-Arya-Starlesley.gif
200 OK 5.5 MB URL GET HTTP/2 i.postimg.cc/RhMrKC0Y/Bagas-Arya-Starlesley.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 300 x 469
- data
Size 5.5 MB (5545521 bytes)
Hash 170cbf81d5031f51cc20eda52a351596
f2e66ff0ec2a16b782e089186a58f5180761df1a
bb08ec9f0e752390227d12f58e0631ebe9184f7bd5f9a78ea10d523b62ebf328
GET /RhMrKC0Y/Bagas-Arya-Starlesley.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 5545521
last-modified: Thu, 24 Nov 2022 13:50:52 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/pLRgsCqj/bagasarya-mechamaiden.gif
200 OK 7.6 MB URL GET HTTP/2 i.postimg.cc/pLRgsCqj/bagasarya-mechamaiden.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 480 x 751
- data
Size 7.6 MB (7643794 bytes)
Hash d545ee649e84f244678ab109bd86283c
cde46701f966dc0876543d37f1a5405246596384
9e74618a5d14eeedf33da811c1c8b39e8d604c4254c9d03054a1b580d4c572b2
GET /pLRgsCqj/bagasarya-mechamaiden.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 7643794
last-modified: Tue, 06 Dec 2022 10:12:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/GusionCl.gif
200 OK 8.9 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/GusionCl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 320 x 526
- data
Size 8.9 MB (8876760 bytes)
Hash 1ee9e524fbb79835b4702006711a24d3
41f87d28a50cb18ea51877366b3c68060f09cb6a
20949ebdb1be81acdd01375332588a4810cf0b1721011753694e05a191243148
GET /2022/06/29/ML/skin/GusionCl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 8876760
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:51:14 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4vEmjZ4Kt5poNQxKX4OSpj9kpXyquHnj3i6Hnfd2KOvMWXPaPCMeZy%2BVslYInWp2C%2Bv5y5jTPQGGIgzhsIspEMUq83qMXRVyXIRT92AKod12UwBLSoLC9JGio5Eox48"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa88e69d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Yusungcl.gif
200 OK 8.7 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Yusungcl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 298 x 480
- data
Size 8.7 MB (8743123 bytes)
Hash f3deeae9fa6b3b05e1a9803a9711f8ee
b842f3755d75aa9081db19ae35857f54209cd776
8e18e5106f26cdf8389aa72ce450e8b1d6eaaf0ec7a998cd9d9d7686170b64a5
GET /2022/06/29/ML/skin/Yusungcl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 8743123
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:54:22 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5%2F8qDpktwaOb76f%2FtL7HW23fDaJ86LubGdnAM47USRHC7A8Jk3DRGc7ymNOpl6SOZTNvgKRMdMvfSyW8Y%2Bx1QgyCJAbEZY%2F3vc3n%2BXNdkl5DlRwgbd2igykjkMtYXhO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89eaed97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Harleycll.gif
200 OK 9.3 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Harleycll.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 193 x 320
- data
Size 9.3 MB (9330096 bytes)
Hash d283098eb8bc4fb3b9084e0443c51cab
2093a4ff9a7473c01c6de8611bcc37c02cfe6599
38c50036b97b7d98be7575b51705d156df0a1892ecb5a52975537c9fd738e51c
GET /2022/06/29/ML/skin/Harleycll.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 9330096
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:51:24 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYLBNFfmvapjnMtLSNWKRPuJKKLxHdGlA8yTQMUyg0idH4WnnM3Uf7JqWrEEMIUBxEJaZCnjf8vRSx7fhAhwlnR3GTCeUUAzbKONuu9p1d4ASm6IcKiDmnvuQbw%2FIsp4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89eadd97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.postimg.cc/d00gY1Mt/Bagasarya-Ruby-Aspirant.gif
200 OK 8.9 MB URL GET HTTP/2 i.postimg.cc/d00gY1Mt/Bagasarya-Ruby-Aspirant.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 480 x 768
- data
Size 8.9 MB (8868673 bytes)
Hash 76eeb1ca969c5960814b5a2e0db1873d
05f11656730cc8f4244a679d3946a5e3eb382a8e
59108ff21e77ed2b6eb2f05c13c5ea65064b7a3b14d5a2496b236e6018f0193a
GET /d00gY1Mt/Bagasarya-Ruby-Aspirant.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 8868673
last-modified: Tue, 06 Dec 2022 10:12:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/Bv8bBzWx/Bagasarya-Valir-SS.gif
200 OK 10 MB URL GET HTTP/2 i.postimg.cc/Bv8bBzWx/Bagasarya-Valir-SS.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 544 x 800
- data
Size 10 MB (10036161 bytes)
Hash a56fb3730c817738b7098c5b5b698eca
f95fcc7fda339d11df9ff43971924cc77f43f475
b6e46f94043c4faa59f875c36dd153c0e2e3f7d2d7cd9b96324016c8e8297fb1
GET /Bv8bBzWx/Bagasarya-Valir-SS.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 10036161
last-modified: Wed, 26 Oct 2022 12:36:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/QMWNTW5m/Bagasarya-Badang-SS.gif
200 OK 10 MB URL GET HTTP/2 i.postimg.cc/QMWNTW5m/Bagasarya-Badang-SS.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 554 x 800
- data
Size 10 MB (10409413 bytes)
Hash 17eea9829f7be7b49e9d3c831153bfa3
23a7aff3ffd600be4df17c6765fbd2119bfd43c1
805b8cb95039cd648f6b0e82451433187b22567938353344b86f3a56dc01ab28
GET /QMWNTW5m/Bagasarya-Badang-SS.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 10409413
last-modified: Wed, 26 Oct 2022 12:36:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/wanwanCl.gif
200 OK 11 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/wanwanCl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 400 x 657
- data
Size 11 MB (11291191 bytes)
Hash 05396d9a66df9eaa80922a77d5e3104d
d136df836209dc2e8795267bc12aec30d1aff69e
016e25318dd096627742e00b1a9147022c13c4a2449c941955f2e3414414cdb2
GET /2022/06/29/ML/skin/wanwanCl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 11291191
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:55:36 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr2ckwnnuo24M8p0n2Nm0ymtIJDXr6%2FaMCLl5sthpP%2Fbe7nnYi9AHVWoy%2BLpu3H0Eoje0BCfMgYub06vEMbxAbFF9kvH1L%2BOpgdKehH8X9FUW0WwrLUq8p31pG2zvYMP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa88e6ed97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Lessley-CL.gif
200 OK 12 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Lessley-CL.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 488 x 800
- data
Size 12 MB (11530257 bytes)
Hash 6a91acf53b5cdb3e8417d02a8afe5009
4e12039a50f718a70a438b101decb68d1f54b2ca
6abad3b66ebb898ac6760bc54402ecef1ba6be43372e5a1e8398db7d64083802
GET /2022/06/29/ML/skin/Lessley-CL.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 11530257
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:50:44 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWGLJ%2Bwem2ImZFIJEF6yAiDcF6xGqe0%2FAbQZ2ZxSwYsichy59qXno0UHX6fnIN22sda9b2MCYbBMZsQKdNzwKfL%2B%2BNtpfTs4QX%2FUGcjDqLrC98IqhYiocwGsKxFbsb1j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa88e6ad97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Phasracl.gif
200 OK 12 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Phasracl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 320 x 524
