r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2311
Expires: Tue, 29 Nov 2022 21:34:55 GMT
Date: Tue, 29 Nov 2022 20:56:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5806
Cache-Control: max-age=141093
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:24 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 12:07:57 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5296
Expires: Tue, 29 Nov 2022 22:24:40 GMT
Date: Tue, 29 Nov 2022 20:56:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 20:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2309
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gYQi+wPGY5NNjrqvY3XL7EyDSrAjcompX7d39EaBGDeT8SslorbAJrkWiEYSGcfAMEbcwYrHF1g=
x-amz-request-id: 5TD9WKX28EJ3S1QV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 20:45:36 GMT
age: 648
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 20:56:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
173.231.216.35301 Moved Permanently 284 B URL HTTP/1.1 www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
IP 173.231.216.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 756e3d6050bd9d884ff562a03a5ee89a
0dc48746933b786a187b858b4d4f3f7747c530ad
617b7ade7d33e36cd70c11cc4f39971fc849baf840d12ef79ad25cdeea5a3f54
Analyzer Verdict Alert fortinet Malware
GET /newsupdates/won-the-bid-for-the-dcsi-web-project.html HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 20:56:24 GMT
Server: Apache
Location: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Content-Length: 284
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 20:11:13 GMT
cache-control: public,max-age=3600
age: 2711
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
173.231.216.35200 OK 5.1 kB URL HTTP/1.1 www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
IP 173.231.216.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 37fe673145b5e4666f30c5de0dc456e5
8a71a7a6c4d08402cc218477f88ff44f4714c45e
b5a7f4553e545b3b2c1b0fa2ccf2abb5942ccb693119a5db68f1cd46be155434
Analyzer Verdict Alert fortinet Malware
GET /newsupdates/won-the-bid-for-the-dcsi-web-project.html HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:24 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5112
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2456
Cache-Control: max-age=132680
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:24 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:47:44 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.9bravo.com/wp-content/themes/9b17_prime/503assets/css/normalize.css
173.231.216.35200 OK 2.6 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/css/normalize.css
IP 173.231.216.35:0
File type ASCII text, with CRLF line terminators
Hash b0bac1315e0fd56dd2bd9bae91cee34a
74296c5f1e9f2cede3213c5ee8ca7e8a31da7c4b
d801fef958d56d6cdb4893efbf0d1bbeec6a1c2f1e75170ba57f2f156f276527
GET /wp-content/themes/9b17_prime/503assets/css/normalize.css HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:24 GMT
Server: Apache
Last-Modified: Tue, 28 Oct 2014 04:00:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2621
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.2/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.2/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32065)
Hash 2bc666a590303ce436c2679bec5d2173
c9835788b85dea43c45890080fe957673a1a1d17
54d0c6a98d70521e5cbe82178740a6c04e05d10c02932192a945d2126678cde0
GET /ajax/libs/jquery/2.2.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30094
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:11:46 GMT
expires: Sun, 26 Nov 2023 21:11:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 258279
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-4403140-5
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-4403140-5
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 35d5599368fff7ecfcae3f81bbffe62b
10597b444c7c70d70776ec4f974d6cae1043549c
27ad203f8f2ffab0c8689d56e209b71395cfc912b0e770564bb0c87fdf15c5d0
GET /gtag/js?id=UA-4403140-5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 20:56:25 GMT
expires: Tue, 29 Nov 2022 20:56:25 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43653
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.149.203.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.203.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KzH0hDPTwiHfNT+I//A1bg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9IkYiS4ZEOm4mzPaQWWvOJYMECU=
www.9bravo.com/wp-content/themes/9b17_prime/https://www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/glacial/stylesheet.css
173.231.216.35500 Internal Server Error 664 B URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/https://www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/glacial/stylesheet.css
IP 173.231.216.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 558df50ab1508f2a76bf66350bb79a3e
9123fcf20f7db2443543cebe0d8c85610a969503
4cf11687467d50831a66bd8177bdd086cec0ca5b13a59e13c9bc29bf92268b53
GET /wp-content/themes/9b17_prime/https://www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/glacial/stylesheet.css HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 500 Internal Server Error
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Content-Length: 664
Connection: close
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/linearicons/stylesheet.css
173.231.216.35200 OK 1.7 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/linearicons/stylesheet.css
IP 173.231.216.35:0
File type ASCII text, with CRLF, CR line terminators
Hash ff3899f600dd05f42e771dc92921f31f
7a0e63cbf48a18da259eaa80b76d81d95b3690fc
de27bd6f8849254161e048ac6dcec8e068dc9d34799dbd68fdf75f62d566cc03
GET /wp-content/themes/9b17_prime/503assets/fonts/linearicons/stylesheet.css HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Thu, 01 Mar 2018 15:37:20 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1677
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/css/pageloader.css
173.231.216.35200 OK 616 B URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/css/pageloader.css
IP 173.231.216.35:0
File type ASCII text, with CRLF, CR line terminators
