bitcomoneyup-en.sakosaco.com/
109.206.178.29302 Found 0 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/
IP 109.206.178.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 06 Feb 2023 10:44:44 GMT
Server: Apache/2.4.52 (Ubuntu)
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Location: /
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Set-Cookie: t=b9914ca243f54fc6886bb42253c6e9bd; Expires=Mon, 06 Mar 2023 10:44:44 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3180
Expires: Mon, 06 Feb 2023 11:37:44 GMT
Date: Mon, 06 Feb 2023 10:44:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6681
Expires: Mon, 06 Feb 2023 12:36:05 GMT
Date: Mon, 06 Feb 2023 10:44:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 10:36:27 GMT
content-type: application/json
age: 497
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4568
Expires: Mon, 06 Feb 2023 12:00:52 GMT
Date: Mon, 06 Feb 2023 10:44:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rYV31Uhpeq+vOZ7cNI6rnOOFOXzlGEpYNtgfqO1WP/Mj57ZBqaAmsz6lPvKuxZ6LMPdtxDUds8o=
x-amz-request-id: Y1RDQCEFZ1527SN8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 09:53:39 GMT
age: 3065
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
bitcomoneyup-en.sakosaco.com/
109.206.178.29200 OK 9.6 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/
IP 109.206.178.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (887)
Hash 0cf07656391bd6a1a142178de8e7f7b1
a586daa510c4174acceab9648968b0d2640dcc1a
b4e7fb7d8bfe9aac0413f442b659aff6f42a83154155dfb046c489b5b9113c8c
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:44 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Content-Length: 9574
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 10:44:44 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bitcomoneyup-en.sakosaco.com/css/index.css
109.206.178.29200 OK 7.1 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/css/index.css
IP 109.206.178.29:0
Hash 6ab5ec0199fd55a80c9e90697de11116
1cc068726419705b7ea947dc1c97f2ecd42e0289
e525a257598383bb50cccaf49e7adc7549d3653476fea74931c1b0b7796880a4
GET /css/index.css HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "a1ca-5e69a0fe7071c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7146
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
bitcomoneyup-en.sakosaco.com/css/bootstrap.min.css
109.206.178.29200 OK 21 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/css/bootstrap.min.css
IP 109.206.178.29:0
File type ASCII text, with very long lines (65324)
Hash 38f745174e06995541ce3df4e12cf121
033967295cf3e90282570b349f644c28a1ac89bf
c5662e0d63e606d98a53572f86ce46faa93a63faacf94200d35982886d0263f1
GET /css/bootstrap.min.css HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:44 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "22485-5e69a0fe7071c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21021
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
bitcomoneyup-en.sakosaco.com/css/stylesheet.css
109.206.178.29200 OK 628 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/css/stylesheet.css
IP 109.206.178.29:0
Hash a4727fb40f9555c367e333446719397d
768da88b33b3a590c440860d4ce4c1c6eef078be
cb99efe3a30415b9e8805abcd351ad4c009276130b86d2f258ce36b128bbbd59
GET /css/stylesheet.css HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "1dab-5e69a0fe7071c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 628
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
bitcomoneyup-en.sakosaco.com/css/intlTelInput.css
109.206.178.29200 OK 3.2 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/css/intlTelInput.css
IP 109.206.178.29:0
Hash 7a8979f11e618234fc3edf447d2fde25
73f5d05ca776e5dc594aca1dd6513d064f0dce4c
028357db6be53e9af500089e90fb18b6834638f9ff0b264f73251486ca8345c0
GET /css/intlTelInput.css HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "5ec5-5e69a0fe7071c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3184
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
bitcomoneyup-en.sakosaco.com/js/getdetector.js
109.206.178.29200 OK 216 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/getdetector.js
IP 109.206.178.29:0
Hash a63bdbbe2078e8e2aa6926d427e903b2
29f3b6915e87350fed21a51056ce2dfd84772267
aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354
Analyzer Verdict Alert fortinet Phishing
GET /js/getdetector.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "d8-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 216
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/js/commonJs.js
109.206.178.29200 OK 20 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/commonJs.js
IP 109.206.178.29:0
File type Unicode text, UTF-8 text, with very long lines (4372), with CRLF line terminators
Hash e8020395dd55638e1573a2d5a5e61881
add87a95bab73c9a680e9ee8e8faeb8f4846461a
6c193a5d0b93374532b095d1082b93d91050beefc53a3ce5ae31aa8eacf5276a
Analyzer Verdict Alert fortinet Phishing
GET /js/commonJs.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Wed, 21 Sep 2022 10:40:35 GMT
ETag: "4d25-5e92d932bec4e"
Accept-Ranges: bytes
Content-Length: 19749
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/js/bootstrap.min.js
109.206.178.29200 OK 37 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/bootstrap.min.js
IP 109.206.178.29:0
File type ASCII text, with very long lines (32003)