- data
Size 12 MB (11995193 bytes)
Hash 86e524e5f98874187edd07aacf839682
b010310d6af660ffca69ab393b5809b59094ebce
c776daf89b4f10f72d87f14c0b54fb21703a43031685f058795b557e17512463
GET /2022/06/29/ML/skin/Phasracl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 11995193
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:55:26 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BPu056n89jlScI0HhkV1piU9Th%2FiuPkV46JaaMW2hKOxx6mcHM53ecvKfElawd2l1hRp9Z5Rnm%2F1Sm1ujHPYUrgH7F4Bc%2Fwh%2FKdaAOmndAv%2BkqJ8z8GOvfE8%2FBi9jwZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa9bfc9d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Silvana-Cl.gif
200 OK 12 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Silvana-Cl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 490 x 800
- data
Size 12 MB (12054027 bytes)
Hash 28ce737056a7fd8cc1420b745af04519
d2441b9a627df165f9a188601f9ec5d8b95ef9ef
ea4b7f1bbf96c9da8b1631759d7a40d4a7909ce05614610eb74a193a75189fac
GET /2022/06/29/ML/skin/Silvana-Cl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 12054027
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:50:28 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGj7n%2BzfIcO1Y7hN%2BCsxcm5Hwoj%2BwPAYZvC7HW0%2BHR2phcyiu8osXlCCP8fO%2FC9LIS%2FHATz%2FHp%2BtvnFCshv7h%2FGfwHLWXc84U8QQazjlLiITCC1d%2FniGcz6qcdx7lhYL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa88e70d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/EsmeCC.gif
200 OK 13 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/EsmeCC.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 494 x 800
- data
Size 13 MB (12807965 bytes)
Hash 6d111adc51013b58d4b1025640971bf2
6385cea180309a80dcac8ef6195a19dc27da7453
7a02443d89cd470bb24908002521ab21e6b89ebe219685d16cbf470131e168da
GET /2022/06/29/ML/skin/EsmeCC.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 12807965
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:50:00 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoTzZG74Z6uek99XFDz9JIB%2BRg7Efs2VG7T2%2Foga5g2zPj%2F9Sahkx3l2JYYUVGlfuz2Ejm%2BFbUNHU4CtlBXe85BYll7UfxJGV9EsVEuaOObYK%2BvSMxULXaKEZ3Ya5RyT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e9cd97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/embed.js
200 OK 17 kB URL GET HTTP/3 www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/embed.js
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type ASCII text, with very long lines (3391)
Hash df85dab4bd2c9e763cb34bac44efd4fb
86f3f89a1257552c84d57e443f48a86e5f2659e2
611d7644cd2a2c305f04d2cd594aeb6e4ae81d2776ef4955f923e913f99bc615
GET /s/player/dee96cfa/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 16903
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:07:14 GMT
expires: Fri, 06 Dec 2024 16:07:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 206672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
200 OK 32 kB URL POST HTTP/3 www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 16dd533c822c3c490edd42d5e67b9de6
fdc27a6d095355c0aa462e99fabbcc1df756de11
cf52b0edda79a180ef107515ed36143a99438d681f0c60fbd468f29be8a4d1ce
POST /youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgtKN3FTS2RWMWVkRSj2qdSrBjIICgJOTxICEgA%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231205.01.00
Content-Length: 2985
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 10 Dec 2023 01:31:46 GMT
server: scaffolding on HTTPServer2
content-length: 32286
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+744; expires=Tue, 09-Dec-2025 01:31:46 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 01:31:46 GMT
cache-control: private
i.postimg.cc/5NMzNbhD/Bagasarya-Chou-SS.gif
200 OK 13 MB URL GET HTTP/2 i.postimg.cc/5NMzNbhD/Bagasarya-Chou-SS.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 549 x 800
- data
Size 13 MB (12610592 bytes)
Hash 9aa4648e252a29e0292bb73efcc59dd6
f9e499442407ba6e215d3463047757691b90dc4e
97abfb5a4676c714fd5786001d209e22b8ece83eefa6a33399764384c5ee46c6
GET /5NMzNbhD/Bagasarya-Chou-SS.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 12610592
last-modified: Wed, 26 Oct 2022 12:36:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/Granger-Legend.gif
200 OK 14 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/Granger-Legend.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 320 x 523
- data
Size 14 MB (14271962 bytes)
Hash 857330da8bd4bacc83041150daa2b2d9
931e7bfd63921988cba12ce74c6fc266c3ebf56b
aae81ff4e4d2d189e93472bf50042939d6453ab4898f43af13165897f46a4f11
GET /2022/06/29/ML/skin/Granger-Legend.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 14271962
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:51:06 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfQglHEJGDlE%2BPJs3SNsuRUChDhzXQbX2wm7FDWeNS2xyiDGz7snogcZvqSs0wGnZzwa9BCbuNPJX3EDcOG5EGeB6dQb4Ub3NUlJDPOSrakNeGgegA7ijX3sKx01VYsN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa88e62d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/ValeCl.gif
200 OK 13 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/ValeCl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 494 x 800
- data
Size 13 MB (12985381 bytes)
Hash 9c91736eeed623421261220b410d0afc
ee43bd07e6a56b6e65b606a892942456614972c7
df9ddaac5e33eb1545b21c8cc8257d5ce218f6454cde9d845cdd942d5baba0e5
GET /2022/06/29/ML/skin/ValeCl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 12985381
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:50:30 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0bydka0lYc0LPKKet2vQTjmO3l81UMKSlGN6cPzq9td5FFw5FyGHZPRJRC3%2BqTJlrKw1K3ILrUujwvtlhIM2jR8be2nkryS%2BT9rP8LOtCM0baStRpzOTJnYg7Fm%2BDRy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e9bd97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/BrodyCl.gif
200 OK 13 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/BrodyCl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 495 x 800
- data
Size 13 MB (12725089 bytes)
Hash 094f7b86af05e70f8f386c896416f652
51bcefe0abc76c36536c92dc5731ed7e9aaa8d00
a4c3397baca0642ae551710bc8d7ee95fda6e546cd241c04f2b199664891fe59
GET /2022/06/29/ML/skin/BrodyCl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 12725089
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:50:50 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzN41lnNB9iT5vZdxAdFT8O1cd48EZvdosLiA2Y895MolXg7UeLFZsakdGK8fW2wpzfxqXL%2Bv%2F2Pl6hT86tQ5sHBia3GO14fMMo4yVMoRG5bH%2FWvomovkwLLXLF9geIk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89e94d97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1702171913153
Content-Type: application/json
X-Goog-Visitor-Id: CgtKN3FTS2RWMWVkRSj2qdSrBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1702171910341&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Length: 13556
