| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2405562765b49b2782ebd2e2994851d5 be7ac8e558f7875bb1fb86ab5ec674424a5ff269 422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2742
Expires: Fri, 27 Jan 2023 19:50:33 GMT
Date: Fri, 27 Jan 2023 19:04:51 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash9fbe85f42e8ae8ae41cc12df5f98b141 949fa36ff0f22f72565fd584bef094dd4de23037 184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3268
Expires: Fri, 27 Jan 2023 19:59:19 GMT
Date: Fri, 27 Jan 2023 19:04:51 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash49049f3c92aad686cd7ff28ecd2a5a4f 9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57 02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6513
Expires: Fri, 27 Jan 2023 20:53:24 GMT
Date: Fri, 27 Jan 2023 19:04:51 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 18:35:23 GMT
content-type: application/json
age: 1768
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: p7AkG56rHJCZXgLAf+/RkjrmX+bQauV1oTD5mpjGTV8Ma/djSJiGIIkbR5L6nF/m9KEAGCSuuiA=
x-amz-request-id: T7NK15KG78PKQGA6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 18:49:31 GMT
age: 920
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 19:04:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 18:41:40 GMT
age: 1391
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8566
Expires: Fri, 27 Jan 2023 21:27:38 GMT
Date: Fri, 27 Jan 2023 19:04:52 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 54.185.236.64 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.185.236.64:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LNAcHWMlCwR8KfdqWK1+YQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HKmpONPEBEnuCiX1OWZxFKa1e28=
|
|
| fonts.googleapis.com/css?family=Poppins::200,300,400,500,600,700,400italic,700italic | 142.250.74.138 | 200 OK | 598 B |
URL HTTP/1.1fonts.googleapis.com/css?family=Poppins::200,300,400,500,600,700,400italic,700italic IP142.250.74.138:0
Hash66add8caa1e3062e0795fd34deffba43 e30a1ee6b72e840755a0a8f361bccb1735b334a6 7efe151c9d10b7cc635f27c1a452403d52fdcedad12ad06796372a599ef903f6
GET /css?family=Poppins::200,300,400,500,600,700,400italic,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 27 Jan 2023 19:04:52 GMT
Date: Fri, 27 Jan 2023 19:04:52 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| bandofkiwis.com/wp-content/plugins/mailchimp//css/flick/flick.css?ver=6.0.1 | 74.220.219.177 | 200 OK | 5.0 kB |
URL HTTP/1.1bandofkiwis.com/wp-content/plugins/mailchimp//css/flick/flick.css?ver=6.0.1 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (1422) Hash3f45b4a41c10bae514018ed23d308584 3f5b1e9f6c69a0a0578af76556e892434071e923 7b284d16b1c576ae99b9132399a40fb7fd900262293acdcfa3b002a65c57f9b5
GET /wp-content/plugins/mailchimp//css/flick/flick.css?ver=6.0.1 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 20 Dec 2021 17:13:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4966
Keep-Alive: timeout=5, max=75
Content-Type: text/css
|
|
| bandofkiwis.com/ | 74.220.219.177 | 200 OK | 53 kB |
IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document, ASCII text, with very long lines (29016) Hash08520404253a8cd1a8a1d7d8686a40f7 a2d0691e1cd5f8de72de1f123e3ec8a95f5262cb ce949b885b4827a35fe04483a79bb4d7370d72a8e18cb3cb15b43f14fb958447
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Suspicious JS code | fortinet | Malware | |
GET / HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:51 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| bandofkiwis.com/wp-content/themes/scapeshot-music/style.css?ver=20220213-210343 | 74.220.219.177 | 200 OK | 4.2 kB |
URL HTTP/1.1bandofkiwis.com/wp-content/themes/scapeshot-music/style.css?ver=20220213-210343 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeassembler source, ASCII text, with very long lines (1437) Hash6674bf861f8b8ad252c5a567b06a12a7 f247dd28a7cf1370512d2830b9dbbd2b52f860b4 7d4e8a5e7cb474a49bf9cdc9542ef6d4e98bb0e7e2828fd887d6ce11f713d12e
GET /wp-content/themes/scapeshot-music/style.css?ver=20220213-210343 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 13 Feb 2022 21:03:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4222
Keep-Alive: timeout=5, max=75
Content-Type: text/css
|
|
| bandofkiwis.com/wp-content/themes/scapeshot/assets/css/blocks.css?ver=1.0 | 74.220.219.177 | 200 OK | 3.9 kB |
URL HTTP/1.1bandofkiwis.com/wp-content/themes/scapeshot/assets/css/blocks.css?ver=1.0 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
Hash9b9129cfda8be6c0d001dbacdef2ab32 7feb630d1b3e6d9d9797c3a3b088dbc22df62279 56dfb347ae1b50b98901299c39e223c07d0a3660b015f8b3b481f2915e5ca74e
GET /wp-content/themes/scapeshot/assets/css/blocks.css?ver=1.0 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:52 GMT
Server: Apache
Last-Modified: Sun, 13 Feb 2022 21:03:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3927
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
|
|
| bandofkiwis.com/wp-content/themes/scapeshot-music/assets/css/child-blocks.css?ver=20220213-210343 | 74.220.219.177 | 200 OK | 265 B |
URL HTTP/1.1bandofkiwis.com/wp-content/themes/scapeshot-music/assets/css/child-blocks.css?ver=20220213-210343 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
Hashcee3c520a58e6426837b04fe83b1c7d3 cff6821e9144075e146f0ab31e44c6d815e9003c 5e39ae07e89cba3044520d39b484f91bdbfdf10556fd8479c4bdb4579ebc3c35
GET /wp-content/themes/scapeshot-music/assets/css/child-blocks.css?ver=20220213-210343 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:52 GMT
Server: Apache
Last-Modified: Sun, 13 Feb 2022 21:03:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 265
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
|
|
| bandofkiwis.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 | 74.220.219.177 | 200 OK | 17 kB |
URL HTTP/1.1bandofkiwis.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (43771) Hash2a67a4888baa44de739f3fe56203ce07 da175eae57f26b655747d79f055477e3fee1abb9 3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 13 Jul 2022 02:50:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 16594
Keep-Alive: timeout=5, max=75
Content-Type: text/css
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashcd54aa9f8ec8f90785ec6a3cf1d44e52 900ad7c2c82e55e9b09b5fdc42655f21d3925876 81c73997d9b0db3c837b8b7c6ac0e013b86942b6908c68c0cdc917d995e2527e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81C73997D9B0DB3C837B8B7C6AC0E013B86942B6908C68C0CDC917D995E2527E"
Last-Modified: Fri, 27 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 28 Jan 2023 01:04:53 GMT