Hash c5b5b2fa19bd66ff23211d9f844e0131
791aa054a026bddc0de92bad6cf7a1c6e73713d5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "9004-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 36868
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/js/index.js
109.206.178.29200 OK 1.9 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/index.js
IP 109.206.178.29:0
Hash 62c91ab0be6701c140ece6cd2b004cb3
e0c4d7ddab1b6d61948d01cb7ac8415e4a573142
af434c0362a6b16f03e3b6fc4cf15b950c6d3aaa77aa94813c596c5a2c144a83
Analyzer Verdict Alert fortinet Phishing
GET /js/index.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "779-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 1913
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/js/valid.js
109.206.178.29200 OK 20 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/valid.js
IP 109.206.178.29:0
File type Unicode text, UTF-8 text, with very long lines (324)
Hash a2f97310aef5bd0d10eb7dabdb318618
05b0104f2bdd30b3f2e2195d1106b78fb8ff260a
ef8b5cb5830fd85d529ff2692409d160936d57f62e22ede3b632262de6412130
Analyzer Verdict Alert fortinet Phishing
GET /js/valid.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Mon, 24 Oct 2022 08:55:50 GMT
ETag: "4cb1-5ebc3f55466a8"
Accept-Ranges: bytes
Content-Length: 19633
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/js/device.min.js
109.206.178.29200 OK 2.6 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/device.min.js
IP 109.206.178.29:0
File type ASCII text, with very long lines (2581)
Hash 54ede9769a07158288324cc456c40bd5
d16eb8a25489f3c3713f5c9afac4562c197cf658
44427cb2a51e54cca2cb648212f313ce64433ce7454e3df0c386c0156e98e36a
Analyzer Verdict Alert fortinet Phishing
GET /js/device.min.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "a2d-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 2605
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/js/custom.js
109.206.178.29200 OK 1.3 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/custom.js
IP 109.206.178.29:0
File type HTML document, ASCII text, with very long lines (311)
Hash 809397e6ebd37e71207e1e6aef374450
5a35e242493d0a46b262ff0eceda02034afeef19
74f1157f90ee85f1ef0da80b953269c3ef0c729ff5d239eda48a65a625ffa844
Analyzer Verdict Alert fortinet Phishing
GET /js/custom.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "543-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 1347
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/js/jquery.validate.min.js
109.206.178.29200 OK 23 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/jquery.validate.min.js
IP 109.206.178.29:0
File type Unicode text, UTF-8 text, with very long lines (22555)
Hash baae00a4f063acf13d6ba0f88ae6ea97
a6438054d369854a7463066f46f40e94570fa50d
2ad2df085f23b047f5de23b2d503da16f265f180d96e8da72a6cfc1b40251ce7
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.validate.min.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "58a7-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 22695
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/js/currency.js
109.206.178.29200 OK 1.2 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/currency.js
IP 109.206.178.29:0
Hash 5193afe565795d5742b70e1e1ba0037c
81fd9abdb3235346481af4a4cef1e2180562ac9d
01aa580560f4d41d3df8569ae9e1727279abd98d1bcfe06ba88aa03893221e71
Analyzer Verdict Alert fortinet Phishing
GET /js/currency.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "48f-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 1167
Vary: User-Agent
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/images/btc-logo.png
109.206.178.29200 OK 5.1 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/btc-logo.png
IP 109.206.178.29:0
File type PNG image data, 610 x 100, 8-bit colormap, non-interlaced\012- data
Hash 4d72ae2920bb7fc11e81005b836ea27c
e5e873f9cd2604c825b0e769b027ff66ed3c35c3
3422cbef79022cc57f9bfee25837aab9ff6e6778aa166dd00455c0abe9c34edf
GET /images/btc-logo.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "13f2-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 5106
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/js/intlTelInput.js
109.206.178.29200 OK 84 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/intlTelInput.js
IP 109.206.178.29:0
File type Unicode text, UTF-8 text, with very long lines (9352)
Hash 2aa125cc5ed0a387c08b2333bf53666e
5d825236f67ce836294442fc2305957c2372ba46
117dbaf176701074ba3523e8f4cd40f0164e1e4f3fdd6e4182c246c42dd9aaa5
Analyzer Verdict Alert fortinet Phishing
GET /js/intlTelInput.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "14996-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 84374
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/images/visa.png
109.206.178.29200 OK 1.2 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/visa.png
IP 109.206.178.29:0
File type PNG image data, 101 x 34, 8-bit colormap, non-interlaced\012- data
Hash 1225c91d1bb0656d1742a27d1d0491d7
603dbbfbbc069b011508c84aaa16d81581b0432a
181f0bad942278d70b8eab925e2a7caf90189b79c15487698b2722c9b6714063
GET /images/visa.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "4ba-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 1210
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/js/script.js
109.206.178.29200 OK 12 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/script.js