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 10 Dec 2023 01:31:49 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+425; expires=Tue, 09-Dec-2025 01:31:49 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 01:31:49 GMT
cache-control: private
file.gifan.id/2022/06/29/ML/skin/NanaCL.gif
200 OK 12 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/NanaCL.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 486 x 800
- data
Size 12 MB (12187151 bytes)
Hash f04c2ba1f8eef401e391f32b345a78c0
779b250fff074f11347d111fdc98f91f4ffa808b
bc6816abe49420244c0e5eb090f3d9d39d287ce2e3b13a5940b3468e3fd487e7
GET /2022/06/29/ML/skin/NanaCL.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 12187151
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:50:38 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8S7z9qk7t9jQKwW70WdbYmgsQyk9taR1f1%2BdzFlDS4uHqLSJZRx3fNv0p2z4zWzMtFn68mdc50mRW7seMe83cOZHsDqq6eijjI5ki98UkZsb6uGO6EsVXKZ3lFjmXnNQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa88e6cd97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
file.gifan.id/2022/06/29/ML/skin/zilongCl.gif
200 OK 13 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/zilongCl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 501 x 800
- data
Size 13 MB (13225542 bytes)
Hash 73e378b01984ddc8f650c523cac91186
67f00706b26905690f8d03429b78dc19e208c579
de93b1ccae9e82778261b5acf57a0c7835eb782078c62ec9539576af6552faf2
GET /2022/06/29/ML/skin/zilongCl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 13225542
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:50:36 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2r7asYFMFKLFfPomTWEKJ59twWo09iGkiirSzeRvBS4PJuFeU%2F%2FuoOfcr%2FJOHxF3%2BOwWX3StWFigyT76eJ1Rudgx%2B9sRv4lYARKr9FeXbVqDWDVESD6R5MxqqBoBGfva"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa88e6bd97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/annotations_module.js
200 OK 19 kB URL GET HTTP/3 www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/annotations_module.js
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type ASCII text, with very long lines (1115)
Hash 609462d42c709f92ba84adfac2ff86c7
5127e3fe3111d4eec62bd852287bea324283b507
496a743c2c0d168d4d21abe4376ccef39972eef705e3f26210566e55925a79d9
GET /s/player/dee96cfa/player_ias.vflset/en_US/annotations_module.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 08 Dec 2023 11:47:51 GMT
expires: Sat, 07 Dec 2024 11:47:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 135840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/endscreen.js
200 OK 8.3 kB URL GET HTTP/3 www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/endscreen.js
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type ASCII text, with very long lines (607)
Hash 2a31fa79cc3a592f9c4e89a170899350
c68818db322da5cb1cf3539d10fc011737d96190
510d1a918c0dc51734373015cfe83940fbe24f694eaa3098c92a1e5e5c5593c8
GET /s/player/dee96cfa/player_ias.vflset/en_US/endscreen.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 8337
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:34 GMT
expires: Fri, 06 Dec 2024 15:40:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 208277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/captions.js
200 OK 24 kB URL GET HTTP/3 www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/captions.js
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type ASCII text, with very long lines (567)
Hash 99360f28f1a17682de42e30277ea6e43
d7444985b43e9797777f8ad06eb0818c0ce66bf1
ffec118849680762bc8ca9a9c378216c425719e78ee7afc6acf50ba0121a41dd
GET /s/player/dee96cfa/player_ias.vflset/en_US/captions.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 24363
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:56:21 GMT
expires: Fri, 06 Dec 2024 15:56:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 207330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
file.gifan.id/2022/06/29/ML/skin/BenedCl.gif
200 OK 14 MB URL GET HTTP/2 file.gifan.id/2022/06/29/ML/skin/BenedCl.gif
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectgifan.id
Fingerprint05:08:56:A0:2C:BF:31:A0:4C:D0:5C:0F:18:A3:B9:7D:58:74:03:29
ValidityWed, 29 Nov 2023 03:44:14 GMT - Tue, 27 Feb 2024 03:44:13 GMT
File type GIF image data, version 89a, 400 x 652
- data
Size 14 MB (14075940 bytes)
Hash 18de56677f04a6b47c92767538ae1b45
b8b3213c432142fc045b321bdaf4bb6d540b5551
5d9df94926d08de70d4bedbe6d25618c9f27bf061bf83861d12296918150d6d4
GET /2022/06/29/ML/skin/BenedCl.gif HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:35 GMT
content-type: image/gif
content-length: 14075940
cache-control: public, max-age=604800
expires: Sat, 16 Dec 2023 20:19:50 GMT
last-modified: Wed, 29 Jun 2022 01:51:20 GMT
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 18705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLMFXqIZ9EZN6akbRqX4twmhE0e%2FXBhIp9q8pj8KCs1053jvIjPyRg1C1NVR1S0l%2FDPAVwK1PfmWfWekpjAA152losN1MbW%2B1sNXHratwU3WwKMQVzqDJH83jkG%2FydYQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa89eacd97f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/api/stats/qoe?fmt=396&cpn=gMwUmvKKXs2NgSJu&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C227304%2C23114%2C53633%2C60172%2C24565%2C25688%2C9541%2C1089%2C5877%2C394%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5876%2C2252%2C859%2C1094%2C2316%2C5558%2C1639%2C4684%2C2227%2C7726%2C2008%2C3943%2C609%2C3416%2C3531%2C1316%2C2438&cl=588227172&seq=1&docid=PoTQmIfvWFI&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&event=streamingstats&plid=AAYMHcfSsH761Kpr&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FPoTQmIfvWFI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBnTXdVbXZLS1hzMk5nU0p1EAE&embargoed=0&cbr=Firefox&cbrver=105.0&c=WEB_EMBEDDED_PLAYER&cver=1.20231205.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.013:B,4.511:B,4.511:B&cat=streaming&cmt=0.013:0.000,4.511:0.000&vfs=4.511:396:396::r&view=4.511:390:190&bwe=4.511:130000&vis=4.511:0&bh=4.511:0.000
204 No Content 0 B URL POST HTTP/3 www.youtube.com/api/stats/qoe?fmt=396&cpn=gMwUmvKKXs2NgSJu&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C227304%2C23114%2C53633%2C60172%2C24565%2C25688%2C9541%2C1089%2C5877%2C394%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5876%2C2252%2C859%2C1094%2C2316%2C5558%2C1639%2C4684%2C2227%2C7726%2C2008%2C3943%2C609%2C3416%2C3531%2C1316%2C2438&cl=588227172&seq=1&docid=PoTQmIfvWFI&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&event=streamingstats&plid=AAYMHcfSsH761Kpr&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FPoTQmIfvWFI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBnTXdVbXZLS1hzMk5nU0p1EAE&embargoed=0&cbr=Firefox&cbrver=105.0&c=WEB_EMBEDDED_PLAYER&cver=1.20231205.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.013:B,4.511:B,4.511:B&cat=streaming&cmt=0.013:0.000,4.511:0.000&vfs=4.511:396:396::r&view=4.511:390:190&bwe=4.511:130000&vis=4.511:0&bh=4.511:0.000