Date: Fri, 27 Jan 2023 19:04:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash51e1bc80b0fd722dc34c4db595351548 1a21dd0ee5dc3402ad0fbfece867990209a06e63 50b03329842b33c4360249e8b168509d35cfe587181c69fa5514dbf181d8d808
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50B03329842B33C4360249E8B168509D35CFE587181C69FA5514DBF181D8D808"
Last-Modified: Thu, 26 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 28 Jan 2023 01:04:53 GMT
Date: Fri, 27 Jan 2023 19:04:53 GMT
Connection: keep-alive
|
|
| bandofkiwis.com/wp-content/plugins/mailchimp//js/scrollTo.js?ver=1.5.7 | 74.220.219.177 | 200 OK | 1.3 kB |
URL HTTP/1.1bandofkiwis.com/wp-content/plugins/mailchimp//js/scrollTo.js?ver=1.5.7 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (1927), with CRLF line terminators Hash5c97cf28e145a7425921542e8ee337fa 8c37c0541f3487c8e23575a54ed1409fd50fc3e7 a98dd4318ffc8e750f811a70e903479b4465044ddb644885b2b9e4693ce8fb55
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/mailchimp//js/scrollTo.js?ver=1.5.7 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Mon, 20 Dec 2021 17:13:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1250
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 | 74.220.219.177 | 200 OK | 4.6 kB |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (11126) Hashacdb97105af28a7066790c6748ae2e1e 65794d2c5a9d04f747faf370bc8bacd330e69e5a dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 10 Nov 2021 01:12:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4618
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-content/themes/scapeshot/style.css?ver=20220213-210343 | 74.220.219.177 | 200 OK | 91 kB |
URL HTTP/1.1bandofkiwis.com/wp-content/themes/scapeshot/style.css?ver=20220213-210343 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeUnicode text, UTF-8 text, with very long lines (1284) Hash3f5fab2765539561407dff0419e134cb f67178f2b0f9f0ae2d89a8522b94cb496ea619b1 a5b4b82eed9097d3b21335b0b29915daf4a6cb38521d50cc33cf440ae34f873a
GET /wp-content/themes/scapeshot/style.css?ver=20220213-210343 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 13 Feb 2022 21:03:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
|
|
| bandofkiwis.com/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 | 74.220.219.177 | 200 OK | 7.0 kB |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (16109), with no line terminators Hashcf3abf6304938d8ccb59ad3a0bd04497 861c89753470fdea7aec9ab0457af1031573fd53 099555bd66a99bfc3c7dcff3b8d6556cac80b22bf010c1e6b88fce090e7d0fc3
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 02:25:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 6957
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 | 74.220.219.177 | 200 OK | 39 kB |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (65447) Hashfeb933ceca72e1d76b471ed9db278b0d 6179e8f9c9876a6c4df5e3138e9f8ee2ac25bcd1 9a525fa92f98fd5ac754d60ea6f3676bcaa3870dd9bf057c8c668399922c9bd0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 10 Nov 2021 01:12:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-content/plugins/mailchimp//js/mailchimp.js?ver=1.5.7 | 74.220.219.177 | 200 OK | 509 B |
URL HTTP/1.1bandofkiwis.com/wp-content/plugins/mailchimp//js/mailchimp.js?ver=1.5.7 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
Hash80d1e523ea70b9ae6bb8e458e9cc6b9f a6bf67ca3384aa25d08832780db2ef9fda2131dd 4483c4b0b500d23531064bc0b17af2d007fc0e21b8bf95c08b6af8650efe8dd8
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/mailchimp//js/mailchimp.js?ver=1.5.7 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Mon, 20 Dec 2021 17:13:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 509
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 | 74.220.219.177 | 200 OK | 8.2 kB |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeUnicode text, UTF-8 text, with very long lines (8189) Hasha0a1c8194f131320e1798f90a7b1262a 3346d35be1f2e4886f19e7fcc0cc96ee4753d9ed 7f618ab13cec0933ec2c61fa2b580ad77ca41522028649677494219fa9ce56db
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 02:25:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 8169
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-content/plugins/mailchimp//js/datepicker.js?ver=6.0.1 | 74.220.219.177 | 200 OK | 27 kB |
URL HTTP/1.1bandofkiwis.com/wp-content/plugins/mailchimp//js/datepicker.js?ver=6.0.1 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
Hasha36a83136d96e9d4cfcafb9cf9adf389 c9308a7567d81476741c7b984c6cd2eabe063a3b 91f3436a4df45e4175b66cbb6d5252942a9b82307e3d27f6460cf546c9294735
GET /wp-content/plugins/mailchimp//js/datepicker.js?ver=6.0.1 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Mon, 20 Dec 2021 17:13:15 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 | 74.220.219.177 | 200 OK | 5.3 kB |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (15660) Hash710f8b142ea44c0682dc2c30f318f065 49144e9b3a76d3d383b1d4359cf7a25e947f4233 708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 02:25:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 5321
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashbd56ce22720c6e6072efdabae64669fd 29194390d12177fe0d88e1bd2fb4436509366a1c c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12539
Expires: Fri, 27 Jan 2023 22:33:52 GMT
Date: Fri, 27 Jan 2023 19:04:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashbd56ce22720c6e6072efdabae64669fd 29194390d12177fe0d88e1bd2fb4436509366a1c c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12539
Expires: Fri, 27 Jan 2023 22:33:52 GMT
Date: Fri, 27 Jan 2023 19:04:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashbd56ce22720c6e6072efdabae64669fd 29194390d12177fe0d88e1bd2fb4436509366a1c c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12539
Expires: Fri, 27 Jan 2023 22:33:52 GMT
Date: Fri, 27 Jan 2023 19:04:53 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf62e9b7bdca82d18c945851912d8fea8 a7ca44d337c43bc5c6145b26778661c71cc50484 5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 76505
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb7a0759c043594fbe85af422b59b8227 a05cfaad16078f42218dae233da38f6f5dff8487 e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 18:36:01 GMT
age: 1732
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash869cdfba2637cc932ce387317a3c485e 51d87a5223d87c959bf27b2a825dce0a28f52ada 6dc4247dd3110836195f9962463bd8265be89633e9e589bf19955991751c26fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5669