IP 109.206.178.29:0
Hash 33f678c629215f268cc6df2d61210ae2
e62672ab3bdb81d04ab27e63a5201e224a05d3c9
7ae3f2ff1196a0019199ef13f7e424904a2a5506965d8a6e2ddff1217f8539be
Analyzer Verdict Alert fortinet Phishing
GET /js/script.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "2fc8-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 12232
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/images/arow-up.png
109.206.178.29200 OK 246 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/arow-up.png
IP 109.206.178.29:0
File type PNG image data, 18 x 15, 4-bit colormap, non-interlaced\012- data
Hash 2fff8c9e2431b067c7dfc92fc54c4af6
de437117da2f9e2ad7f1dfd73cdcb2fc9aec1aa0
1ea86d6bec49a6b9bec02e4a4caa1e5c37746391373de8afb86c3d3977bfa09b
GET /images/arow-up.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "f6-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 246
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/bitgo.png
109.206.178.29200 OK 1.0 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/bitgo.png
IP 109.206.178.29:0
File type PNG image data, 88 x 34, 8-bit colormap, non-interlaced\012- data
Hash 9552bd21676dff44c92ce1c746068704
0d3252e8b38d064a6d1109230a5b77a2132f6919
425f5616c301065cc72d0e0adba58f7606ac7c5d0cdb0a2a863bb71e054fb00d
GET /images/bitgo.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "3fa-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 1018
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/mastercard.png
109.206.178.29200 OK 1.1 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/mastercard.png
IP 109.206.178.29:0
File type PNG image data, 195 x 34, 8-bit colormap, non-interlaced\012- data
Hash b925a124a025ffb7147caa449434517d
933f8335017bca86d3637fbf6eede52b80ca47bc
43c47021c73feef147d2a0628097bbf68c964792a34042901c8ba5e193696fa7
GET /images/mastercard.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "44c-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 1100
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/mcafee.png
109.206.178.29200 OK 1.1 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/mcafee.png
IP 109.206.178.29:0
File type PNG image data, 178 x 34, 8-bit colormap, non-interlaced\012- data
Hash 55f2a5b341151021f0ae3a08e7309e5c
07ea6a9792ffbbd478c7c9fc6260bc0e0bb344a3
1fb9001797c8201f7cd76ba41c3794a89c487bcba05a0c66833b319cd0c978d8
GET /images/mcafee.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "42c-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 1068
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/logo-secure.png
109.206.178.29200 OK 644 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/logo-secure.png
IP 109.206.178.29:0
File type PNG image data, 56 x 47, 8-bit colormap, non-interlaced\012- data
Hash a422f890c5ca8eb68812d30e1ff9bdd9
849ce0a15638969882e7e3f7f60176fa3abb5afa
b3bc40edd0d909c11fd66b87371ebbfb39c5e1b9302a335b4a5f4835d0155a0a
GET /images/logo-secure.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "284-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 644
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/girl.jpg
109.206.178.29200 OK 31 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/girl.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 552x640, components 3\012- data
Hash 3bad016716cb6b1e87a1a4cd5d50ba6b
5fbd1fb44b4cadc5a9958e4e0ebb49e9628173ed
7d358077cb9798230d1673f0255283db7f73d9cf1b78be640098fe971be21a31
GET /images/girl.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "799d-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 31133
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/news.png
109.206.178.29200 OK 1.9 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/news.png
IP 109.206.178.29:0
File type PNG image data, 421 x 22, 4-bit colormap, non-interlaced\012- data
Hash 1a85bfef890871d7d62f86984f33cc46
9fe5f2c543a886254594d319238bb54c5368b3f5
6504b4affc500f62254a70b23db1d0a17a5e29eddc1faac9c018e05ac917b610
GET /images/news.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "78f-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 1935
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/winner-1.jpg
109.206.178.29200 OK 4.3 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/winner-1.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x160, components 3\012- data
Hash cb11b16264267833415e139404e36319
39693a1ebb70f1bbfe191277c2bc384a8395b570
80cd3019244d98b8828fefb6a553f067e76d669e139dea73e4df2556a2ef965e
GET /images/winner-1.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "10ea-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 4330
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/winner-2.jpg
109.206.178.29200 OK 4.3 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/winner-2.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x160, components 3\012- data
Hash 74c1b4052f063d7b33730e9c81fa0239
d7f24bdd041d5ee85d67ab1656a99009eb452bb6
1b3b7d93040f8d734bf7a6e5caf01cdd01ba9e4c68f899ceddc91196ab6c3257
GET /images/winner-2.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "10b2-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 4274
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/bg-1.jpg
109.206.178.29200 OK 35 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/bg-1.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x635, components 3\012- data