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?fmt=396&cpn=gMwUmvKKXs2NgSJu&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C227304%2C23114%2C53633%2C60172%2C24565%2C25688%2C9541%2C1089%2C5877%2C394%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5876%2C2252%2C859%2C1094%2C2316%2C5558%2C1639%2C4684%2C2227%2C7726%2C2008%2C3943%2C609%2C3416%2C3531%2C1316%2C2438&cl=588227172&seq=1&docid=PoTQmIfvWFI&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&event=streamingstats&plid=AAYMHcfSsH761Kpr&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FPoTQmIfvWFI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBnTXdVbXZLS1hzMk5nU0p1EAE&embargoed=0&cbr=Firefox&cbrver=105.0&c=WEB_EMBEDDED_PLAYER&cver=1.20231205.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.013:B,4.511:B,4.511:B&cat=streaming&cmt=0.013:0.000,4.511:0.000&vfs=4.511:396:396::r&view=4.511:390:190&bwe=4.511:130000&vis=4.511:0&bh=4.511:0.000 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtKN3FTS2RWMWVkRSj2qdSrBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1702171910870&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 01:31:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
200 OK 5.7 kB URL POST HTTP/3 www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type Unicode text, UTF-8 text, with very long lines (35274), with no line terminators
Hash 46aa8744c7d0468a54d2ba65603d0dcf
1573aff91fa732851d5e572a0d498b5ae6a7cdb7
f33bba5c0472d85697ca8fd64220f1ec139e90fa3f9a08f9a454b9d9d67e7ff5
POST /youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgtKN3FTS2RWMWVkRSj2qdSrBjIICgJOTxICEgA%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231205.01.00
Content-Length: 2604
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 10 Dec 2023 01:31:51 GMT
server: scaffolding on HTTPServer2
content-length: 5720
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+983; expires=Tue, 09-Dec-2025 01:31:51 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 01:31:51 GMT
cache-control: private
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1702171917669
Content-Type: application/json
X-Goog-Visitor-Id: CgtKN3FTS2RWMWVkRSj2qdSrBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1702171910870&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Length: 4137
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 10 Dec 2023 01:31:52 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+702; expires=Tue, 09-Dec-2025 01:31:51 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 01:31:52 GMT
cache-control: private
yt3.ggpht.com/XD6yWGy6PazjCaD6FUGlsTXWgA7gvEKDTVrod8v-rIaID2nbx59KJEX4xMUhYE4vKcFNMCVT=s68-c-k-c0x00ffffff-no-rj
200 OK 5.0 kB URL GET HTTP/2 yt3.ggpht.com/XD6yWGy6PazjCaD6FUGlsTXWgA7gvEKDTVrod8v-rIaID2nbx59KJEX4xMUhYE4vKcFNMCVT=s68-c-k-c0x00ffffff-no-rj
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint17:E3:6E:DB:3C:C4:0E:B4:6D:D3:55:1A:70:F8:0B:23:86:54:69:D8
ValidityMon, 20 Nov 2023 08:08:31 GMT - Mon, 12 Feb 2024 08:08:30 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3
- data
Hash a302203c3ecf084a869b75cfb546661e
7cc36c3a726f35e7d71cd74d0063c8fcfa7d4ee0
fedec78335c67be6ce56acbf6c9cfd321a3b137352c719c5d9705b803e7573c9
GET /XD6yWGy6PazjCaD6FUGlsTXWgA7gvEKDTVrod8v-rIaID2nbx59KJEX4xMUhYE4vKcFNMCVT=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 4950
x-xss-protection: 0
date: Sat, 09 Dec 2023 21:45:41 GMT
expires: Sun, 10 Dec 2023 21:45:41 GMT
cache-control: public, max-age=86400, no-transform
age: 13571
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js
200 OK 20 kB URL GET HTTP/2 www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint50:3E:DA:12:EC:7F:39:A5:E9:4F:16:D7:D6:AA:BF:45:15:44:7F:E9
ValidityMon, 20 Nov 2023 08:09:47 GMT - Mon, 12 Feb 2024 08:09:46 GMT
File type ASCII text, with very long lines (50467)
Hash 02ef8df4172d6fad17d1bf1142bfc1d1
3baa1986da7954c8f577eac04b1f4af063e8d58a
52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f
GET /js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 19757
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:44:30 GMT
expires: Fri, 06 Dec 2024 15:44:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 208042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 10 Dec 2023 01:31:52 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=0-65951&rn=2&rbuf=0&pot=IjJxVnFVFCNkXTIxBR0_ZTcCImQjATwBJz0jBRtkADIiJDM8OB8yMTsZJS44FTQxMHNCEg==&ump=1&srfvp=1
200 OK 66 kB URL POST HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=0-65951&rn=2&rbuf=0&pot=IjJxVnFVFCNkXTIxBR0_ZTcCImQjATwBJz0jBRtkADIiJDM8OB8yMTsZJS44FTQxMHNCEg==&ump=1&srfvp=1
IP
ASN #50304 Blix Solutions AS
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.googlevideo.com
FingerprintA9:97:EF:F4:47:1A:59:51:52:66:98:30:B1:79:C2:14:AF:36:6D:34
ValidityTue, 14 Nov 2023 14:30:52 GMT - Tue, 23 Jan 2024 14:30:51 GMT
Hash 08a7da293121ac0c69bc52bef45468a1
44d59c2d8dacc5714f484b6bbdde5dcfb7e99b35
746ac593d1368f9a91d8e9d4cf88370ef2df70a22399e4acefd9918a0fd730ff
POST /videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=0-65951&rn=2&rbuf=0&pot=IjJxVnFVFCNkXTIxBR0_ZTcCImQjATwBJz0jBRtkADIiJDM8OB8yMTsZJS44FTQxMHNCEg==&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Mon, 02 Oct 2023 15:59:00 GMT
Content-Type: application/vnd.yt-ump
Date: Sun, 10 Dec 2023 01:31:52 GMT
Expires: Sun, 10 Dec 2023 01:31:52 GMT
Cache-Control: private, max-age=21294
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
i.ytimg.com/vi_webp/PoTQmIfvWFI/sddefault.webp
200 OK 49 kB URL GET HTTP/2 i.ytimg.com/vi_webp/PoTQmIfvWFI/sddefault.webp
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
Fingerprint5C:05:8E:B2:1F:68:33:EA:19:FD:84:54:6B:05:9B:49:43:15:33:89
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp
- data
Hash 5c51f8da78605b06027def654e8b6115
2f68378c602456e489665c98b3f115582af0517e
f7df5cbe0488e21ee0d52ebc841d3e190b2942ea11c15a67fe4cfac15360cf43
GET /vi_webp/PoTQmIfvWFI/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48574
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 10 Dec 2023 01:25:59 GMT
expires: Sun, 10 Dec 2023 03:25:59 GMT
cache-control: public, max-age=7200
age: 353
etag: "1695887066"
content-type: image/webp
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
m.mobilelegends.com/static/images/favicon.ico
200 OK 3.7 kB URL GET HTTP/1.1 m.mobilelegends.com/static/images/favicon.ico
IP
ASN #20940 Akamai International B.V.
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerDigiCert, Inc.