Hash 31edee118c46d931fa60473ef46e8e07
c0daadb5b29e7d32e8546fc6f006ea1a60c4fcad
0dc43a3a613a66622b86fd77fa43c275f30093496f0de2d77676da9935a2e593
GET /wp-content/themes/9b17_prime/503assets/css/pageloader.css HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Wed, 16 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 616
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/ionicons.min.css
173.231.216.35200 OK 8.5 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/ionicons.min.css
IP 173.231.216.35:0
File type Unicode text, UTF-8 text, with very long lines (50761), with CRLF, CR line terminators
Hash bc4569f3307f91f32c0e6f59ce5c09c6
f6deb00241e12d8e048d2f47edd1ad6900e2e7e5
37ff8a4f65e278ac9480e947c1d802ebdb1944252b57fc50b2ac90dbb76f92fe
GET /wp-content/themes/9b17_prime/503assets/fonts/ionicons.min.css HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 18:54:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8462
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/vendor/jquery.fullPage.css
173.231.216.35200 OK 1.4 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/vendor/jquery.fullPage.css
IP 173.231.216.35:0
File type ASCII text, with CRLF line terminators
Hash aba2af7f9c607a4a72558e48f41c14e6
4321209ce1879d17e3e8c0a59f11b624ac9ff131
7969d96ca475373d15029b1da7ec6d5c8b353e669b5e35eb382d43a46832bdac
GET /wp-content/themes/9b17_prime/503assets/js/vendor/jquery.fullPage.css HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 22 Feb 2016 05:00:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1372
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/owl-carousel/owl.carousel.css
173.231.216.35200 OK 1.1 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/owl-carousel/owl.carousel.css
IP 173.231.216.35:0
File type ASCII text, with CRLF, CR line terminators
Hash 3d1b281fbf38c07dff558cdfb82d3c21
65be0a930941057ac66566c33673d900adb75bd7
801965c0f926d7a57c22b7188f7791e4ffd92f64b43fefce24a3c8dbd5d76088
GET /wp-content/themes/9b17_prime/503assets/js/owl-carousel/owl.carousel.css HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 18:54:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1127
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/css/main.css
173.231.216.35200 OK 8.0 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/css/main.css
IP 173.231.216.35:0
File type ASCII text, with very long lines (350), with CRLF line terminators
Hash 641fd9bb92088f5ce938180a7eedc854
76f86a33e7eafed2573644a7fc8994fc030cc895
39816c1ccecf63e281f65e151821ad1a4530832ff8f3691321e396124dd0d27c
GET /wp-content/themes/9b17_prime/503assets/css/main.css HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Wed, 22 Nov 2017 00:53:44 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8033
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/css/main_responsive.css
173.231.216.35200 OK 2.4 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/css/main_responsive.css
IP 173.231.216.35:0
File type ASCII text, with CRLF, CR line terminators
Hash 419d713263df31e5dc93a0dabbcb3cd4
7e762f62e92620f9eb7a179dd5330ead51093642
fa1e8e59b81893051227d7e5770e05df5137647b53283b746dc713722977b6f3
GET /wp-content/themes/9b17_prime/503assets/css/main_responsive.css HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Tue, 18 Jul 2017 20:59:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2371
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/css/foundation.min.css
173.231.216.35200 OK 19 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/css/foundation.min.css
IP 173.231.216.35:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f013bcecc0a29dce35f40d9d70562f1e
180f1e60b56ef03e65323af43137e7f5a7b53a31
65bb69d231214fe1e20c1d90a0016cbe1eec9339bbe00302785182a8a4be4542
GET /wp-content/themes/9b17_prime/503assets/css/foundation.min.css HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Tue, 28 Oct 2014 04:00:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18979
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/vendor/modernizr-2.7.1.min.js
173.231.216.35200 OK 6.3 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/vendor/modernizr-2.7.1.min.js
IP 173.231.216.35:0
File type HTML document, ASCII text, with very long lines (14846), with CRLF line terminators
Hash df1904745dae10ca2e0f48290d4f8eed
0b71086008feb6255f27eb384ffaed0c36ccfad5
806fec99af597102d949c04cc11b7b1e0861a9c168f475e0ac1ba33eaa70f53a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/9b17_prime/503assets/js/vendor/modernizr-2.7.1.min.js HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Wed, 02 Apr 2014 04:00:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6306
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/vegas/vegas.min.css
173.231.216.35200 OK 1.3 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/vegas/vegas.min.css
IP 173.231.216.35:0
File type ASCII text, with very long lines (10038), with no line terminators
Hash fc9516da2db253c532ad1ac3b110e02f
9b959ade779139664f4ae782f15d3440f54983e6
812f1261f03137920cbd1175a42fc7abc25116a006a67e091ce0a670cb4414ba
GET /wp-content/themes/9b17_prime/503assets/js/vegas/vegas.min.css HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 18:54:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1252
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/jquery.downCount.js
173.231.216.35200 OK 1.7 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/jquery.downCount.js
IP 173.231.216.35:0
File type ASCII text, with CRLF line terminators
Hash d4d9646548c76a63894d79fedadb8a27
63d6298586ff984698569dea2f376d70bbad7f3b
00b36c7aa3711e5434cbe492904213fe16a222b205d6d27728cb052079794bf1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/9b17_prime/503assets/js/jquery.downCount.js HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2016 05:00:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1723
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/form_script.js
173.231.216.35200 OK 1.2 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/form_script.js
IP 173.231.216.35:0
File type ASCII text, with CRLF, CR line terminators
Hash a2ec6c573837f23dd8dbf5de3767ab9e
6404f10587d951923d74f47e6eade06db5a71f18