Hash d58918eb5f58fbfd9473327329113b5c
1ae767528da28a502012cbe98819de514d5d40d9
8f99074fb5e9a412960873dd1a3e0f2a642ce9bf99bf7620ca06e159f6fa7490
GET /images/bg-1.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/css/index.css
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "870d-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 34573
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/winner-3.jpg
109.206.178.29200 OK 3.4 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/winner-3.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 174x160, components 3\012- data
Hash ab68347ab1a0ea0f50385e16552a50cc
f8cabfffc4f8206ea2a47812b589fc6b78308e73
d2acf5c2804580ed57d6f9a51179e25b952a4e3bfb8d4b01138a8d5e9504ab2a
GET /images/winner-3.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "d36-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 3382
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/video-bg.png
109.206.178.29200 OK 4.2 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/video-bg.png
IP 109.206.178.29:0
File type PNG image data, 718 x 483, 8-bit colormap, non-interlaced\012- data
Hash b86b5fd9b6473dbae8f61ce14c0b2472
14e9b7e324282b5860abba4ac1f46af6a2c38273
ea576164480e93e4353669ad0f7219c5f133bac779096e2672d392c0374ee576
GET /images/video-bg.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/css/index.css
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "1051-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 4177
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/arow.png
109.206.178.29200 OK 265 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/arow.png
IP 109.206.178.29:0
File type PNG image data, 16 x 42, 4-bit colormap, non-interlaced\012- data
Hash 072579174fa3362df01db697adbaeb8f
9aaf13aea5eed5bf4c7fd8230cff76b42b0e3526
b89e908128fe7a9686bcb6e2a68c3f534c808a19ab7c35205f4d77d64a15b577
GET /images/arow.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/css/index.css
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "109-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 265
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/question-img-1.jpg
109.206.178.29200 OK 54 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/question-img-1.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 650x400, components 3\012- data
Hash 60c79dbed3697c321426cf1df6981828
f6072b04d90f02fa36f12b5e387a1332ae33fc8d
7d61e5b1c0c33f8477d6d3f05396dbdb10f795b609befffb2d9d47eb37de3eab
GET /images/question-img-1.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "d28d-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 53901
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/winner-4-big.jpg
109.206.178.29200 OK 19 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/winner-4-big.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Hash 886ce48e1804458a01091a599f707f75
4178b54ea7dd13ee570e7e4da86421086d2f9788
75bda76649d94418b0d26f2468c919ea3ffbe9be9c7cd9a2463c3871d579bd25
GET /images/winner-4-big.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "4ae5-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 19173
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/question-img-2.jpg
109.206.178.29200 OK 20 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/question-img-2.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 650x400, components 3\012- data
Hash f2e7f898f5020e60fb7b11ab8bf2e72f
fd614c811367863e2e3a4fc913014eef7f1f2bbc
c6f6a816518afd99edf93fd607c19fd54cef8477d386a7c0e36c5bb998eafc7d
GET /images/question-img-2.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "4c3c-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 19516
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/question-img-3.jpg
109.206.178.29200 OK 11 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/question-img-3.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 312x511, components 3\012- data
Hash 2e17fa5098356a4ef6b306693a574242
ecd2b0d076470a96cc3174978bf41c9cb6af19ce
9b2e6d1194849beb246d15ac33c1d6753738c590983f334c5da132739a43c788
GET /images/question-img-3.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "2afa-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 11002
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/fonts/S6uyw4BMUTPHjx4wXg.woff2
109.206.178.29200 OK 24 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/fonts/S6uyw4BMUTPHjx4wXg.woff2
IP 109.206.178.29:0
File type Web Open Font Format (Version 2), TrueType, length 23484, version 1.0\012- data
Hash b4d2c4c39853ee244272c04999b230ba
c82e22dde9716c40ba20e6c7ed03a1b66556de15
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Analyzer Verdict Alert fortinet Phishing
GET /fonts/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/css/stylesheet.css
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "5bbc-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 23484
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
bitcomoneyup-en.sakosaco.com/fonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2
109.206.178.29200 OK 23 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/fonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 109.206.178.29:0
File type Web Open Font Format (Version 2), TrueType, length 22992, version 1.0\012- data