x-amzn-requestid: 17f6235c-d495-4813-9453-407331e0dcad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1ZSH4fIAMFxeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c3b-67ff5c7f416727670e7c3b21;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KGNpzuI2ny_1LH90atWa09SPYG7Ovolbv_KvL8nC6fUk59z-6TFsMQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 03:05:08 GMT
age: 57585
etag: "51d87a5223d87c959bf27b2a825dce0a28f52ada"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdc869235086902c4acc379733b6bfdb8 0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae e614e29b14e69209fd4b82a688290f7a3f541909833a6558cf480aca899bab6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9056
x-amzn-requestid: 81cf473d-8dc6-49e7-b012-d0b7dfaec7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB4COHTlIAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3a0e-0848461c054db5c66fde9107;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 06:51:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MApUIVJ9KiOB34nLWUtMNmA8deQVoQ9xyNqSUYXlzdLlGoP9n78C5A==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 06:24:42 GMT
age: 45611
etag: "0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashba0a42dadf6a976df148f652e9cc1844 4d825b74865effa4a858ddcad1d0969671facc07 7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 76505
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5e7158416f60576804ccff03307319fe a342f94625e913fa6b8d862a59979f1e3ad80dd1 5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: cc977ea9-c418-4a5a-a13b-c86e16bbe6ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRGPFGL5oAMFiSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d050c6-2d540cac5ca7d4e64cfdb8bc;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 21:42:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uZnA5gkRlZyqamh_n3992G9PlMJa4gJ-mjSOQEysII73dDKLXmeXsg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 16:31:38 GMT
age: 9195
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| bandofkiwis.com/wp-content/themes/scapeshot/assets/js/skip-link-focus-fix.min.js?ver=201800703 | 74.220.219.177 | 200 OK | 300 B |
URL HTTP/1.1bandofkiwis.com/wp-content/themes/scapeshot/assets/js/skip-link-focus-fix.min.js?ver=201800703 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (501), with no line terminators Hashe448a68154bf06878cc60d6539a78ce4 432569a8de31496a1d2108936bb010f617a77ab5 c03e04d1c143d95647dd3c04ae4f4655d4c01e2661c4a76f0b2b99e7bedbe245
GET /wp-content/themes/scapeshot/assets/js/skip-link-focus-fix.min.js?ver=201800703 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Sun, 13 Feb 2022 21:03:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 300
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1652531678 | 74.220.219.177 | 409 Conflict | 83 B |
URL HTTP/1.1bandofkiwis.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1652531678 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document, ASCII text, with no line terminators Hash26267cd8990f15d3bbea71684a6d5995 ac3b38cf3fe0e112bb6aeb7e05226b7133575d93 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1652531678 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 409 Conflict
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| bandofkiwis.com/wp-content/themes/scapeshot/assets/js/functions.min.js?ver=201800703 | 74.220.219.177 | 200 OK | 3.1 kB |
URL HTTP/1.1bandofkiwis.com/wp-content/themes/scapeshot/assets/js/functions.min.js?ver=201800703 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (8426), with no line terminators Hash1e3577d4690af5d47fc045f2e1d0b163 a14fe490026f9bbacb51a0b913870d2e3194decb 8a8ec351091e6e0cd7a93f385eee31d52a599ebb48c9d675d6acc826ddf2228b
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/scapeshot/assets/js/functions.min.js?ver=201800703 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Sun, 13 Feb 2022 21:03:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3100
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 | 74.220.219.177 | 200 OK | 2.7 kB |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (6475), with no line terminators Hash45bd1d6f7fc3a4069fc6fd400b90c961 903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 02:25:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2675
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/?mcsf_action=main_css&ver=6.0.1 | 74.220.219.177 | 200 OK | 4.4 kB |
URL HTTP/1.1bandofkiwis.com/?mcsf_action=main_css&ver=6.0.1 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document, ASCII text, with very long lines (29003) Hashd21e07f156bf4fdb5848e551a49a280e 40d362c39d88f71a1d14f2c9cf40e8e2b20ae809 b8c25800602b62730ee856b3dc4adbb2c17739f2c6397d6103d1b1e3898938dd
GET /?mcsf_action=main_css&ver=6.0.1 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4415
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
|
|
| bandofkiwis.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 | 74.220.219.177 | 200 OK | 8.3 kB |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeUnicode text, UTF-8 text, with very long lines (19138), with no line terminators Hashe49f0561a452c9d04fb7d1510a23cc8c 9e8fc2e3129da4fe2790eee565a6478b864bea83 ab4f9f418b022ab34d617ee2f95d70afff005ed4d4d92e313ce84a56b40bce75
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 02:25:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 8254
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff | 74.220.219.177 | 200 OK | 331 B |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (463) Hashba2b50662c393ff6ba69961f66b24d5d d5694f33b1072b13fc4c3989e90252c0b28030a2 79ad638f020827a6db341526b430e65459aa712bfbdcabf28bb013c6b2c715e9
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 02:25:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 331
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 8.0 kB |
URL HTTP/1.1fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bandofkiwis.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8000
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 27 Jan 2023 10:06:26 GMT
Expires: Sat, 27 Jan 2024 10:06:26 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:59:07 GMT
Content-Type: font/woff2
Age: 32307
|
|
| fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.8 kB |
URL HTTP/1.1fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bandofkiwis.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7816
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 27 Jan 2023 02:07:32 GMT
Expires: Sat, 27 Jan 2024 02:07:32 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:11:40 GMT
Content-Type: font/woff2