Subject*.mobilelegends.com
Fingerprint80:6B:D3:96:DF:2A:21:B4:F0:5E:FF:6E:6A:23:76:0E:BF:C5:71:19
ValidityMon, 27 Nov 2023 00:00:00 GMT - Fri, 27 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
- data
Hash af5f4d61f91c3ece97cc1da8aa22c6fd
e9330e790dbf0ab47324c5b58299e1c0e8ae7800
9ad6444561bc88ce81ddd8488e24106fa36682d37fb98a32c52baf8456d0352e
GET /static/images/favicon.ico HTTP/1.1
Host: m.mobilelegends.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Thu, 14 Sep 2023 09:54:13 GMT
ETag: "6502d845-e76"
X-Origin-Response-Time: 483,184.31.15.20
Strict-Transport-Security: max-age=15724800; includeSubDomains
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Headers: DNT,X-CustomHeader,X-LANG,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Api-Key,X-Device-Id,Access-Control-Allow-Origin,x-token,x-project-id,sign,roleId,escaped,zoneId,deviceId,token,language,clientparam
Access-Control-Max-Age: 1728000
Content-Type: image/x-icon
Content-Length: 3702
Accept-Ranges: bytes
Cache-Control: max-age=2818
Expires: Sun, 10 Dec 2023 02:18:50 GMT
Date: Sun, 10 Dec 2023 01:31:52 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1099597
X-Parent-Response-Time: 53,2.21.240.133, 11,2.21.240.98
yt3.ggpht.com/XD6yWGy6PazjCaD6FUGlsTXWgA7gvEKDTVrod8v-rIaID2nbx59KJEX4xMUhYE4vKcFNMCVT=s88-c-k-c0x00ffffff-no-rj
200 OK 6.9 kB URL GET HTTP/2 yt3.ggpht.com/XD6yWGy6PazjCaD6FUGlsTXWgA7gvEKDTVrod8v-rIaID2nbx59KJEX4xMUhYE4vKcFNMCVT=s88-c-k-c0x00ffffff-no-rj
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint17:E3:6E:DB:3C:C4:0E:B4:6D:D3:55:1A:70:F8:0B:23:86:54:69:D8
ValidityMon, 20 Nov 2023 08:08:31 GMT - Mon, 12 Feb 2024 08:08:30 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 88x88, components 3
- data
Hash d6b7b4dc95275348f53424891306125b
8fa905db2cace53f71fdba5f6b0b3884aac4cbbd
d56151b9922935cb1140c8792b944c6a0e2c65abf4c85464212b66656360bdb7
GET /XD6yWGy6PazjCaD6FUGlsTXWgA7gvEKDTVrod8v-rIaID2nbx59KJEX4xMUhYE4vKcFNMCVT=s88-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 6899
x-xss-protection: 0
date: Sun, 10 Dec 2023 00:52:28 GMT
expires: Mon, 11 Dec 2023 00:52:28 GMT
cache-control: public, max-age=86400, no-transform
age: 2364
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=0-103258&rn=1&rbuf=0&pot=IjJWclZxMwdDeRUVIjkYQRAmBUAEJRslABkEITxAJxYFABQYHzsVFRw9AgofMRMVF1dlNg==&ump=1&srfvp=1
200 OK 103 kB URL POST HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=0-103258&rn=1&rbuf=0&pot=IjJWclZxMwdDeRUVIjkYQRAmBUAEJRslABkEITxAJxYFABQYHzsVFRw9AgofMRMVF1dlNg==&ump=1&srfvp=1
IP
ASN #50304 Blix Solutions AS
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.googlevideo.com
FingerprintA9:97:EF:F4:47:1A:59:51:52:66:98:30:B1:79:C2:14:AF:36:6D:34
ValidityTue, 14 Nov 2023 14:30:52 GMT - Tue, 23 Jan 2024 14:30:51 GMT
Size 103 kB (103316 bytes)
Hash c21bf6a42caa59a4419c7fe4b1ac4e04
805393f613070006e4627b62049aa064b9252e32
7a3b01bd8c03993f0f4e66956c7dde8e99ca68909760c634dfb666fd534f48f6
POST /videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=0-103258&rn=1&rbuf=0&pot=IjJWclZxMwdDeRUVIjkYQRAmBUAEJRslABkEITxAJxYFABQYHzsVFRw9AgofMRMVF1dlNg==&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Mon, 02 Oct 2023 16:13:27 GMT
Content-Type: application/vnd.yt-ump
Date: Sun, 10 Dec 2023 01:31:52 GMT
Expires: Sun, 10 Dec 2023 01:31:52 GMT
Cache-Control: private, max-age=21294
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 41 kB URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT
File type JSON data
- , ASCII text, with very long lines (65536), with no line terminators
Hash a3068092a1e6f2406a3451adc97b37e3
87cd9e27c14ad7166ec9bdb5b4c65a53ee445703
712bb96d5218071d5786b09374c7b6d84188912a0b738706a00f93129551e4d2
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 10 Dec 2023 01:31:52 GMT
server: ESF
cache-control: private
content-length: 40564
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/generate_204?askg5Q
204 No Content 0 B URL GET HTTP/3 www.youtube.com/generate_204?askg5Q
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?askg5Q HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 01:31:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rr2---sn-5go7ynld.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&fallback_count=1&range=0-4095&rn=3&rbuf=0&pot=IjIA5QDmZZAV6kOCdK5O1kaxU9dSsk2yVo5StmrXcYFTl0KPSaxDgkqqVJ1JpkWCQcAzoQ==&ump=1&srfvp=1
200 OK 4.2 kB URL POST HTTP/1.1 rr2---sn-5go7ynld.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&fallback_count=1&range=0-4095&rn=3&rbuf=0&pot=IjIA5QDmZZAV6kOCdK5O1kaxU9dSsk2yVo5StmrXcYFTl0KPSaxDgkqqVJ1JpkWCQcAzoQ==&ump=1&srfvp=1
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.c.docs.google.com
FingerprintA8:1F:F4:E0:AF:EB:17:89:B5:AB:EB:80:6B:07:6D:4A:D5:BF:9B:8A
ValidityTue, 14 Nov 2023 14:30:52 GMT - Tue, 23 Jan 2024 14:30:51 GMT
Hash 99b026794410eb84c3f592635b13c212
13565245deb13a8a8c18c70ef0149e8be1b7979a
ac5cb3e074d43d1f7739696a9741a5abcfc62f48c57efc209a4af48aadbc9842
POST /videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&fallback_count=1&range=0-4095&rn=3&rbuf=0&pot=IjIA5QDmZZAV6kOCdK5O1kaxU9dSsk2yVo5StmrXcYFTl0KPSaxDgkqqVJ1JpkWCQcAzoQ==&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Mon, 02 Oct 2023 16:13:27 GMT
Content-Type: application/vnd.yt-ump
Date: Sun, 10 Dec 2023 01:31:52 GMT
Expires: Sun, 10 Dec 2023 01:31:52 GMT
Cache-Control: private, max-age=21294
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 10 Dec 2023 01:31:52 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 114 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT
File type JSON data
- , ASCII text, with no line terminators
Hash 13bdaf5c83be6c00d24af2b73e90fd1c
2bffd4735c27852ce359c8dc6b9d2b97040e3752
75a142b1d61fb7fcee0c88cba6640f14837b9a1d6312115283292311082afa84
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 832
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 10 Dec 2023 01:31:52 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=gMwUmvKKXs2NgSJu&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C227304%2C23114%2C53633%2C60172%2C24565%2C25688%2C9541%2C1089%2C5877%2C394%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5876%2C2252%2C859%2C1094%2C2316%2C5558%2C1639%2C4684%2C2227%2C7726%2C2008%2C3943%2C609%2C3416%2C3531%2C1316%2C2438&cl=588227172&seq=2&docid=PoTQmIfvWFI&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&event=streamingstats&plid=AAYMHcfSsH761Kpr&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FPoTQmIfvWFI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBnTXdVbXZLS1hzMk5nU0p1EAI&embargoed=0&cbr=Firefox&cbrver=105.0&c=WEB_EMBEDDED_PLAYER&cver=1.20231205.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&afs=4.515:251::i&cmt=4.551:0.000,10.001:0.000&vps=4.551:N&ctmp=dompaused:t.4554;r.promise;m.NotAllowedError&bwm=10.001:1063966:9.015&bwe=10.001:4209875&bh=10.001:16.267