Hash 1efbd38aa76ddae2580fedf378276333
8a49976f2470ba2a1db6144245355d3b889312e4
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Analyzer Verdict Alert fortinet Phishing
GET /fonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/css/stylesheet.css
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "59d0-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 22992
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2
bitcomoneyup-en.sakosaco.com/js/jquery.min.js
109.206.178.29200 OK 24 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/jquery.min.js
IP 109.206.178.29:0
File type Web Open Font Format (Version 2), TrueType, length 24428, version 1.0\012- data
Hash 5ce0990b59e1ed40e05327f625a24c4a
ad102c7b99bb6d8f62d305df00238730cbcf4357
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.min.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "1c2ab-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 115371
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/fonts/S6u8w4BMUTPHjxsAXC-q.woff2
109.206.178.29200 OK 24 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/fonts/S6u8w4BMUTPHjxsAXC-q.woff2
IP 109.206.178.29:0
File type Web Open Font Format (Version 2), TrueType, length 24440, version 1.0\012- data
Hash 117e995c97eab30fb92843616018d1f1
0cdf5ffdbc568f9f4d726f56bca92fe6b601da7a
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
Analyzer Verdict Alert fortinet Phishing
GET /fonts/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/css/stylesheet.css
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "5f78-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 24440
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2
bitcomoneyup-en.sakosaco.com/images/phone-footer.png
109.206.178.29200 OK 31 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/phone-footer.png
IP 109.206.178.29:0
File type PNG image data, 407 x 488, 8-bit colormap, non-interlaced\012- data
Hash 7f0d80b244c59dcf73ea87d6ad22cc9d
d2dc25e66b20b7d990dc279e801b2acd5a51338b
36425034ceb527b4d520d8f2c52e6a95b48fa17a4d50b55dcdddf02f18dd9a8e
GET /images/phone-footer.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "794d-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 31053
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/arow-faq.png
109.206.178.29200 OK 252 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/arow-faq.png
IP 109.206.178.29:0
File type PNG image data, 8 x 25, 4-bit colormap, non-interlaced\012- data
Hash ea09d6adbbda3d3faf4c6d83f0abbd3d
a051c925f3862f1db441d063cc4be743ea6990fa
dc619b3c110f9bbb66bb6e18e527b59a39db4f219ebb19aa923f68bbd6ae530a
GET /images/arow-faq.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/css/index.css
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "fc-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 252
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/js/youtubeUP.js?_=1675680329779
109.206.178.29200 OK 1.8 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/youtubeUP.js?_=1675680329779
IP 109.206.178.29:0
File type ASCII text, with very long lines (858)
Hash a9d6457e001f9b41bce03f99dad71e20
58e3e32e1f7273b5c7c97a4047478446b7fab4ba
b755455dee7ce4bb0d3f7da0655c029761580fc5080e6644c0ae6fec26547d0b
GET /js/youtubeUP.js?_=1675680329779 HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "710-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 1808
Vary: User-Agent
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/javascript
bitcomoneyup-en.sakosaco.com/images/winner-3-big.jpg
109.206.178.29200 OK 11 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/winner-3-big.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 266x540, components 3\012- data
Hash 6d64a6df4253235f4681e0c8cbe196ca
ab77087a16f29668cb1b5d5940da4257f1d8f5dd
4c1b381f4ca7bc2f1282cb3a88a4e377aa44951ebe0f78102c0893377552fc6e
GET /images/winner-3-big.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "29e4-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 10724
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/phone-footer-mob.png
109.206.178.29200 OK 10 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/phone-footer-mob.png
IP 109.206.178.29:0
File type PNG image data, 345 x 320, 8-bit colormap, non-interlaced\012- data
Hash 75b0c3bb0c01baccbdd22be77940d011
4ad2665424b501afe0fd6db17b7e7a99d130c0fa
09ed360411c5d43c16fee7b9a41a40aadfbd40dc00e5b57853bc5de98a51b67d
GET /images/phone-footer-mob.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "27ca-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 10186
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/question-img-3-mob.jpg
109.206.178.29200 OK 6.8 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/question-img-3-mob.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 211x346, components 3\012- data
Hash 244500ca44b8a93e98d7b22e5f2980fe
df6d9e1426d1239b1192e9fb0510af0cad778082
1a3a243795716305665e9cd2096834fd5889657ec54cf43db8a4fe64d9f93750
GET /images/question-img-3-mob.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "1aa3-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 6819
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/question-img-2-mob.jpg