Age: 61041
|
|
| fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL HTTP/1.1fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bandofkiwis.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7884
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 24 Jan 2023 18:57:59 GMT
Expires: Wed, 24 Jan 2024 18:57:59 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 17:03:52 GMT
Content-Type: font/woff2
Age: 259614
|
|
| fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.7 kB |
URL HTTP/1.1fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bandofkiwis.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7748
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 27 Jan 2023 02:07:32 GMT
Expires: Sat, 27 Jan 2024 02:07:32 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:21:30 GMT
Content-Type: font/woff2
Age: 61041
|
|
| fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 | 216.58.207.227 | 200 OK | 8.7 kB |
URL HTTP/1.1fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 8668, version 1.0\012- data Hasha242ba0df3a128a2cab929a8c45d5056 d70e2c70b21cbb66cd883ae56e2dedacefd81c7c 50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bandofkiwis.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8668
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 27 Jan 2023 11:35:48 GMT
Expires: Sat, 27 Jan 2024 11:35:48 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:07:02 GMT
Content-Type: font/woff2
Age: 26945
|
|
| bandofkiwis.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 | 74.220.219.177 | 200 OK | 4.2 kB |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
Hasha72df5f7a597c541e18a33abef3c11f5 9500913a0a3fca9979a0aed9cb745926d9f86f83 258da631753c1d8d88fb1316024b671fa4a9ac87c9d6c4f38a45bc2c3bf9f3fc
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 02:25:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4234
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 | 74.220.219.177 | 200 OK | 999 B |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeUnicode text, UTF-8 text, with very long lines (2472) Hash05e2ccec781ae289719bb26320d5cc40 60f3adc6dccea4df940d0f1579b83b06e715d0ed 1242f50bffe2d7745a712e1702f3f26a58d955fc110abf58599730fb6380a91c
GET /wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 02:25:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 999
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-includes/js/wp-custom-header.min.js?ver=6.0.1 | 74.220.219.177 | 200 OK | 1.8 kB |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/wp-custom-header.min.js?ver=6.0.1 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (4407) Hash62988b6557eba9f08b2f33fe079509f5 adfffaaebd48e712333fa5917b248b6218768b12 46596428f1d6c1d68155d9e484ac14aaa7b83a7826f19622533652f0ec24c4c9
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/wp-custom-header.min.js?ver=6.0.1 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 10 Nov 2021 01:11:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1773
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 | 74.220.219.177 | 200 OK | 1.7 kB |
URL HTTP/1.1bandofkiwis.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeASCII text, with very long lines (4875) Hash6a452794a68bc140a53b30519b94edf6 68046f5611ba3cf5da1c46087609aff18f59fdc1 259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 02:25:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1712
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| bandofkiwis.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1652531678 | 74.220.219.177 | 409 Conflict | 83 B |
URL HTTP/1.1bandofkiwis.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1652531678 IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document, ASCII text, with no line terminators Hash26267cd8990f15d3bbea71684a6d5995 ac3b38cf3fe0e112bb6aeb7e05226b7133575d93 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1652531678 HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bandofkiwis.com/
HTTP/1.1 409 Conflict
Date: Fri, 27 Jan 2023 19:04:53 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| bandofkiwis.com/wp-content/uploads/2021/11/cropped-DSC_0424-scaled-1-1024x576.jpg | 74.220.219.177 | 200 OK | 199 kB |
URL HTTP/2bandofkiwis.com/wp-content/uploads/2021/11/cropped-DSC_0424-scaled-1-1024x576.jpg IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=180, yresolution=188, resolutionunit=2, software=Ver.1.03 , datetime=2021:07:30 13:58:19, GPS-Data], baseline, precision 8, 1024x576, components 3\012- data Size199 kB (198619 bytes) Hashc075366f58704a8812827fa0c70be031 b2b2d0d7dc6eb1234e215a8e11e0aa56c7b779c9 c66cddd9e4ce4fa903d8f812ea6434da5a1461da40c9a52818c66d2a3f73c5ac
GET /wp-content/uploads/2021/11/cropped-DSC_0424-scaled-1-1024x576.jpg HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bandofkiwis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Nov 2021 06:28:22 GMT
accept-ranges: bytes
content-length: 198619
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 27 Jan 2023 19:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| bandofkiwis.com/wp-content/uploads/2021/11/cropped-DSC_0424-scaled-1-1536x864.jpg | 74.220.219.177 | 200 OK | 324 kB |
URL HTTP/2bandofkiwis.com/wp-content/uploads/2021/11/cropped-DSC_0424-scaled-1-1536x864.jpg IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=180, yresolution=188, resolutionunit=2, software=Ver.1.03 , datetime=2021:07:30 13:58:19, GPS-Data], baseline, precision 8, 1536x864, components 3\012- data Size324 kB (324105 bytes) Hash9c73471040e184249d0cf7ab83d361d9 f730bd5e78be5e17985aaf9a7578c59405b5a945 2869aeb172d383aa7992f404b7855a2afbbfa6ad5d6c5f1a43228002e001af44
GET /wp-content/uploads/2021/11/cropped-DSC_0424-scaled-1-1536x864.jpg HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bandofkiwis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Nov 2021 06:28:23 GMT
accept-ranges: bytes
content-length: 324105
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 27 Jan 2023 19:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| bandofkiwis.com/wp-content/uploads/2021/12/DSC_0225-1024x681.jpg | 74.220.219.177 | 200 OK | 268 kB |
URL HTTP/2bandofkiwis.com/wp-content/uploads/2021/12/DSC_0225-1024x681.jpg IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D3200, orientation=upper-left, xresolution=180, yresolution=188, resolutionunit=2, software=Ver.1.03 , datetime=2021:07:30 10:35:43, GPS-Data], baseline, precision 8, 1024x681, components 3\012- data Size268 kB (267548 bytes) Hashd017a7d586b99f216584f9f78511ed51 95481d42de4693dd944af9282528c1439425aaa4 40b2c5bf266fc7498969ece13e9a9cc7555d6626edb271288c025ee63b881f09