204 No Content 0 B URL POST HTTP/3 www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=gMwUmvKKXs2NgSJu&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C227304%2C23114%2C53633%2C60172%2C24565%2C25688%2C9541%2C1089%2C5877%2C394%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5876%2C2252%2C859%2C1094%2C2316%2C5558%2C1639%2C4684%2C2227%2C7726%2C2008%2C3943%2C609%2C3416%2C3531%2C1316%2C2438&cl=588227172&seq=2&docid=PoTQmIfvWFI&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&event=streamingstats&plid=AAYMHcfSsH761Kpr&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FPoTQmIfvWFI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBnTXdVbXZLS1hzMk5nU0p1EAI&embargoed=0&cbr=Firefox&cbrver=105.0&c=WEB_EMBEDDED_PLAYER&cver=1.20231205.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&afs=4.515:251::i&cmt=4.551:0.000,10.001:0.000&vps=4.551:N&ctmp=dompaused:t.4554;r.promise;m.NotAllowedError&bwm=10.001:1063966:9.015&bwe=10.001:4209875&bh=10.001:16.267
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?fmt=396&afmt=251&cpn=gMwUmvKKXs2NgSJu&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C227304%2C23114%2C53633%2C60172%2C24565%2C25688%2C9541%2C1089%2C5877%2C394%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5876%2C2252%2C859%2C1094%2C2316%2C5558%2C1639%2C4684%2C2227%2C7726%2C2008%2C3943%2C609%2C3416%2C3531%2C1316%2C2438&cl=588227172&seq=2&docid=PoTQmIfvWFI&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&event=streamingstats&plid=AAYMHcfSsH761Kpr&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FPoTQmIfvWFI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBnTXdVbXZLS1hzMk5nU0p1EAI&embargoed=0&cbr=Firefox&cbrver=105.0&c=WEB_EMBEDDED_PLAYER&cver=1.20231205.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&afs=4.515:251::i&cmt=4.551:0.000,10.001:0.000&vps=4.551:N&ctmp=dompaused:t.4554;r.promise;m.NotAllowedError&bwm=10.001:1063966:9.015&bwe=10.001:4209875&bh=10.001:16.267 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtKN3FTS2RWMWVkRSj2qdSrBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1702171910870&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 01:31:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Camazondotcom%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org&lang=en-US
82 B URL services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Camazondotcom%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org&lang=en-US
IP
File type JSON data
- , ASCII text, with no line terminators
Hash 4f822d39c269d2c47e3174b6c6bad3b7
d56bd07959c766e9c18faa9cf1070548f9236b65
cda00e555c758b1c13b6cbd17049ca8471057d16c60f08f551dbc331308eecf3
GET /api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Camazondotcom%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org&lang=en-US HTTP/1.1
Host: services.addons.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 82
allow: GET, HEAD, OPTIONS
content-security-policy: img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/; frame-src https://www.recaptcha.net/recaptcha/; default-src 'none'; script-src https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/; object-src 'none'; media-src https://videos.cdn.mozilla.net; connect-src 'self' https://*.google-analytics.com; style-src 'unsafe-inline' https://addons.mozilla.org/static-server/; form-action 'self'; child-src https://www.recaptcha.net/recaptcha/; font-src 'self' https://addons.mozilla.org/static-server/; report-uri /__cspreport__
cross-origin-opener-policy: same-origin
public-key-pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31536000
x-amo-request-id: b0761b8c2a5c467dbcb961a142fdf22e
x-content-type-options: nosniff
x-frame-options: DENY
date: Sun, 10 Dec 2023 01:29:53 GMT
cache-control: max-age=180
etag: "4f822d39c269d2c47e3174b6c6bad3b7"
vary: origin,X-Country-Code,Accept-Language
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 204pUFf1A8sFA-u7vnwiSOBZ2Ku1bc_OqPKbefR8RmeddBAx1EmChQ==
age: 129
X-Firefox-Spdy: h2
aus5.mozilla.org/update/3/SystemAddons/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
42 B URL aus5.mozilla.org/update/3/SystemAddons/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP
File type XML 1.0 document text
- XML document, ASCII text
Hash f8f24fa0c857d8f2ee493e131b85ab62
cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6
e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f
GET /update/3/SystemAddons/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
via: 1.1 google
date: Sun, 10 Dec 2023 01:32:00 GMT
content-type: text/xml; charset=utf-8
age: 2
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1702171929756
Content-Type: application/json
X-Goog-Visitor-Id: CgtKN3FTS2RWMWVkRSj2qdSrBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1702171910341&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Length: 5693
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 10 Dec 2023 01:32:02 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+573; expires=Tue, 09-Dec-2025 01:32:02 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 01:32:02 GMT
cache-control: private
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1702171931372
Content-Type: application/json
X-Goog-Visitor-Id: CgtKN3FTS2RWMWVkRSj2qdSrBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1702171910341&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Length: 866
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 10 Dec 2023 01:32:04 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+598; expires=Tue, 09-Dec-2025 01:32:04 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 01:32:04 GMT
cache-control: private
fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap
200 OK 5.5 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT
File type ASCII text, with very long lines (5650), with no line terminators
Hash 9facd12a49da3c2c453e82fa1aa290f0
e060d317841da0d76be75a0bcd6412781d578f77
3330705c82a8ca7200ecae188602e6fe04c5cefe0eba171987de137b284aa04a
GET /css2?family=Teko:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 10 Dec 2023 01:31:34 GMT
date: Sun, 10 Dec 2023 01:31:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=131488-266063&rn=9&rbuf=8269&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1
200 OK 135 kB URL POST HTTP/3 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=131488-266063&rn=9&rbuf=8269&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1
IP