52a78d5a418eba53dae3b0418bd87b8ad489323f4c0b726868957fe498de9873
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/9b17_prime/503assets/js/form_script.js HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Sun, 05 Apr 2015 04:00:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1246
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/jquery.mb.YTPlayer.min.js
173.231.216.35200 OK 12 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/jquery.mb.YTPlayer.min.js
IP 173.231.216.35:0
File type ASCII text, with very long lines (32060), with CRLF line terminators
Hash 241ae611e83e4b407766f8caf7f528a4
adba7e3bb8421ec9927411169b955cffaffbd56d
cdaf047a68e2a0de4a858b95403a22e7eae4bc02a3ecfd7066fcc2bad9840571
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/9b17_prime/503assets/js/jquery.mb.YTPlayer.min.js HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Wed, 22 Nov 2017 00:55:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12064
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/main.js
173.231.216.35200 OK 3.1 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/main.js
IP 173.231.216.35:0
File type ASCII text, with CRLF, CR line terminators
Hash c0c4f65bdcc6d9d6d4dc10d6527395ec
9388af42a1e06308dfeed29ee179124641d06255
381564fce7cde8141fcff8fcc39660a8f17b3d45a04b1e92429d06ae341b86e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/9b17_prime/503assets/js/main.js HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Sun, 16 Jul 2017 17:37:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3053
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.9bravo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:08:51 GMT
expires: Tue, 28 Nov 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 85654
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/vendor/all.js
173.231.216.35200 OK 35 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/js/vendor/all.js
IP 173.231.216.35:0
File type HTML document, ASCII text, with very long lines (26573), with CRLF line terminators
Hash e6db8ae4a1a0650d501423e6a68cdd88
3e14b9323ca4511c14e307200db904f89c57e241
aae29a78c97b36de9f858d4c7d5fd87a6dde24bc2adf1c115278bc28566ae938
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/9b17_prime/503assets/js/vendor/all.js HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Wed, 16 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Wed, 29 Nov 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 35101
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/9b-logo.png
173.231.216.35200 OK 6.8 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/9b-logo.png
IP 173.231.216.35:0
File type PNG image data, 219 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash 1133ac3257e337e0ec441ffdb150be29
2bdfb981f13dab286a61097e5b6890986983d518
847a705c73840c02ba33493922381be4d664d34e6680b3621fe5bc9f6388cc1b
GET /wp-content/themes/9b17_prime/503assets/img/9b-logo.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Fri, 14 Jul 2017 10:48:00 GMT
Accept-Ranges: bytes
Content-Length: 6795
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/about2.jpg
173.231.216.35200 OK 15 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/about2.jpg
IP 173.231.216.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=1753, bps=182, compression=LZW, orientation=upper-left, width=2479], baseline, precision 8, 260x253, components 3\012- data
Hash bf1b7c660c86aa787b9e683d13226607
4d4fb1876e20e8f60a247267de428d52ec4429b2
37c0da5099498e05537e9d10ba3e6d86b4527daf130eb5df1717e100b7d959b9
GET /wp-content/themes/9b17_prime/503assets/img/about2.jpg HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Tue, 18 Jul 2017 21:16:00 GMT
Accept-Ranges: bytes
Content-Length: 15186
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/about3.jpg
173.231.216.35200 OK 7.7 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/about3.jpg
IP 173.231.216.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2, software=Google], baseline, precision 8, 250x250, components 3\012- data
Hash 9a50b8a1ef14cdc4066da00427f49dbb
6ef87f4d12d81146f5852ab43335e666bc6186a9
3384d89ea37cf2a277b0dddfbd68ff5162804951f3a90d3a16a132c662949781
GET /wp-content/themes/9b17_prime/503assets/img/about3.jpg HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Tue, 18 Jul 2017 21:16:00 GMT
Accept-Ranges: bytes
Content-Length: 7654
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.9bravo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:33:54 GMT
expires: Thu, 23 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 523351
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15764, version 1.0\012- data
Hash 603b8950590bf833546eee7cbc79944a
ebbde06eb829868c5f689afe2d48377608be1e7b
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
GET /s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.9bravo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:56:55 GMT
expires: Thu, 23 Nov 2023 19:56:55 GMT
cache-control: public, max-age=31536000
age: 521970
last-modified: Wed, 11 May 2022 19:24:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.9bravo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:33:56 GMT
expires: Thu, 23 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 523349
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.9bravo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:15 GMT
expires: Thu, 23 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 523330
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.9bravo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:15 GMT
expires: Thu, 23 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 523330
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.9bravo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:01:24 GMT
expires: Wed, 29 Nov 2023 07:01:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 50101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service2.png
173.231.216.35200 OK 28 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service2.png
IP 173.231.216.35:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 91bc07028b6a5c3e04cc77d92bdd6e9b