GET /wp-content/uploads/2021/12/DSC_0225-1024x681.jpg HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bandofkiwis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Dec 2021 01:30:05 GMT
accept-ranges: bytes
content-length: 267548
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Fri, 27 Jan 2023 19:04:54 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash61f119c4b6311c87501f54da9ad62e7e 479c65a3be3e77ff0af6f26118389cac97852c74 e00fa0353240654d541e2aee878c14feb77837a1b5a4a12fa326ec2cc5a92e59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.youtube.com/iframe_api | 142.250.74.14 | 200 OK | 960 B |
URL HTTP/2www.youtube.com/iframe_api IP142.250.74.14:0
File typeASCII text, with very long lines (509) Hash23cfc1bf7ca45aede6cf4a9fa8fd5464 64e37c444c9f56d7de75e3c8be818b20e21e31ec 5e72833beeb7f9ca8d0cd8900a5116b31a2a276dca0cb890544e2023210264a9
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bandofkiwis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Fri, 27 Jan 2023 19:04:54 GMT
date: Fri, 27 Jan 2023 19:04:54 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=tXWU1esYUsc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpReE1EQTFPVGsyTXpneE5qYzVNZz09ENbA0J4GGNbA0J4G; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 19:04:54 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=siXpSX30O-k; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 19:04:54 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+985; expires=Sun, 26-Jan-2025 19:04:54 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bandofkiwis.com/wp-content/uploads/2021/11/cropped-ROAMIN-GRAPHICS-05-32x32.png | 74.220.219.177 | 200 OK | 989 B |
URL HTTP/2bandofkiwis.com/wp-content/uploads/2021/11/cropped-ROAMIN-GRAPHICS-05-32x32.png IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data Hashc4135743a46eb8feb9adb6c2bf3526c8 ead87c68da5b4721784da02f9bd3263c8b865e9c 0a38c756737b040047fd957998af7154491ef77dd4489cf89428ed3f17756c89
GET /wp-content/uploads/2021/11/cropped-ROAMIN-GRAPHICS-05-32x32.png HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bandofkiwis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Nov 2021 06:39:11 GMT
accept-ranges: bytes
content-length: 989
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Fri, 27 Jan 2023 19:04:54 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| bandofkiwis.com/wp-content/uploads/2021/11/cropped-ROAMIN-GRAPHICS-05-192x192.png | 74.220.219.177 | 200 OK | 5.7 kB |
URL HTTP/2bandofkiwis.com/wp-content/uploads/2021/11/cropped-ROAMIN-GRAPHICS-05-192x192.png IP74.220.219.177:0 ASN#46606 UNIFIEDLAYER-AS-1
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hash1514f66c2b9e6d7c06c152aeb68b2ec6 aaf8cdb2e4206911bc6835fe38c8c90ea15938fb 538de0a6ac68b981ac61b9c3817b41ba9f5fc7f4e06887a05ea13544770b9ee8
GET /wp-content/uploads/2021/11/cropped-ROAMIN-GRAPHICS-05-192x192.png HTTP/1.1
Host: bandofkiwis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bandofkiwis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Nov 2021 06:39:11 GMT
accept-ranges: bytes
content-length: 5702
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Fri, 27 Jan 2023 19:04:54 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashc6c64fc014f993e296f124e4b2f0f175 68d3e62fcd25c05d19894a28f4490cf1d04a44c1 7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 76611
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashc6c64fc014f993e296f124e4b2f0f175 68d3e62fcd25c05d19894a28f4490cf1d04a44c1 7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 95051
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashde1ce1472f360bfdf03f16285d87afb1 8d66a92d67c015560d994ebb92243833afe21a6a 20056cf21ebb6b84a9e6bc2675baa121e9c4cc9456a8c2dbd0c8dcad7595af0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.doubleclick.net/instream/ad_status.js | 142.250.74.166 | 200 OK | 29 B |
URL HTTP/2static.doubleclick.net/instream/ad_status.js IP142.250.74.166:0
Hash1fa71744db23d0f8df9cce6719defcb7 e4be9b7136697942a036f97cf26ebaf703ad2067 eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 18:57:52 GMT
expires: Fri, 27 Jan 2023 19:12:52 GMT
cache-control: public, max-age=900
age: 423
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashe7ebbff54ced2c07469b302fc6d44078 f59983c844c398bd37705051ca685b2d07d85726 04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| googleads.g.doubleclick.net/pagead/id | 142.250.74.130 | 302 Found | 0 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/id IP142.250.74.130:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 27 Jan 2023 19:04:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashde1ce1472f360bfdf03f16285d87afb1 8d66a92d67c015560d994ebb92243833afe21a6a 20056cf21ebb6b84a9e6bc2675baa121e9c4cc9456a8c2dbd0c8dcad7595af0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash48f87f021aa43dc85cabc3b624264811 6dcc2e3610ec6ef91768905aae267c984227f54a 0e77dc8ff90169c7db1343058490de4942217f3846ca0586bebd33d32513b305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash48f87f021aa43dc85cabc3b624264811 6dcc2e3610ec6ef91768905aae267c984227f54a 0e77dc8ff90169c7db1343058490de4942217f3846ca0586bebd33d32513b305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash1f4c8e17a668764556ab61c7c31e53c7 ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2 8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 216.58.211.10 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP216.58.211.10:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 27 Jan 2023 19:04:55 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| googleads.g.doubleclick.net/pagead/id?slf_rd=1 | 142.250.74.130 | 200 OK | 120 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/id?slf_rd=1 IP142.250.74.130:0
Hash33d71b34e99ffd90c7921b3fd088c22f e82a1c5414b77b45ce7904a50201a79f0dcf735d 26fc75eca7543429a58260920df2891821947de3d9b0a0909ff724ff79fbbd5f
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Fri, 27 Jan 2023 19:04:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash9a156f9e1eec43fbfc3ea11e27aa3091 280292e0c5a0896c45598aa00e3fb607edf0b3a7 419b77a2c7ed19e8d086c82e3c9096d6ed2ab3032bba31afce0499ee83bc233a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js | 216.58.207.228 | 200 OK | 14 kB |
URL HTTP/2www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js IP216.58.207.228:0
File typeASCII text, with very long lines (36171) Hasha13a76dd17af226d4a24bd16ef702377 c364171cd0f66eb4a1a8dde04e1e083154d81dbd 1dd3352cbdb7561b142954006a2bb94008486c22760c3d5ebb1b6fffeb325173