ASN #50304 Blix Solutions AS
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.googlevideo.com
FingerprintA9:97:EF:F4:47:1A:59:51:52:66:98:30:B1:79:C2:14:AF:36:6D:34
ValidityTue, 14 Nov 2023 14:30:52 GMT - Tue, 23 Jan 2024 14:30:51 GMT
Size 135 kB (134635 bytes)
Hash 99fa4390810767673d79ff99d56d2848
699486d178133e4295b6449aa453d141d37d65f8
41b36f995821f0c342827b98caf480588bb8d57567520520419fce7cc0251f0c
POST /videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=131488-266063&rn=9&rbuf=8269&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Mon, 02 Oct 2023 15:59:00 GMT
content-type: application/vnd.yt-ump
date: Sun, 10 Dec 2023 01:31:52 GMT
expires: Sun, 10 Dec 2023 01:31:52 GMT
cache-control: private, max-age=21294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=387449-793282&rn=8&rbuf=7933&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1
200 OK 406 kB URL POST HTTP/3 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=387449-793282&rn=8&rbuf=7933&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1
IP
ASN #50304 Blix Solutions AS
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.googlevideo.com
FingerprintA9:97:EF:F4:47:1A:59:51:52:66:98:30:B1:79:C2:14:AF:36:6D:34
ValidityTue, 14 Nov 2023 14:30:52 GMT - Tue, 23 Jan 2024 14:30:51 GMT
Size 406 kB (405893 bytes)
Hash 0c140959c548a6530062bf74fa28e67d
e03d4f185c2841d19ec53ced7a66eb65140a7413
123713db39428fea59db4005e0caeb1e60d8459cef43cc25aab53c8f529eb263
POST /videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=387449-793282&rn=8&rbuf=7933&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Mon, 02 Oct 2023 16:13:27 GMT
content-type: application/vnd.yt-ump
date: Sun, 10 Dec 2023 01:31:52 GMT
expires: Sun, 10 Dec 2023 01:31:52 GMT
cache-control: private, max-age=21294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
site-assets.fontawesome.com/releases/v6.1.1/css/all.css
200 OK 498 kB URL GET HTTP/2 site-assets.fontawesome.com/releases/v6.1.1/css/all.css
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type ASCII text, with very long lines (65360)
Size 498 kB (498160 bytes)
Hash 325672b036bab9b57f6873aed5eccc43
264f5db348311950380ad1bca79754ff593d87e2
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
GET /releases/v6.1.1/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: text/css
x-amz-id-2: Y1TmNuBPJ2aktX68kJThHqHYS+UBzLzvigLuxqSKGropAjQHJXqctJ8cMj8EZaj3hWZqBw7vjseo/ptPWK0rIs/nC5bnGezhyLprTTXGcJA=
x-amz-request-id: 9ZNBHYHZ9G1WY9FS
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
etag: W/"325672b036bab9b57f6873aed5eccc43"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1466176
vary: Accept-Encoding
server: cloudflare
cf-ray: 8331baa728bbb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
200 OK 73 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectnag4.com.tr
Fingerprint24:6E:92:F3:7B:49:22:E6:0C:14:55:AF:93:EC:43:8E:E3:79:05:A1
ValidityMon, 06 Nov 2023 12:24:43 GMT - Sun, 04 Feb 2024 12:24:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Tencent
GET / HTTP/1.1
Host: subdi28.nag4.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0W53MkwX7jxlNFJc72O0LxYwhO7gdrb8zjpJvu3D1Bp1rIhCRU%2BmIknq6e3v8kTJYb2Qzh8mFiGzy%2B3K28iIE1%2BFW2L2lUuPPmM6qErLlf1aYRGHZk%2FKUf1mTH9vCrMP0OWIylC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa29adbb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=266064-470838&rn=11&rbuf=16583&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1
205 kB URL POST rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=266064-470838&rn=11&rbuf=16583&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1
IP
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.googlevideo.com
FingerprintA9:97:EF:F4:47:1A:59:51:52:66:98:30:B1:79:C2:14:AF:36:6D:34
ValidityTue, 14 Nov 2023 14:30:52 GMT - Tue, 23 Jan 2024 14:30:51 GMT
Size 205 kB (204834 bytes)
Hash 068beae92f5fbe08b216406e6f7381b3
eb81053179a1fc49ff3c2ebe010381676affa81c
726d91a053b683d6b2d6b39fd93912ddf5fd1c2f1ebe602735f74012b2ab2d8b
POST /videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=266064-470838&rn=11&rbuf=16583&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Mon, 02 Oct 2023 15:59:00 GMT
content-type: application/vnd.yt-ump
date: Sun, 10 Dec 2023 01:31:58 GMT
expires: Sun, 10 Dec 2023 01:31:58 GMT
cache-control: private, max-age=21288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=184160-286470&rn=5&rbuf=3600&pot=IjJ8BHwCGXFpCz9jCE8yNzpQLzYuUzFTKm8uVxY2DWAvdj5uNU0_YzZLKHw1RzljPSFPQA==&ump=1&srfvp=1
200 OK 102 kB URL POST HTTP/3 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=184160-286470&rn=5&rbuf=3600&pot=IjJ8BHwCGXFpCz9jCE8yNzpQLzYuUzFTKm8uVxY2DWAvdj5uNU0_YzZLKHw1RzljPSFPQA==&ump=1&srfvp=1
IP
ASN #50304 Blix Solutions AS
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.googlevideo.com
FingerprintA9:97:EF:F4:47:1A:59:51:52:66:98:30:B1:79:C2:14:AF:36:6D:34
ValidityTue, 14 Nov 2023 14:30:52 GMT - Tue, 23 Jan 2024 14:30:51 GMT
Size 102 kB (102370 bytes)
Hash 63639bf55887280ad3f2e1a179056e1a
bbd52b8e21f09f02702df0ac1ad147aaaa43e38e
290d2c4bf1a0ff38b2648f15a6cce15ce0b891fe11e1b1968230dd194f320c2f
POST /videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=184160-286470&rn=5&rbuf=3600&pot=IjJ8BHwCGXFpCz9jCE8yNzpQLzYuUzFTKm8uVxY2DWAvdj5uNU0_YzZLKHw1RzljPSFPQA==&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Mon, 02 Oct 2023 16:13:27 GMT
content-type: application/vnd.yt-ump
date: Sun, 10 Dec 2023 01:31:52 GMT
expires: Sun, 10 Dec 2023 01:31:52 GMT
cache-control: private, max-age=21294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=65952-131487&rn=6&rbuf=4134&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1
200 OK 66 kB URL POST HTTP/3 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=65952-131487&rn=6&rbuf=4134&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1
IP
ASN #50304 Blix Solutions AS
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.googlevideo.com
FingerprintA9:97:EF:F4:47:1A:59:51:52:66:98:30:B1:79:C2:14:AF:36:6D:34
ValidityTue, 14 Nov 2023 14:30:52 GMT - Tue, 23 Jan 2024 14:30:51 GMT
Hash 324d6a624405e101757ef8fa1c144b3d
7be39c01aca5a265a502d910d87aee38b6390ffc
638a40c62eb6b712e29ac0228d37815c1a32a24989149ff94972a38ce7c7b26e
POST /videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=audio%2Fwebm&gir=yes&clen=1395979&dur=89.941&lmt=1696262340772372&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5532434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRAIgZEApIyI3hgoZlpjkfnE9CrHNLa1TrW9gyyTNVfzJGcwCIB_sUwnbpm9FsuGJFBxOXqmKe81JcZafPMKZBC4H1975&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=65952-131487&rn=6&rbuf=4134&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Mon, 02 Oct 2023 15:59:00 GMT