9274c010006345e1b79ca41c793b50142d9c39ee
fc5d03cde22dc2ee2dd66d38f989c9815d880e862edea79d18e93ee48738e163
GET /wp-content/themes/9b17_prime/503assets/img/service2.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 12:38:00 GMT
Accept-Ranges: bytes
Content-Length: 28514
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service1.png
173.231.216.35200 OK 29 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service1.png
IP 173.231.216.35:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash b47e7008d614ec83a95f5d4b5ef9fbac
a1bf692f8e5dcb5d7b028cba5be400c4324ec425
7077d29c44a9bbf23b7613c3e9b6fc9e160456c87a07c79c82cbefceab549de6
GET /wp-content/themes/9b17_prime/503assets/img/service1.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 12:27:00 GMT
Accept-Ranges: bytes
Content-Length: 29377
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service4.png
173.231.216.35200 OK 28 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service4.png
IP 173.231.216.35:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash f318f5f6133cda648990bc9fca2d6f61
094789532dd31228bd8be46aaca4b060bae97817
dc3b3582d4d1ce4f3c2b6fa4fbd065fd46a41bd406210eb7271e798242e3e822
GET /wp-content/themes/9b17_prime/503assets/img/service4.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 12:40:00 GMT
Accept-Ranges: bytes
Content-Length: 27630
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/about1.jpg
173.231.216.35200 OK 38 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/about1.jpg
IP 173.231.216.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 250x250, components 3\012- data
Hash d5d7c0a450afa9068636299aa9c59b64
ffa9b6d930cc4c8c62e971dfc079692cc8f09e30
8c45d5cfb57d437eaa806e2009df3c877225c52aadf277642fed5227925e32a5
GET /wp-content/themes/9b17_prime/503assets/img/about1.jpg HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Tue, 18 Jul 2017 21:16:00 GMT
Accept-Ranges: bytes
Content-Length: 37995
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service3.png
173.231.216.35200 OK 26 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service3.png
IP 173.231.216.35:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 94de93386f1c0bb146dd2ed6c5240799
33b462de0402e5b353a4cd47f8f57b73a09b0a52
4b00c4c60b9f8146a5212431c9a091120f23df9557ac36eb51ec132ede326ca6
GET /wp-content/themes/9b17_prime/503assets/img/service3.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 12:38:00 GMT
Accept-Ranges: bytes
Content-Length: 25646
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service12.png
173.231.216.35200 OK 48 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service12.png
IP 173.231.216.35:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 387c804091611a200c6a8c6ec4f83ab7
9e865f86897854906f2dbc2f877f6eb27c800fc4
44001e1573c1ecf078e5689081f96ab3158c5d479c2d121f16d15b1b9be80512
GET /wp-content/themes/9b17_prime/503assets/img/service12.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 12:56:00 GMT
Accept-Ranges: bytes
Content-Length: 48199
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/linearicons/fonts/Linearicons-Free.woff2?w118d
173.231.216.35200 OK 22 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/linearicons/fonts/Linearicons-Free.woff2?w118d
IP 173.231.216.35:0
File type Web Open Font Format (Version 2), TrueType, length 21780, version 1.0\012- data
Hash 03e91f122aa5fd425abbe23c85546eb0
c87a3db06c5db4e75e639382f174eafa439aeb27
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/9b17_prime/503assets/fonts/linearicons/fonts/Linearicons-Free.woff2?w118d HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/linearicons/stylesheet.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Sat, 23 May 2015 04:00:00 GMT
Accept-Ranges: bytes
Content-Length: 21780
Cache-Control: max-age=10368000
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service8.png
173.231.216.35200 OK 32 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service8.png
IP 173.231.216.35:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 33d1ef7659d06fe41f9c94bc410e8035
c01e328aabd81f44baf6415a1fba58c66d8c2028
e5c4426eee2c4686a072a87871e71f76967fdbdae83b7a8fa951b2a01c96e1e2
GET /wp-content/themes/9b17_prime/503assets/img/service8.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 12:44:00 GMT
Accept-Ranges: bytes
Content-Length: 32063
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/ionicons.ttf?v=2.0.0
173.231.216.35200 OK 110 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/ionicons.ttf?v=2.0.0
IP 173.231.216.35:0
File type TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh\012- data
Size 110 kB (109798 bytes)
Hash 73c6e7313d7714f4e230dc47da7707f7
a54a278819b849cd82971983a5aa610cab849e3a
3afaf3316b92dd86dd713eebd4cc3ac94e671c4b37b6f114ce35e585cc0c4330
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/9b17_prime/503assets/fonts/ionicons.ttf?v=2.0.0 HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/wp-content/themes/9b17_prime/503assets/fonts/ionicons.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Sat, 03 Jan 2015 05:00:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: font/ttf
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/days.jpg
173.231.216.35200 OK 17 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/days.jpg
IP 173.231.216.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 224x224, components 3\012- data
Hash 4637e54c2c23505e89ea183d8d6c7546
275a9ce6699e437d192ce7910623ebd074990865
4c3275df2189ff99e255164f761246668a8cc7f6b873ff9107b976d529b3076b
GET /wp-content/themes/9b17_prime/503assets/img/days.jpg HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Fri, 14 Jul 2017 11:44:00 GMT
Accept-Ranges: bytes
Content-Length: 16872
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/about4.jpg
173.231.216.35200 OK 8.5 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/about4.jpg
IP 173.231.216.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 250x250, components 3\012- data
Hash eab3c44b0d88c1df45f029fd5d41a2dd
8cb8d61f8c4f6c87b0a5915109627bfc80515239
8e95bd8bd7aea4e749ec3946884ab7ad3d6a01b54457b246d441168391a02807