GET /js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14250
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 12:33:25 GMT
expires: Fri, 26 Jan 2024 12:33:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 109890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash1f9815068974587b7c7a518826263bc4 514b3e6d9556e1338c0eeed8d7392188cd29fa62 4a0d2f8990459570058695e8ae2f06f75429e2bea56bf01908a4eba8f344ebce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 216.58.211.10 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP216.58.211.10:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hash4462a0bf76411d841fce7b6ae957c488 a08ec226979b5c16c0e753b0b1f2772e8be0197b 9f92f1f3d611130b4c1e20005a5b9457ebf475096e7312fcecc3dfbcb0d213ed
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 27 Jan 2023 19:04:55 GMT
server: ESF
cache-control: private
content-length: 30860
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash7da8f9a23d8c05f64f248e4e3427c76e e2d001c2909cd9403173cbb0e288d55fbc8e4d0a db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/mmAOXdmwdQhMVdbqd_aUJJ31lPY1n0et8y112oNxBn3qQPR4RSCzdKJDdye3_VcEKzS6yG39=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 4.6 kB |
URL HTTP/2yt3.ggpht.com/mmAOXdmwdQhMVdbqd_aUJJ31lPY1n0et8y112oNxBn3qQPR4RSCzdKJDdye3_VcEKzS6yG39=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data Hash4902452861a807143bf79fb8baedcebf 0269ae6b8d6a6c1087f0182d0037788d7bf5b817 73d212eddddf5b83e6678b766bd6769e8f7c69c291b174aae32d0c10b5b5b7e2
GET /mmAOXdmwdQhMVdbqd_aUJJ31lPY1n0et8y112oNxBn3qQPR4RSCzdKJDdye3_VcEKzS6yG39=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sat, 28 Jan 2023 19:04:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 19:04:56 GMT
server: fife
content-length: 4613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash1f9815068974587b7c7a518826263bc4 514b3e6d9556e1338c0eeed8d7392188cd29fa62 4a0d2f8990459570058695e8ae2f06f75429e2bea56bf01908a4eba8f344ebce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 216.58.211.10 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP216.58.211.10:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 27 Jan 2023 19:04:56 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 216.58.211.10 | 200 OK | 110 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP216.58.211.10:0
File typeJSON data\012- , ASCII text, with no line terminators Hash5da6d531bcdb36c29f511b0957439797 13feddcc03e2f9727fd76c2837155c893b709b56 ef6427009a404b4522d432344dbd290cf2e5c572ddf730e93d0ece411d7a1060
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1070
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 27 Jan 2023 19:04:56 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash4bf30f4bdb03b93a21056252853b4e21 b79b6b31360202b2775c8423e73af7ce6c96b44f 7563990b2ddd973bf92485dbfebb87a5b3156f8f22e6a9b3e7df7aa496ca0256
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash4bf30f4bdb03b93a21056252853b4e21 b79b6b31360202b2775c8423e73af7ce6c96b44f 7563990b2ddd973bf92485dbfebb87a5b3156f8f22e6a9b3e7df7aa496ca0256
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&mh=rv&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1941250&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&mt=1674845859&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgFoIwyRHB0ijBwtTGlhRY4zcvQV1RvO572ZV9duAmAacCIQD7iKSh1FKVHck5Ll_6Mhv7CxzfsKkip68Lio9vBMq6pQ%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&range=0-66087&rn=2&rbuf=0 | 91.90.45.173 | 200 OK | 1.0 kB |
URL HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&mh=rv&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1941250&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&mt=1674845859&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgFoIwyRHB0ijBwtTGlhRY4zcvQV1RvO572ZV9duAmAacCIQD7iKSh1FKVHck5Ll_6Mhv7CxzfsKkip68Lio9vBMq6pQ%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&range=0-66087&rn=2&rbuf=0 IP91.90.45.173:0 ASN#50304 Blix Solutions AS
File typeASCII text, with very long lines (1013), with no line terminators Hash7801254c11fb2393dc9e25a687130ec5 bf714839d872c65988ce1eecd491cbd1266f7ede 0179e17dbdbfe38cce53a01160677cc8055318ea602a7a93dd124be644b75172
POST /videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&mh=rv&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1941250&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&mt=1674845859&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgFoIwyRHB0ijBwtTGlhRY4zcvQV1RvO572ZV9duAmAacCIQD7iKSh1FKVHck5Ll_6Mhv7CxzfsKkip68Lio9vBMq6pQ%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&range=0-66087&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 19:04:56 GMT
Expires: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1013
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=243&aitags=134%2C136%2C160%2C243%2C298&source=youtube&requiressl=yes&mh=rv&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1941250&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=video%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=6982284&dur=164.964&lmt=1672601026488746&mt=1674845859&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPjCpwcctiOWx-J0PawSnVAN7cRpViTDeY8-KEigHlq1AiBmw3Ak__6ibvORuzVEns5w64-c__cYSWmoirL-BEzO1g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgFoIwyRHB0ijBwtTGlhRY4zcvQV1RvO572ZV9duAmAacCIQD7iKSh1FKVHck5Ll_6Mhv7CxzfsKkip68Lio9vBMq6pQ%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&range=0-117422&rn=1&rbuf=0 | 91.90.45.173 | 200 OK | 1.1 kB |
URL HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=243&aitags=134%2C136%2C160%2C243%2C298&source=youtube&requiressl=yes&mh=rv&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1941250&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=video%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=6982284&dur=164.964&lmt=1672601026488746&mt=1674845859&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPjCpwcctiOWx-J0PawSnVAN7cRpViTDeY8-KEigHlq1AiBmw3Ak__6ibvORuzVEns5w64-c__cYSWmoirL-BEzO1g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgFoIwyRHB0ijBwtTGlhRY4zcvQV1RvO572ZV9duAmAacCIQD7iKSh1FKVHck5Ll_6Mhv7CxzfsKkip68Lio9vBMq6pQ%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&range=0-117422&rn=1&rbuf=0 IP91.90.45.173:0 ASN#50304 Blix Solutions AS
File typeASCII text, with very long lines (1060), with no line terminators Hashc02726995c88bf9354af70b82948cea1 a1dcad2abf4024e3150c9bdb14320bbc2fc31638 330c3bd10fadba2f0c98cb130746a1d15b6314cdcc05c8d3d953061968a70d1e