content-type: application/vnd.yt-ump
date: Sun, 10 Dec 2023 01:31:52 GMT
expires: Sun, 10 Dec 2023 01:31:52 GMT
cache-control: private, max-age=21294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 31 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 1546069
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8331baa65e4856c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=103259-184159&rn=4&rbuf=2010&pot=IjJFvEW6IMlQswbbMfcLjwPoFo4X6wjrE9cX7y-ONNgWzgfWDPUG2w_zEcQM_wDbBJl2-A==&ump=1&srfvp=1
200 OK 81 kB URL POST HTTP/3 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=103259-184159&rn=4&rbuf=2010&pot=IjJFvEW6IMlQswbbMfcLjwPoFo4X6wjrE9cX7y-ONNgWzgfWDPUG2w_zEcQM_wDbBJl2-A==&ump=1&srfvp=1
IP
ASN #50304 Blix Solutions AS
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.googlevideo.com
FingerprintA9:97:EF:F4:47:1A:59:51:52:66:98:30:B1:79:C2:14:AF:36:6D:34
ValidityTue, 14 Nov 2023 14:30:52 GMT - Tue, 23 Jan 2024 14:30:51 GMT
Hash 9a0ee9ab906ba7c75397c676dcea4426
0bb55d45df63d2aa93a5b4b129c3ca307efbaa7f
440033e03716f02b1ada2acb2a5503c101024fe673006437d19d5e431bd6f534
POST /videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=103259-184159&rn=4&rbuf=2010&pot=IjJFvEW6IMlQswbbMfcLjwPoFo4X6wjrE9cX7y-ONNgWzgfWDPUG2w_zEcQM_wDbBJl2-A==&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Mon, 02 Oct 2023 16:13:27 GMT
content-type: application/vnd.yt-ump
date: Sun, 10 Dec 2023 01:31:52 GMT
expires: Sun, 10 Dec 2023 01:31:52 GMT
cache-control: private, max-age=21294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
filebagasarya.com/css/ff/facebook.css
200 OK 5.0 kB URL GET HTTP/2 filebagasarya.com/css/ff/facebook.css
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectfilebagasarya.com
FingerprintF0:8B:F1:70:76:A3:14:5A:6C:27:24:64:49:E8:8F:71:89:4C:AF:BF
ValidityTue, 31 Oct 2023 12:31:08 GMT - Mon, 29 Jan 2024 12:31:07 GMT
File type ASCII text, with very long lines (5230), with no line terminators
Hash 6387b42e14e496c4ece843728ccaca56
cedc91ff088f92d9905408a505619018631b41ed
8924456cce0c6f7e28801a55f88d9e886b9a67d9ec0809bed6e2d851d64d66ca
GET /css/ff/facebook.css HTTP/1.1
Host: filebagasarya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 10 Dec 2023 17:02:45 GMT
last-modified: Sun, 03 Dec 2023 17:21:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 548928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElDgBGfPX0dDNhgrQg4Q%2F%2BkVqYB9K2%2F%2BKPjDudhzf3ufLNczKZr6KWhZKvYcbZ73IEZJohXsf8eV1Fkgti11V1Wkj5Y7t4W8fHr7RsZPwVQBEDde%2FY4os09Gf7lW4xpQligZKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8331baa72d6cb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
200 OK 95 kB URL GET HTTP/2 www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 10 Dec 2023 01:31:34 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=3OPja59pSsk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=J7qSKdV1edE; Domain=.youtube.com; Expires=Fri, 07-Jun-2024 01:31:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxICEgA%3D; Domain=.youtube.com; Expires=Fri, 07-Jun-2024 01:31:34 GMT; Path=/; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+780; expires=Tue, 09-Dec-2025 01:31:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=286471-387448&rn=7&rbuf=5781&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1
200 OK 101 kB URL POST HTTP/3 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=286471-387448&rn=7&rbuf=5781&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1
IP
ASN #50304 Blix Solutions AS
Requested by https://www.youtube.com/embed/PoTQmIfvWFI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Certificate IssuerGoogle Trust Services LLC
Subject*.googlevideo.com
FingerprintA9:97:EF:F4:47:1A:59:51:52:66:98:30:B1:79:C2:14:AF:36:6D:34
ValidityTue, 14 Nov 2023 14:30:52 GMT - Tue, 23 Jan 2024 14:30:51 GMT
Size 101 kB (101037 bytes)
Hash 23a9a5c7a98fab44558e0cd5f759161a
f4b5004ae5c85e0cc4e2929d475413861a9f7a0e
8664d2cef826e856652343c89fe337bef6e90bb0781671e773746f6df13bf4f9
POST /videoplayback?expire=1702193506&ei=AhV1ZcLmEN6-0u8P9vOG-Ak&ip=91.90.42.154&id=o-AK3wLajr-6xrApwACvCcsahgHBpiwzxLfWhehs2qjigy&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Fu&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=4893750&spc=UWF9f8yETColdiVcvIMJ5bwOMSmKS7JVNNWf0ShQ9w&vprv=1&svpuc=1&mime=video%2Fmp4&gir=yes&clen=3763145&dur=89.899&lmt=1696263207167050&mt=1702171494&fvip=2&keepalive=yes&fexp=24007246&beids=24350017&c=WEB_EMBEDDED_PLAYER&txp=5537434&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgDKb16rGWOdnvTDOywUT96YAacuRqUqBl2Kk9ctuOgNMCIQCnczaxZn_5dOeP90KqyOaZ3eCNUejuX6nrBSAvUyJC8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRAIgMkHCAIXBEVXN_2lmU9nJk1QUZ6h-HEDZE6evKDO3fyoCIA0F2ObJN_OjCWplyOu3x1d4E0yX3r95oe9Pe-1mZHlw&alr=yes&cpn=gMwUmvKKXs2NgSJu&cver=1.20231205.01.00&range=286471-387448&rn=7&rbuf=5781&pot=MnEdXbUl5lAJvR1mOvyfefgvGun3Jfjeas6yief-bxTQYjx_PoneI1j1KjmuMYEoa1nGYuhlnjeUoipziVpJ8_q6M6C0-I3q2BdG71by82L62ycvWx9pS8DjZMO-LHwxTKJu8W9wuFInXcI1qSq-uoEplg==&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Mon, 02 Oct 2023 16:13:27 GMT
content-type: application/vnd.yt-ump
date: Sun, 10 Dec 2023 01:31:52 GMT
expires: Sun, 10 Dec 2023 01:31:52 GMT
cache-control: private, max-age=21294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
subdi28.nag4.com.tr/alexFrontEnd/tiktok.png
404 Not Found 1.2 kB URL GET HTTP/3 subdi28.nag4.com.tr/alexFrontEnd/tiktok.png
IP
Requested by https://subdi28.nag4.com.tr/
Certificate IssuerGoogle Trust Services LLC
Subjectnag4.com.tr
Fingerprint24:6E:92:F3:7B:49:22:E6:0C:14:55:AF:93:EC:43:8E:E3:79:05:A1
ValidityMon, 06 Nov 2023 12:24:43 GMT - Sun, 04 Feb 2024 12:24:42 GMT
File type HTML document text
- HTML document text
- HTML document text
- HTML document text
- exported SGML document, ASCII text, with very long lines (1276), with no line terminators
Hash 24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
Analyzer Verdict Alert OpenPhish phishing Tencent
GET /alexFrontEnd/tiktok.png HTTP/1.1
Host: subdi28.nag4.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://subdi28.nag4.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sun, 10 Dec 2023 01:31:34 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDokcJMagiiuA7cA9K3aLncD8HpHBG9L6cxilgfWacPniJiAMzYTiKB7bnYm7q%2BYRrCZplFIFxPzqsw3%2FJLIUkghdkFLkyqycNnrkbODpTiYckDucUdG96zdxUDK4Z3Tz8uxxjX0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8331baa6bd7c56b4-OSL
content-encoding: br
172.67.213.242
104.21.234.35
2.21.240.102
162.19.58.159
91.90.45.173
188.114.97.1