109.206.178.29200 OK 14 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/question-img-2-mob.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 211x345, components 3\012- data
Hash ec65038538ccbce725e8e73751b21e9a
3f7049058a8d6643b3f5b75a64b7586f1cd0be56
e2f4bd3c90f6aab6e20f110653b8c9a8abe5e9b46a28d10a97d3173da73d408d
GET /images/question-img-2-mob.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "386d-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 14445
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/card-logo.png
109.206.178.29200 OK 2.5 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/card-logo.png
IP 109.206.178.29:0
File type PNG image data, 400 x 44, 8-bit colormap, non-interlaced\012- data
Hash 9a24872c84dd359ea866f1a61dd5946b
374ab167ee686ef769d1939d5f2b8a4b3939672c
bf9d2030e0eb54e92a47426aa5f2c58c3224bdc61cb8e13ecfdbce9be79e642d
GET /images/card-logo.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "9ea-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 2538
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/attention-mob.png
109.206.178.29200 OK 304 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/attention-mob.png
IP 109.206.178.29:0
File type PNG image data, 22 x 18, 4-bit colormap, non-interlaced\012- data
Hash 69f8fbd4a3f8405c0ddf84311589c7ce
53fd24e9671025360e506940e2e8d57fbd178937
f2eee1bb1f2eb913f7b9d0fe2172281a6c983409fe978a861ecd5fc0e3eb2c40
GET /images/attention-mob.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "130-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 304
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/volume.png
109.206.178.29200 OK 875 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/volume.png
IP 109.206.178.29:0
File type PNG image data, 256 x 256, 1-bit colormap, non-interlaced\012- data
Hash 25209f54cceeb6ac42097d82256cbfab
a2cbcfb42b1ce89a17aed8bf640b90f057319390
cf53ba9a7f63136e884da82519c4f9343a04b1f56c4ad19b8014a91078f88e77
GET /images/volume.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "36b-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 875
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/arrow-more.png
109.206.178.29200 OK 188 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/arrow-more.png
IP 109.206.178.29:0
File type PNG image data, 22 x 8, 4-bit colormap, non-interlaced\012- data
Hash e269a52184e4a0c33a792e3b453f700c
29cf30f55a1eb84c104c35e67675bd0b346913ce
ebd3a6a7d105011f65633ad3df17ffe3fff4a68aafa06329c96f7393ed7f4abc
GET /images/arrow-more.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "bc-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 188
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/arrow-hide.png
109.206.178.29200 OK 188 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/arrow-hide.png
IP 109.206.178.29:0
File type PNG image data, 22 x 8, 4-bit colormap, non-interlaced\012- data
Hash e269a52184e4a0c33a792e3b453f700c
29cf30f55a1eb84c104c35e67675bd0b346913ce
ebd3a6a7d105011f65633ad3df17ffe3fff4a68aafa06329c96f7393ed7f4abc
GET /images/arrow-hide.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "bc-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 188
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/winner-4.jpg
109.206.178.29200 OK 4.8 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/winner-4.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x160, components 3\012- data
Hash 24e1cf06487a91df7507279ad323e64c
0d2cf437a96c3e90292e358aeae60527005970ee
51ffed8b1f5c309ae663a3fd63b9d470a687fba9b0bc38812afb89bbdc662346
GET /images/winner-4.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "1293-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 4755
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/form-headr.png
109.206.178.29200 OK 60 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/form-headr.png
IP 109.206.178.29:0
File type PNG image data, 1000 x 179, 8-bit colormap, non-interlaced\012- data
Hash 86ef59e01e2d8ecff1cf1c695b25842a
63cf2196aedf0b111e6304f6f8297db628eacabb
dce74f9730cb0039c8b8a59a9aa730d0b94feab51622bcc768977cd14c75342c
GET /images/form-headr.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "eb43-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 60227
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/manager.png
109.206.178.29200 OK 38 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/manager.png
IP 109.206.178.29:0
File type PNG image data, 344 x 419, 8-bit colormap, non-interlaced\012- data
Hash 9552fabc494c9a11f127cb07b02de615
4399fc09ca4ff6f4a739bef51a5ed440c7056bf8
057019696cc230d30f7565f69a68647c82193e725b97c4c28f8ddd7f46a9bdf5
GET /images/manager.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "94be-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 38078
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/geo
109.206.178.29200 OK 52 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/geo
IP 109.206.178.29:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f4063d6489dc2bffced1933e473ac06b
eca0ca7dbd120ab6325ef4565fabaecc5785c61f
5557aacbebe4d836c3f0b11f855509e2cbedbd209b6e1f933f4f75c911cb0d11
Analyzer Verdict Alert fortinet Phishing
GET /geo HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Content-Length: 52
Content-Type: text/plain; charset=utf-8
Vary: User-Agent
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