POST /videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=243&aitags=134%2C136%2C160%2C243%2C298&source=youtube&requiressl=yes&mh=rv&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1941250&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=video%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=6982284&dur=164.964&lmt=1672601026488746&mt=1674845859&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPjCpwcctiOWx-J0PawSnVAN7cRpViTDeY8-KEigHlq1AiBmw3Ak__6ibvORuzVEns5w64-c__cYSWmoirL-BEzO1g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgFoIwyRHB0ijBwtTGlhRY4zcvQV1RvO572ZV9duAmAacCIQD7iKSh1FKVHck5Ll_6Mhv7CxzfsKkip68Lio9vBMq6pQ%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&range=0-117422&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 19:04:56 GMT
Expires: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1060
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash4bf30f4bdb03b93a21056252853b4e21 b79b6b31360202b2775c8423e73af7ce6c96b44f 7563990b2ddd973bf92485dbfebb87a5b3156f8f22e6a9b3e7df7aa496ca0256
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hasha698ec74ee4a3a0dbbaee5ffcc4d17bf 8c63a9b76fa5010cf1bcaae8f546d5a0cb6cd706 771192d458f35787b90de5dac221e0a306f687091a4f8621a75d676c42fa576d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash1c41a6b8f840ffe70901330284180cbc 6ac98f9828ff177a60eacdfe697f3e5af5f07ce5 af6e4070a9071163ddfdcf029c32f8667c5898e7f8bbeaa1714bb2d9ad7aaf36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr1---sn-5go7yner.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=243&aitags=134%2C136%2C160%2C243%2C298&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=video%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=6982284&dur=164.964&lmt=1672601026488746&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPjCpwcctiOWx-J0PawSnVAN7cRpViTDeY8-KEigHlq1AiBmw3Ak__6ibvORuzVEns5w64-c__cYSWmoirL-BEzO1g%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rv&mm=29&mn=sn-5go7yner&ms=rdu&mt=1674846105&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMUdwJn9Y9_JWLUTLuZsLWfJpqPfISongDGZBKJjQjIuAiB0IFFTzsjvezJ_VV8ROMEORgt16mt--omsz5dpoFluGQ%3D%3D&range=0-117422&rn=4&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= | 74.125.110.166 | 200 OK | 1.2 kB |
URL HTTP/1.1rr1---sn-5go7yner.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=243&aitags=134%2C136%2C160%2C243%2C298&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=video%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=6982284&dur=164.964&lmt=1672601026488746&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPjCpwcctiOWx-J0PawSnVAN7cRpViTDeY8-KEigHlq1AiBmw3Ak__6ibvORuzVEns5w64-c__cYSWmoirL-BEzO1g%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rv&mm=29&mn=sn-5go7yner&ms=rdu&mt=1674846105&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMUdwJn9Y9_JWLUTLuZsLWfJpqPfISongDGZBKJjQjIuAiB0IFFTzsjvezJ_VV8ROMEORgt16mt--omsz5dpoFluGQ%3D%3D&range=0-117422&rn=4&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= IP74.125.110.166:0
File typeASCII text, with very long lines (1213), with no line terminators Hash8332d383e00529cb52c3e735fa84bb95 495c411db0a1c6f682815b0bbc6a638ea8a67910 0ce19a5d89409d8f30b1b8964decd2828bef1612d7f885c2fdcd70fba9480bf9
POST /videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=243&aitags=134%2C136%2C160%2C243%2C298&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=video%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=6982284&dur=164.964&lmt=1672601026488746&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPjCpwcctiOWx-J0PawSnVAN7cRpViTDeY8-KEigHlq1AiBmw3Ak__6ibvORuzVEns5w64-c__cYSWmoirL-BEzO1g%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rv&mm=29&mn=sn-5go7yner&ms=rdu&mt=1674846105&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMUdwJn9Y9_JWLUTLuZsLWfJpqPfISongDGZBKJjQjIuAiB0IFFTzsjvezJ_VV8ROMEORgt16mt--omsz5dpoFluGQ%3D%3D&range=0-117422&rn=4&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= HTTP/1.1
Host: rr1---sn-5go7yner.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 19:04:56 GMT
Expires: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1213
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr1---sn-5go7yner.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rv&mm=29&mn=sn-5go7yner&ms=rdu&mt=1674846105&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKB-yvUAKT4CwFp7Z8BGqx_yNH8jA_gYnDNwsFGvJxbXAiEA1sSG3rSUXFge28NQHfRduMhFsIxz26WF75t_kQLjakk%3D&range=0-66087&rn=3&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= | 74.125.110.166 | 200 OK | 1.2 kB |
URL HTTP/1.1rr1---sn-5go7yner.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rv&mm=29&mn=sn-5go7yner&ms=rdu&mt=1674846105&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKB-yvUAKT4CwFp7Z8BGqx_yNH8jA_gYnDNwsFGvJxbXAiEA1sSG3rSUXFge28NQHfRduMhFsIxz26WF75t_kQLjakk%3D&range=0-66087&rn=3&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= IP74.125.110.166:0
File typeASCII text, with very long lines (1159), with no line terminators Hash11495172e776bb388a534a0ac60e68fe 9c21e2ebe468dbd62ea3d323a590beb8fe782b6d 17432b2be2a20b65bf93504665701922de3ed43a1286732ebac66c7bc218a38e
POST /videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rv&mm=29&mn=sn-5go7yner&ms=rdu&mt=1674846105&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKB-yvUAKT4CwFp7Z8BGqx_yNH8jA_gYnDNwsFGvJxbXAiEA1sSG3rSUXFge28NQHfRduMhFsIxz26WF75t_kQLjakk%3D&range=0-66087&rn=3&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= HTTP/1.1
Host: rr1---sn-5go7yner.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 19:04:56 GMT
Expires: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1159
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr1---sn-5go7yner.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rv&mm=29&mn=sn-5go7yner&ms=rdu&mt=1674846105&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJXtsUFRNLjSXnzdpHLeoLVndFxc1vC2zadPsG5M3pSFAiBtvn7UIwvkWo3vDie8fZOr9IGmofzGSAd9nIewMbui1A%3D%3D&range=0-66087&rn=7&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= | 74.125.110.166 | 200 OK | 1.2 kB |
URL HTTP/1.1rr1---sn-5go7yner.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rv&mm=29&mn=sn-5go7yner&ms=rdu&mt=1674846105&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJXtsUFRNLjSXnzdpHLeoLVndFxc1vC2zadPsG5M3pSFAiBtvn7UIwvkWo3vDie8fZOr9IGmofzGSAd9nIewMbui1A%3D%3D&range=0-66087&rn=7&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= IP74.125.110.166:0