GET /wp-content/themes/9b17_prime/503assets/img/about4.jpg HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Tue, 18 Jul 2017 21:16:00 GMT
Accept-Ranges: bytes
Content-Length: 8507
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service6.png
173.231.216.35200 OK 32 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service6.png
IP 173.231.216.35:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash f3cdfdb427341b1ac1324217af3f95fd
00cb18d152e991445833ca354af147e9cd5a57e2
0564d4667e81ed0c4c9aca513631cd20e616045ac80f6666c8010494d9fc1563
GET /wp-content/themes/9b17_prime/503assets/img/service6.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 12:44:00 GMT
Accept-Ranges: bytes
Content-Length: 32365
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service9.png
173.231.216.35200 OK 76 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service9.png
IP 173.231.216.35:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f0d5622a28f893f217653d4412d0453
e190ea5c3c56a65d86577f90059752d9f28bb19f
85020830984fe152b5dae4620d7ac7ee726023f18b3a6fdd7027d1e865876d31
GET /wp-content/themes/9b17_prime/503assets/img/service9.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 12:45:00 GMT
Accept-Ranges: bytes
Content-Length: 76250
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service10.png
173.231.216.35200 OK 68 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/503assets/img/service10.png
IP 173.231.216.35:0
File type PNG image data, 250 x 250, 16-bit/color RGBA, non-interlaced\012- data
Hash 22ce4226fc0a57072e707f2d6a5e3518
1677195395c86747fda97ec1ec924f27c55193a1
caacb8bf5773bc4f1746a62d61f45f14697dc01af269f1c1928f9668525f6598
GET /wp-content/themes/9b17_prime/503assets/img/service10.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:25 GMT
Server: Apache
Last-Modified: Mon, 17 Jul 2017 12:54:00 GMT
Accept-Ranges: bytes
Content-Length: 68412
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:25 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 20:46:55 GMT
expires: Tue, 29 Nov 2022 22:46:55 GMT
cache-control: public, max-age=7200
age: 571
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.9bravo.com/wp-content/themes/9b17_prime/favicon-196x196.png
173.231.216.35200 OK 28 kB URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/favicon-196x196.png
IP 173.231.216.35:0
File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a53159f8e96e59a45aa5c0203bf8ee5
dabc9a18d50b7680057dd1f700d5a27b4d368635
b61ad4c2e020fe851c367a49821c631345bd9b8e4225ee1b15f5d604b5556f8c
GET /wp-content/themes/9b17_prime/favicon-196x196.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:26 GMT
Server: Apache
Last-Modified: Tue, 18 Jul 2017 14:36:00 GMT
Accept-Ranges: bytes
Content-Length: 27845
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:26 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.9bravo.com/wp-content/themes/9b17_prime/favicon.png
173.231.216.35200 OK 657 B URL HTTP/1.1 www.9bravo.com/wp-content/themes/9b17_prime/favicon.png
IP 173.231.216.35:0
File type PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Hash 250b33e11ef45bb6b2f7c2c4355e11b2
2e951876f2c384c7b3c291ce226041f0f424912b
ed0d4ffad54b11683ebc749d475fe273d13eda29951d756b8ac6310a0cfb4043
GET /wp-content/themes/9b17_prime/favicon.png HTTP/1.1
Host: www.9bravo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/newsupdates/won-the-bid-for-the-dcsi-web-project.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 20:56:26 GMT
Server: Apache
Last-Modified: Sat, 15 Jul 2017 16:52:00 GMT
Accept-Ranges: bytes
Content-Length: 657
Cache-Control: max-age=10368000, public
Expires: Wed, 29 Mar 2023 20:56:26 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.youtube.com/s/player/e87a69df/www-widgetapi.vflset/www-widgetapi.js
216.58.211.14200 OK 54 kB URL HTTP/2 www.youtube.com/s/player/e87a69df/www-widgetapi.vflset/www-widgetapi.js
IP 216.58.211.14:0
File type ASCII text, with very long lines (817)
Hash 039718b40de8675ac384c9e2bee94c37
61f7a0eed9d7c5e7bfd5bdb74c242a95ec335adb
a0485e1a1f351dcb03208cc5f5fe21779b433d5522cb4b2dd907ab41df336406
GET /s/player/e87a69df/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 54004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:12:16 GMT
expires: Tue, 28 Nov 2023 23:12:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 01:19:33 GMT
content-type: text/javascript
age: 78250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2369
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:56:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2369
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:56:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2369
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:56:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2369
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:56:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2369
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:56:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:55:32 GMT
age: 64854
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 64509
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:05:38 GMT
age: 60648
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:21 GMT
age: 57845
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a6e5f60b87d3879606a6707feb37a73
373c96c2e0006d70954d4b4ebd850f62f558e92c
1ae48f692f44d357e21eec708b46f22c36a3de21be8d0f1c2035d197e0aa89de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9546
x-amzn-requestid: 60e352b5-ab38-4975-bf26-500f0a639a2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFfulExwIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637edff6-1364912f7fd292da6453a83e;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 03:07:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qtRAIXoswvTgNWZzaQE1WHZQXoJRtK9nKpusFtXH3pDRHH_DZtsLFw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 11:46:43 GMT
age: 32983
etag: "373c96c2e0006d70954d4b4ebd850f62f558e92c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 83178
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30462b52571c91f089bed4de98462a46
7e2b322ea5b8f97b2fa76751bcffe2a420f872eb