bitcomoneyup-en.sakosaco.com/images/winner-1-big.jpg
109.206.178.29200 OK 14 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/winner-1-big.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Hash 97e9d5a968fd57d8ee61439e2941e5ff
b250c2598e42e3f0ddcfa6aa108702bcfdeb3943
9927df7c49f894b1e9f88c4e9567893084b766a70a330a957f7341b3fc4e3d2e
GET /images/winner-1-big.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "35b7-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 13751
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/geo
109.206.178.29200 OK 52 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/geo
IP 109.206.178.29:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f4063d6489dc2bffced1933e473ac06b
eca0ca7dbd120ab6325ef4565fabaecc5785c61f
5557aacbebe4d836c3f0b11f855509e2cbedbd209b6e1f933f4f75c911cb0d11
Analyzer Verdict Alert fortinet Phishing
GET /geo HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Content-Length: 52
Content-Type: text/plain; charset=utf-8
Vary: User-Agent
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
bitcomoneyup-en.sakosaco.com/images/winner-2-big.jpg
109.206.178.29200 OK 18 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/winner-2-big.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Hash a4504af89721064fbf5010c016875920
3006944e7d228f88215b3bf62eef9ebfebd017a5
be8b737c4b0dd3c323f6c0fb160145fa59263717c00dc4c8d1e43ce03aa56e39
GET /images/winner-2-big.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "451a-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 17690
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/question-img-1-mob.jpg
109.206.178.29200 OK 21 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/question-img-1-mob.jpg
IP 109.206.178.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 211x345, components 3\012- data
Hash b909e5068b21ec27c5b71abf01365d9c
055b0845fbb3de5866902bf6cbbeffb3c3c34755
1670e8653edcab135fcb019c46c563e254c06ad9fc052c3bf66fd320c1cffa79
GET /images/question-img-1-mob.jpg HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "52d2-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 21202
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
bitcomoneyup-en.sakosaco.com/images/flags.png
109.206.178.29200 OK 19 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/flags.png
IP 109.206.178.29:0
File type PNG image data, 5652 x 15, 8-bit colormap, non-interlaced\012- data
Hash f52874c1c63173b5eca72c8a4ba69093
cbf11645a1bb2bafe3372719ce2fb7aa8541dac6
c887fcb2171f40cf85bbaa7c8a92623ebd1e93958d0e809535077b8caf427f89
GET /images/flags.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/css/intlTelInput.css
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "4a6b-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 19051
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/images/logo-secure-pop.png
109.206.178.29200 OK 577 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/logo-secure-pop.png
IP 109.206.178.29:0
File type PNG image data, 57 x 42, 4-bit colormap, non-interlaced\012- data
Hash b17e926e3a65b120a77951ff29b02358
e38fdf3985f454342265d66dc945002391a6b956
721d599eb03ec7bbebd0b048623e4104fdb61652ff9334d88658fb2f05d6ce14
GET /images/logo-secure-pop.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "241-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 577
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
bitcomoneyup-en.sakosaco.com/btcrates
109.206.178.29200 OK 339 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/btcrates
IP 109.206.178.29:0
File type JSON data\012- , ASCII text, with very long lines (776), with no line terminators
Hash cf8acf096369705cc0c1088be01e91e3
923b6efdd4780ce3e307f322445e43c3501bc43e
ed1112f3efe0c348fd78854f10774f4d8faef01bf4a617b66ec41f678da7e73a
Analyzer Verdict Alert fortinet Phishing
GET /btcrates HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.18 (Ubuntu)
Cache-Control: no-cache, private
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 339
Content-Type: text/html; charset=UTF-8
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ik9SejdUeVQ1YTN4QjE5WFdWYTN5S3c9PSIsInZhbHVlIjoiU0JYUTFVSnJjdDd3bXVCRnBGdlZDaVAwY3VZMFdmT3YyU0V0QWF2bkxZSm5NVEYzRkhqcFkxa3prM2NyWlpmamRFRWRQZUl2NTdkMlZDRE5ScmdxV3VxSG96eW84NlhEZzJzRStLRWxQSnlXVTZxbW8rNFpLdkgvOUFkQmhmYVciLCJtYWMiOiI5YmZlMWVmMjAzMzI0NWU2MmY2YTljMjEzOTQ0N2NmMjhiOTExNDMxNDExMDU3YmRkMDNiYWQ0YjJmZmFhNmJjIiwidGFnIjoiIn0%3D; expires=Mon, 06-Feb-2023 12:44:45 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6IldCNXdRVnUxaUJHMmxJTlgxYi8zVEE9PSIsInZhbHVlIjoiRllSWFp5SXRYT1VvUVFwSGNVN1lUb21FT2tYS2pBbGc3cW5KYlh4S3NHbzg5ektwR2hPK09Xb3phWTZNcFRxM3AzNTBRNk16ckdlSlZJZTRqdk9wTlY5TEgrdWp1aFFFYWEwWUhIck5lNDAwRGVaSzQ2ZnltN004TE1nNkJGYk4iLCJtYWMiOiIyNWIwNjc3NjNkOTZhN2FkMjJiZDJjNjc2OWQ2ZmQ2NjczNjhlMDhiNTNmYmViZTJkOWI3MWM5MDE5YzEwZjM3IiwidGFnIjoiIn0%3D; expires=Mon, 06-Feb-2023 12:44:45 GMT; Max-Age=7200; path=/; httponly
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
web.webpushs.com/js/push/0458fc53590f679c024679f6b5bf19a0_1.js
185.76.9.18200 OK 36 kB URL HTTP/1.1 web.webpushs.com/js/push/0458fc53590f679c024679f6b5bf19a0_1.js
IP 185.76.9.18:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (34908)
Hash c224cca0d9f8212a05fa22b769b8780d
11b7fdde01a57aec17c25c7b5c3c6cfa34a2cecc