File typeASCII text, with very long lines (1159), with no line terminators Hashdb267a56e54331111bbe00da459e1973 d09440f9d074292aba8e050716ba0d9ebb77ddbc 33a9897408068282b9f548df8538686ba820588f34c61d195d4ffb74d6f4f729
POST /videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rv&mm=29&mn=sn-5go7yner&ms=rdu&mt=1674846105&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJXtsUFRNLjSXnzdpHLeoLVndFxc1vC2zadPsG5M3pSFAiBtvn7UIwvkWo3vDie8fZOr9IGmofzGSAd9nIewMbui1A%3D%3D&range=0-66087&rn=7&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= HTTP/1.1
Host: rr1---sn-5go7yner.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 19:04:56 GMT
Expires: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1159
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash1c41a6b8f840ffe70901330284180cbc 6ac98f9828ff177a60eacdfe697f3e5af5f07ce5 af6e4070a9071163ddfdcf029c32f8667c5898e7f8bbeaa1714bb2d9ad7aaf36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 19:04:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr1---sn-5hnednsz.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gold7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=rv&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1674846068&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaWx5hsqUovk9874MSieaVUKlAKbf01wYcdkzZ6ZA1KACICbGc9YZQZLC5dhITFauy8F1KXObfIK9LX2CWoNWh79D&range=0-66087&rn=8&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= | 74.125.8.230 | 200 OK | 66 kB |
URL HTTP/1.1rr1---sn-5hnednsz.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gold7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=rv&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1674846068&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaWx5hsqUovk9874MSieaVUKlAKbf01wYcdkzZ6ZA1KACICbGc9YZQZLC5dhITFauy8F1KXObfIK9LX2CWoNWh79D&range=0-66087&rn=8&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= IP74.125.8.230:0
File typeWebM\012- EBML file, creator webmB\20\012- data Hash0f29972c763738ba0ba7422a7045c03e a8aa6581f01153c49bb7b1f3434edd11e797bef2 a118f2eb2d978f91d31baffae1d2b0c271c19c8b0f8a8a45e5ceacb0a66405ee
POST /videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=251&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=audio%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=2625001&dur=165.001&lmt=1600130953495483&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMzNZJvbntnTqgnnnhpdRvaHgbzCiUa68MDvfPBjFlhsCID9u_DuViDQyDVl4hVjUVC2WTU69w5UY_VoBZp9urx9f&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gold7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=rv&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1674846068&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgaWx5hsqUovk9874MSieaVUKlAKbf01wYcdkzZ6ZA1KACICbGc9YZQZLC5dhITFauy8F1KXObfIK9LX2CWoNWh79D&range=0-66087&rn=8&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= HTTP/1.1
Host: rr1---sn-5hnednsz.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 15 Sep 2020 00:49:13 GMT
Content-Type: audio/webm
Date: Fri, 27 Jan 2023 19:04:57 GMT
Expires: Fri, 27 Jan 2023 19:04:57 GMT
Cache-Control: private, max-age=21298
Accept-Ranges: bytes
Content-Length: 66088
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr1---sn-5hnednsz.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=243&aitags=134%2C136%2C160%2C243%2C298&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=video%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=6982284&dur=164.964&lmt=1672601026488746&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPjCpwcctiOWx-J0PawSnVAN7cRpViTDeY8-KEigHlq1AiBmw3Ak__6ibvORuzVEns5w64-c__cYSWmoirL-BEzO1g%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gold7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=rv&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1674846068&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgHQ2is0c8uOT1kREEEazWr-s7kHMrjAGG9sYkaq8Bx5UCIQDD4ekwPrEN9hIuTZ3dhGAjPqsLfeoxueB4gau-OpX7rQ%3D%3D&range=0-117422&rn=5&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= | 74.125.8.230 | 200 OK | 117 kB |
URL HTTP/1.1rr1---sn-5hnednsz.googlevideo.com/videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=243&aitags=134%2C136%2C160%2C243%2C298&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=video%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=6982284&dur=164.964&lmt=1672601026488746&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPjCpwcctiOWx-J0PawSnVAN7cRpViTDeY8-KEigHlq1AiBmw3Ak__6ibvORuzVEns5w64-c__cYSWmoirL-BEzO1g%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gold7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=rv&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1674846068&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgHQ2is0c8uOT1kREEEazWr-s7kHMrjAGG9sYkaq8Bx5UCIQDD4ekwPrEN9hIuTZ3dhGAjPqsLfeoxueB4gau-OpX7rQ%3D%3D&range=0-117422&rn=5&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= IP74.125.8.230:0
File typeWebM\012- EBML file, creator webmB\20\012- data Size117 kB (117423 bytes) Hash657ce66213385a0464cdcd95f2951f16 f11a337b7a0b02b90242a121e7ebc56c2d3f2bdb 4e9abb3bcc22de141a4b304aef754187ca284242203202a87a7ae06bb3289999
POST /videoplayback?expire=1674867895&ei=VyDUY5y7IsSzyAWDgZLYAQ&ip=91.90.42.154&id=o-AKBvlTmvWhBEz2zomKKGl0kEYsa53Qv9trMGUV6WhQ5W&itag=243&aitags=134%2C136%2C160%2C243%2C298&source=youtube&requiressl=yes&spc=H3gIhqFHdYknZ26ew2BbsTCMk29KvEo&vprv=1&mime=video%2Fwebm&ns=WAsKvOjGyc5NTHC5OYU4wg4L&gir=yes&clen=6982284&dur=164.964&lmt=1672601026488746&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=2ZksRcDhT1rjjg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPjCpwcctiOWx-J0PawSnVAN7cRpViTDeY8-KEigHlq1AiBmw3Ak__6ibvORuzVEns5w64-c__cYSWmoirL-BEzO1g%3D%3D&alr=yes&cpn=V9XJ3W0DnynmU-Gu&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7l,sn-5gold7e&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=rv&mm=34&mn=sn-5hnednsz&ms=ltu&mt=1674846068&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgHQ2is0c8uOT1kREEEazWr-s7kHMrjAGG9sYkaq8Bx5UCIQDD4ekwPrEN9hIuTZ3dhGAjPqsLfeoxueB4gau-OpX7rQ%3D%3D&range=0-117422&rn=5&rbuf=0&pot=DwQWnLZC-ZByBC68tmD-dGUf7FJMFTQ6YMrKR1FyUEgSd-6h4jlYGIDR4bg_ITTXtDHJrwQHgf-_8EHqPdYqkol5Rdn6ft6vMsxRQ4V34Phg8FlecoNO1kZWQNWG-gy1zxkwwJk= HTTP/1.1
Host: rr1---sn-5hnednsz.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 01 Jan 2023 19:23:46 GMT
Content-Type: video/webm
Date: Fri, 27 Jan 2023 19:04:57 GMT
Expires: Fri, 27 Jan 2023 19:04:57 GMT
Cache-Control: private, max-age=21298
Accept-Ranges: bytes
Content-Length: 117423
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|