c5403dfefa9d043ac501963ff09a6d3d70e21f6e6a1b9728183a3490060a4bfc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 20:51:04 GMT
expires: Tue, 29 Nov 2022 21:06:04 GMT
cache-control: public, max-age=900
age: 323
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 29 Nov 2022 20:56:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 29 Nov 2022 20:56:27 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30462b52571c91f089bed4de98462a46
7e2b322ea5b8f97b2fa76751bcffe2a420f872eb
c5403dfefa9d043ac501963ff09a6d3d70e21f6e6a1b9728183a3490060a4bfc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 29a67b997a42e72c09459f8d1dd487ab
1514755e7a573170dd708045ff25ae30af1b7e2a
f5687c43bdc8c80212788ca9ea857c772d3ebb852ba51644b9cb1e9db016f3b3
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 29 Nov 2022 20:56:27 GMT
server: ESF
cache-control: private
content-length: 30954
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36106)
Hash 7fc7e22ecccb0cfd0ae897bb40a58efe
5d46470a711120793c362235105836fe49e699a4
1907005cab41fbd6d1d67df3b25586f3232e053a261c9e2b2503459f4980b1c5
GET /js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14302
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 10:09:03 GMT
expires: Mon, 27 Nov 2023 10:09:03 GMT
cache-control: public, max-age=31536000
age: 211644
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 998e0b25e77b8c23e52ea918d3fc2a29
0f684f95e3c60ef17ff082bfda21de480eff9fb4
360e9b02287b38174bb5bfb64862d049d9e4f998ef8aba036a1bc97bbf30d606
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/Kf4GkHsRB2w/maxresdefault.webp
216.58.207.246200 OK 472 B URL HTTP/2 i.ytimg.com/vi_webp/Kf4GkHsRB2w/maxresdefault.webp
IP 216.58.207.246:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
GET /vi_webp/Kf4GkHsRB2w/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 177260
date: Tue, 29 Nov 2022 20:56:27 GMT
expires: Tue, 29 Nov 2022 22:56:27 GMT
cache-control: public, max-age=7200
etag: "1451398677"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 998e0b25e77b8c23e52ea918d3fc2a29
0f684f95e3c60ef17ff082bfda21de480eff9fb4
360e9b02287b38174bb5bfb64862d049d9e4f998ef8aba036a1bc97bbf30d606
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu9K6ZPbSPPf8F8zkiqi1Ccvr3ciRQUBXihzD5V-3Q=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9K6ZPbSPPf8F8zkiqi1Ccvr3ciRQUBXihzD5V-3Q=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 1133068da91c035633a77dd7c1cb4d4f
1eaffb35fecb75990154d2aa115bbec54adcd2a8
003598934298f536ef892ddf3b5e979d448ab9709688230d6012310241e10556
GET /ytc/AMLnZu9K6ZPbSPPf8F8zkiqi1Ccvr3ciRQUBXihzD5V-3Q=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v307b"
expires: Wed, 30 Nov 2022 20:56:27 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 20:56:27 GMT
server: fife
content-length: 4142
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 29 Nov 2022 20:56:27 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5963421c2fb22cf58ce36edd42c0c844
ce17d5a54069562f4456f6d89164761610c0e0c8
b1cf735279e3fad8bd3b12a50b2a357240cfe40a38b9b12566901f22a2af95da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5963421c2fb22cf58ce36edd42c0c844
ce17d5a54069562f4456f6d89164761610c0e0c8
b1cf735279e3fad8bd3b12a50b2a357240cfe40a38b9b12566901f22a2af95da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&mh=Ak&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1435000&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&mt=1669755178&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgVhvsedfzN59ccM8TJmadqYgKFVFq-2BjCYmSaDSwnRkCIQCjYiwSB3xkNiEIX9oJJyUkcHvg-ENJb8vuEna1ObwurA%3D%3D&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&range=0-964&rn=1&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
91.90.45.172200 OK 1.2 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&mh=Ak&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1435000&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&mt=1669755178&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgVhvsedfzN59ccM8TJmadqYgKFVFq-2BjCYmSaDSwnRkCIQCjYiwSB3xkNiEIX9oJJyUkcHvg-ENJb8vuEna1ObwurA%3D%3D&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&range=0-964&rn=1&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1245), with no line terminators
Hash b8e7bf8992895476ac074e27e4e6e218
17748cbbaf831fda126b2d97b4b6f7c89020ed0b
df0c58b051b8bb80bd07047d55f3080f883ea41b966f1406c3bf014288ddad41
GET /videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&mh=Ak&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1435000&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&mt=1669755178&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgVhvsedfzN59ccM8TJmadqYgKFVFq-2BjCYmSaDSwnRkCIQCjYiwSB3xkNiEIX9oJJyUkcHvg-ENJb8vuEna1ObwurA%3D%3D&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&range=0-964&rn=1&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 29 Nov 2022 20:56:28 GMT
Expires: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1245
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&mh=Ak&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1435000&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&mt=1669755178&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgSAdEcTXn6YeamBKi1UJ3Md6razFPobdiB9y4nMd0GCECIA2ZcvybF46GKmFdqw2RrnMlb8gBueLB5j466xeG7fCe&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&range=0-659&rn=2&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
91.90.45.172200 OK 1.1 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&mh=Ak&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1435000&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&mt=1669755178&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgSAdEcTXn6YeamBKi1UJ3Md6razFPobdiB9y4nMd0GCECIA2ZcvybF46GKmFdqw2RrnMlb8gBueLB5j466xeG7fCe&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&range=0-659&rn=2&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1147), with no line terminators
Hash 9ecdc2c0bc1b64f19fdd8e71b81e788c
bc03339ab5c9213e6d52abd7e967ea79f1e06e1b
3920a0b681e4e3e7b13540d037d77fc6e48f2857a2e2d937d4ca5c9adc3e7a72
GET /videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&mh=Ak&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1435000&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&mt=1669755178&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgSAdEcTXn6YeamBKi1UJ3Md6razFPobdiB9y4nMd0GCECIA2ZcvybF46GKmFdqw2RrnMlb8gBueLB5j466xeG7fCe&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&range=0-659&rn=2&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 29 Nov 2022 20:56:28 GMT
Expires: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1147
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5963421c2fb22cf58ce36edd42c0c844
ce17d5a54069562f4456f6d89164761610c0e0c8
b1cf735279e3fad8bd3b12a50b2a357240cfe40a38b9b12566901f22a2af95da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7920bd608ec251585e77e5ded8e11223
3094cf128a2d0d5a3a8015f2fea7d200589626b4
b49408791d6349d58b9d41585668a76c6411bb92ae62982538e74eb19844ab46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7920bd608ec251585e77e5ded8e11223
3094cf128a2d0d5a3a8015f2fea7d200589626b4
b49408791d6349d58b9d41585668a76c6411bb92ae62982538e74eb19844ab46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ak&mm=29&mn=sn-5goeenes&ms=rdu&mt=1669755180&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgF_h-JMObpVTJC0lNbhpeu1FM5Z7RPChF8t3PjBrHTwACIALjN9rxy1sm7INRlAjhQPB_e2sNwP7EpjFzc9M_1VR3&range=0-659&rn=4&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
74.125.108.233200 OK 1.2 kB URL HTTP/1.1 rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ak&mm=29&mn=sn-5goeenes&ms=rdu&mt=1669755180&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgF_h-JMObpVTJC0lNbhpeu1FM5Z7RPChF8t3PjBrHTwACIALjN9rxy1sm7INRlAjhQPB_e2sNwP7EpjFzc9M_1VR3&range=0-659&rn=4&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
IP 74.125.108.233:0
File type ASCII text, with very long lines (1166), with no line terminators
Hash 5931341708f5d3856642bf7a21683849
f58ac642fb47193ba63ba3d626813c460589952c
058c5441cd75d7cd650d0d53002b3f0129d042cb2f94c1665b3acb1ac815b11f
GET /videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ak&mm=29&mn=sn-5goeenes&ms=rdu&mt=1669755180&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgF_h-JMObpVTJC0lNbhpeu1FM5Z7RPChF8t3PjBrHTwACIALjN9rxy1sm7INRlAjhQPB_e2sNwP7EpjFzc9M_1VR3&range=0-659&rn=4&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU= HTTP/1.1
Host: rr4---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 29 Nov 2022 20:56:28 GMT
Expires: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1166
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ak&mm=29&mn=sn-5goeenes&ms=rdu&mt=1669755180&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgDaFb4nMoJPo2n1Sr5QLhBR97IGCCvdqVQENPl-OsG7QCIBPLfqs1C0qWRW7eCivwsxW_zhVdaHkVYWR-tp_cZCJn&range=0-964&rn=3&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
74.125.108.233200 OK 1.3 kB URL HTTP/1.1 rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ak&mm=29&mn=sn-5goeenes&ms=rdu&mt=1669755180&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgDaFb4nMoJPo2n1Sr5QLhBR97IGCCvdqVQENPl-OsG7QCIBPLfqs1C0qWRW7eCivwsxW_zhVdaHkVYWR-tp_cZCJn&range=0-964&rn=3&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
IP 74.125.108.233:0
File type ASCII text, with very long lines (1264), with no line terminators
Hash 7585833003ec1b8a60d579db4e6481f2
ecf201dd8981265d3f2c00b04aa8b3d487ebab20
994496cf612c0d40f3568c0219417be222bd4c42eb015867414519db6b83266f
GET /videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ak&mm=29&mn=sn-5goeenes&ms=rdu&mt=1669755180&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgDaFb4nMoJPo2n1Sr5QLhBR97IGCCvdqVQENPl-OsG7QCIBPLfqs1C0qWRW7eCivwsxW_zhVdaHkVYWR-tp_cZCJn&range=0-964&rn=3&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU= HTTP/1.1
Host: rr4---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 29 Nov 2022 20:56:28 GMT
Expires: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1264
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7920bd608ec251585e77e5ded8e11223
3094cf128a2d0d5a3a8015f2fea7d200589626b4
b49408791d6349d58b9d41585668a76c6411bb92ae62982538e74eb19844ab46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ak&mm=29&mn=sn-5goeenes&ms=rdu&mt=1669755180&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANnFZO-phmvb_htkx93opagH83Cte6XReDCgsPV638k_AiBzRPu6-ajETQyfuKlrNli3uxCY8eyI5HAuMwn1tR3x3g%3D%3D&range=0-964&rn=7&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
74.125.108.233200 OK 1.3 kB URL HTTP/1.1 rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ak&mm=29&mn=sn-5goeenes&ms=rdu&mt=1669755180&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANnFZO-phmvb_htkx93opagH83Cte6XReDCgsPV638k_AiBzRPu6-ajETQyfuKlrNli3uxCY8eyI5HAuMwn1tR3x3g%3D%3D&range=0-964&rn=7&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
IP 74.125.108.233:0
File type ASCII text, with very long lines (1264), with no line terminators
Hash 0997133729a8d31505401cec476e5ea2
0dc208a0eb0bb82967fccef7af37e4c5411897ea
4eb088c194888023f9c3f68794edca45836a78d1dd3e5d6faec092228892f900
GET /videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ak&mm=29&mn=sn-5goeenes&ms=rdu&mt=1669755180&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANnFZO-phmvb_htkx93opagH83Cte6XReDCgsPV638k_AiBzRPu6-ajETQyfuKlrNli3uxCY8eyI5HAuMwn1tR3x3g%3D%3D&range=0-964&rn=7&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU= HTTP/1.1
Host: rr4---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 29 Nov 2022 20:56:28 GMT
Expires: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1264
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-5hne6nsd.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ak&mm=34&mn=sn-5hne6nsd&ms=ltu&mt=1669755159&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNtkhA2jZA2M8gAqmCCg2CPTP3JXoutNnMj45f9oX5UICIQCGCClL7IbO0U-3pTN-otPAtubtqN2rWUBvd1ooshg9DA%3D%3D&range=0-659&rn=5&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
172.217.132.6200 OK 660 B URL HTTP/1.1 rr1---sn-5hne6nsd.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ak&mm=34&mn=sn-5hne6nsd&ms=ltu&mt=1669755159&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNtkhA2jZA2M8gAqmCCg2CPTP3JXoutNnMj45f9oX5UICIQCGCClL7IbO0U-3pTN-otPAtubtqN2rWUBvd1ooshg9DA%3D%3D&range=0-659&rn=5&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
IP 172.217.132.6:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 77accc9930cde9847b728dbe5ec030f8
e0d3c8004af5ba34bf17b4fcf7203f4e13098f64
0bc99f77291d0ef89b753a7403dea212e7746528acbf06eed8cd78b8c50e0992
GET /videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ak&mm=34&mn=sn-5hne6nsd&ms=ltu&mt=1669755159&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNtkhA2jZA2M8gAqmCCg2CPTP3JXoutNnMj45f9oX5UICIQCGCClL7IbO0U-3pTN-otPAtubtqN2rWUBvd1ooshg9DA%3D%3D&range=0-659&rn=5&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU= HTTP/1.1
Host: rr1---sn-5hne6nsd.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 02 Sep 2016 16:24:30 GMT
Content-Type: audio/webm
Date: Tue, 29 Nov 2022 20:56:28 GMT
Expires: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 660
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-5hne6nsd.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ak&mm=34&mn=sn-5hne6nsd&ms=ltu&mt=1669755159&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALXC_qdzBmUmDFQ4U7Tqn3RE8Kdz2Iu5mtwmdh4bNgrTAiB77mQpKb_OaEru44ecn0snYPUNg6lD4spgVZ_B7FNZwg%3D%3D&range=0-964&rn=8&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
172.217.132.6200 OK 965 B URL HTTP/1.1 rr1---sn-5hne6nsd.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ak&mm=34&mn=sn-5hne6nsd&ms=ltu&mt=1669755159&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALXC_qdzBmUmDFQ4U7Tqn3RE8Kdz2Iu5mtwmdh4bNgrTAiB77mQpKb_OaEru44ecn0snYPUNg6lD4spgVZ_B7FNZwg%3D%3D&range=0-964&rn=8&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
IP 172.217.132.6:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash d04ad9c196165f68b7cb797587169c7c
3f3d0c01e6f6f8d0d86d3f0625f5cebd60ec3be5
56212395bca4438160154eeb4c6904afed717dda72eb0e34d7a7acb5a3af166e
GET /videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=video%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=10261615&dur=227.928&lmt=1472836207463499&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRgIhAL6pIhAOLYpYDmmqTtLsN4vbasMdn2EhBZJDGKosnVCxAiEA-GmXUTVhNZlL5vOaLUdcAqWhxsiTdUMKTzzPzrhWt3A%3D&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ak&mm=34&mn=sn-5hne6nsd&ms=ltu&mt=1669755159&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALXC_qdzBmUmDFQ4U7Tqn3RE8Kdz2Iu5mtwmdh4bNgrTAiB77mQpKb_OaEru44ecn0snYPUNg6lD4spgVZ_B7FNZwg%3D%3D&range=0-964&rn=8&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU= HTTP/1.1
Host: rr1---sn-5hne6nsd.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 02 Sep 2016 17:10:07 GMT
Content-Type: video/webm
Date: Tue, 29 Nov 2022 20:56:28 GMT
Expires: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 965
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-5hne6nsd.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ak&mm=34&mn=sn-5hne6nsd&ms=ltu&mt=1669755159&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNtkhA2jZA2M8gAqmCCg2CPTP3JXoutNnMj45f9oX5UICIQCGCClL7IbO0U-3pTN-otPAtubtqN2rWUBvd1ooshg9DA%3D%3D&range=660-66195&rn=9&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
172.217.132.6200 OK 66 kB URL HTTP/1.1 rr1---sn-5hne6nsd.googlevideo.com/videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ak&mm=34&mn=sn-5hne6nsd&ms=ltu&mt=1669755159&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNtkhA2jZA2M8gAqmCCg2CPTP3JXoutNnMj45f9oX5UICIQCGCClL7IbO0U-3pTN-otPAtubtqN2rWUBvd1ooshg9DA%3D%3D&range=660-66195&rn=9&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU=
IP 172.217.132.6:0
Hash 80076f5b0c44cd96239792f7527b5a60
1753e51090a27b11c67fee973ce4c9618b3a1c52
d228367c52799215ff44b24b9a91f9106e2a386459c62357da1809661e0a87c0
GET /videoplayback?expire=1669776988&ei=_HGGY8niC_GUv_IPoKOjQA&ip=91.90.42.154&id=o-ALMbh8EGs9mna0kmTqix49n4hJcS0nBswdUEvLpAfCDC&itag=251&source=youtube&requiressl=yes&spc=SFxXNv8sUVG1vcdZvYUSjznsnXE7f84&vprv=1&mime=audio%2Fwebm&ns=nvK2LrRLTeoKmrQN_m4tAUEJ&gir=yes&clen=3554756&dur=227.961&lmt=1472833470766246&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=yvCz_A-cVMm0lw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgbJKP7hME7iKCXVeKqLRBIcvJSUJXAFfrVZSoL_1nTZUCIAIZPQ_xpo4JHHbdLvzWokmVt-kvaOFqhYi0pi0XGr4U&cpn=JXoTdnoWdl7aEv88&cver=1.20221127.00.00&cm2rm=sn-capm-vnae7e,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ak&mm=34&mn=sn-5hne6nsd&ms=ltu&mt=1669755159&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNtkhA2jZA2M8gAqmCCg2CPTP3JXoutNnMj45f9oX5UICIQCGCClL7IbO0U-3pTN-otPAtubtqN2rWUBvd1ooshg9DA%3D%3D&range=660-66195&rn=9&rbuf=0&pot=D01ok2qVwJBiTVPGLF8Vb_ZUrFnCMow6D6vcS0PB5eSKdCIbHTx9XZIKHNDy7J15Ri9g3RN8ABtxTaD2_8QAmjLYo97kzkmAh7pJX6NWjElX36AOdo_3AC-FHOPgELkvMSCkas5C6jU= HTTP/1.1
Host: rr1---sn-5hne6nsd.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 02 Sep 2016 16:24:30 GMT
Content-Type: audio/webm
Date: Tue, 29 Nov 2022 20:56:28 GMT
Expires: Tue, 29 Nov 2022 20:56:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 65536
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
fonts.googleapis.com/css?family=Raleway:200,300,400,500,600|Roboto:100,300,400,400i,500,700,900
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:200,300,400,500,600|Roboto:100,300,400,400i,500,700,900
IP 142.250.74.106:0
GET /css?family=Raleway:200,300,400,500,600|Roboto:100,300,400,400i,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 20:56:24 GMT
date: Tue, 29 Nov 2022 20:56:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/iframe_api?v=2.9.7&_=1669755384583
216.58.211.14200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api?v=2.9.7&_=1669755384583
IP 216.58.211.14:0
GET /iframe_api?v=2.9.7&_=1669755384583 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.9bravo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 29 Nov 2022 20:56:26 GMT
date: Tue, 29 Nov 2022 20:56:26 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=j7H5D60FE_8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=iDywtsg3EOM; Domain=.youtube.com; Expires=Sun, 28-May-2023 20:56:26 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+189; expires=Thu, 28-Nov-2024 20:56:26 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2