191f0fbcde395aeb82a620028d2e5a17a6cb02fc63e25569d8ea2f2eb5794d56
GET /js/push/0458fc53590f679c024679f6b5bf19a0_1.js HTTP/1.1
Host: web.webpushs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 17 Sep 2021 12:56:32 GMT
ETag: W/"1cedb-5cc3075e9f648"
Vary: Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Origin: *
x-sp-ma: sp-ma-2
Content-Security-Policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Expires: Mon, 13 Feb 2023 10:44:45 GMT
Cache-Control: max-age=604800
x-sp-pr: lpr9
X-Accel-Expires: @1676285085
Server: CDN77-Turbo
X-77-NZT: AblMCQ3ORnGh
X-77-NZT-Ray: c0a4cc286a05b1071ddae063de222509
X-Cache: MISS
X-77-POP: stockholmSE
X-77-Cache: MISS
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.ytimg.com/yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js
142.250.74.142200 OK 7.7 kB URL HTTP/2 s.ytimg.com/yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (783)
Hash 8a16a770683ddcefb4bf88b49fdf94f8
96eb759723f032cfade39ca4de4082166aca8be4
173795ca8b1880e750ef95ad05a896e225a530f2aa27536ba3d15c6603a22d8e
GET /yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js HTTP/1.1
Host: s.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: https://www.youtube.com
content-length: 7738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 18:54:58 GMT
expires: Sun, 12 Feb 2023 18:54:58 GMT
cache-control: public, max-age=691200
last-modified: Sat, 23 Feb 2019 21:30:08 GMT
content-type: text/javascript
age: 143387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 09:51:19 GMT
age: 3206
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
bitcomoneyup-en.sakosaco.com/images/favicon.png
109.206.178.29200 OK 412 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/images/favicon.png
IP 109.206.178.29:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 3a45f4a8a6f2b720de83c6288e85d023
b5d35df315fa8e4b7fdaa321f99fdd6d86a8b506
8053243456927253fa518c7935d17e36a0d13cc2f383e3741b6c7f90b5acf934
GET /images/favicon.png HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd; XSRF-TOKEN=eyJpdiI6Ik9SejdUeVQ1YTN4QjE5WFdWYTN5S3c9PSIsInZhbHVlIjoiU0JYUTFVSnJjdDd3bXVCRnBGdlZDaVAwY3VZMFdmT3YyU0V0QWF2bkxZSm5NVEYzRkhqcFkxa3prM2NyWlpmamRFRWRQZUl2NTdkMlZDRE5ScmdxV3VxSG96eW84NlhEZzJzRStLRWxQSnlXVTZxbW8rNFpLdkgvOUFkQmhmYVciLCJtYWMiOiI5YmZlMWVmMjAzMzI0NWU2MmY2YTljMjEzOTQ0N2NmMjhiOTExNDMxNDExMDU3YmRkMDNiYWQ0YjJmZmFhNmJjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IldCNXdRVnUxaUJHMmxJTlgxYi8zVEE9PSIsInZhbHVlIjoiRllSWFp5SXRYT1VvUVFwSGNVN1lUb21FT2tYS2pBbGc3cW5KYlh4S3NHbzg5ektwR2hPK09Xb3phWTZNcFRxM3AzNTBRNk16ckdlSlZJZTRqdk9wTlY5TEgrdWp1aFFFYWEwWUhIck5lNDAwRGVaSzQ2ZnltN004TE1nNkJGYk4iLCJtYWMiOiIyNWIwNjc3NjNkOTZhN2FkMjJiZDJjNjc2OWQ2ZmQ2NjczNjhlMDhiNTNmYmViZTJkOWI3MWM5MDE5YzEwZjM3IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "19c-5e69a0fe716bc"
Accept-Ranges: bytes
Content-Length: 412
Vary: User-Agent
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bitcomoneyup-en.sakosaco.com/btcrates
109.206.178.29200 OK 339 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/btcrates
IP 109.206.178.29:0
File type JSON data\012- , ASCII text, with very long lines (776), with no line terminators
Hash cf8acf096369705cc0c1088be01e91e3
923b6efdd4780ce3e307f322445e43c3501bc43e
ed1112f3efe0c348fd78854f10774f4d8faef01bf4a617b66ec41f678da7e73a
Analyzer Verdict Alert fortinet Phishing
GET /btcrates HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd; XSRF-TOKEN=eyJpdiI6Ik9SejdUeVQ1YTN4QjE5WFdWYTN5S3c9PSIsInZhbHVlIjoiU0JYUTFVSnJjdDd3bXVCRnBGdlZDaVAwY3VZMFdmT3YyU0V0QWF2bkxZSm5NVEYzRkhqcFkxa3prM2NyWlpmamRFRWRQZUl2NTdkMlZDRE5ScmdxV3VxSG96eW84NlhEZzJzRStLRWxQSnlXVTZxbW8rNFpLdkgvOUFkQmhmYVciLCJtYWMiOiI5YmZlMWVmMjAzMzI0NWU2MmY2YTljMjEzOTQ0N2NmMjhiOTExNDMxNDExMDU3YmRkMDNiYWQ0YjJmZmFhNmJjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IldCNXdRVnUxaUJHMmxJTlgxYi8zVEE9PSIsInZhbHVlIjoiRllSWFp5SXRYT1VvUVFwSGNVN1lUb21FT2tYS2pBbGc3cW5KYlh4S3NHbzg5ektwR2hPK09Xb3phWTZNcFRxM3AzNTBRNk16ckdlSlZJZTRqdk9wTlY5TEgrdWp1aFFFYWEwWUhIck5lNDAwRGVaSzQ2ZnltN004TE1nNkJGYk4iLCJtYWMiOiIyNWIwNjc3NjNkOTZhN2FkMjJiZDJjNjc2OWQ2ZmQ2NjczNjhlMDhiNTNmYmViZTJkOWI3MWM5MDE5YzEwZjM3IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:45 GMT
Server: Apache/2.4.18 (Ubuntu)
Cache-Control: no-cache, private
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 339
Content-Type: text/html; charset=UTF-8
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImhHSy9Da2Z1NlFyeURvUG9pQ1V1Q2c9PSIsInZhbHVlIjoiNEUzd0JDQkhlS2ZmRlhLNGVVQ0E1L0tWVXhKS1JCbXRYSXB5azJ6UlRRazRHZmV6YmJYQWxVMStLNk1jeTUwVVRUZXFsLzR1UktwVGlhSWgxSThyTUpQZ2Z1cXR0a2RPWVowZnBJRlRtbUFGQ25CQjEybmszOHl6dm83c1AxMU0iLCJtYWMiOiI0YTI1YmYwOWI3M2MxMzY2YzU2MjEyN2VmNzc5MDNjM2JkMmM3M2FlZDUzMGNiM2I3YTAwNzBlMTBkZjk4NDI0IiwidGFnIjoiIn0%3D; expires=Mon, 06-Feb-2023 12:44:45 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6InhGNXkzb20vOGU1NE5HL29MbkRDQlE9PSIsInZhbHVlIjoiSGlhNW5zVXpnRi9NY3gzRFJ5cmR6M1J5aFpBVDhPNzA0TzZTWkhPY3hXWnovMitqSVI1cHhNWk9QSHpoSEtON3RmdVdzZlRDNm9hMDRhb2ZONHhQUCtLb3RhRGVTUHhabzBmYjV3NmQwRzNEenFIbnYxeE40UmxscFo4Tnl0enciLCJtYWMiOiIzMDc5ZDEwYTM5NGQ1ZThmZTM4ZjMwZWRmYWU2Y2I4NTJkNWRhMWQwN2IyMGNkYzQ0YjhlMjY2NGEzMTNiMzQ0IiwidGFnIjoiIn0%3D; expires=Mon, 06-Feb-2023 12:44:45 GMT; Max-Age=7200; path=/; httponly
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8391
Expires: Mon, 06 Feb 2023 13:04:36 GMT
Date: Mon, 06 Feb 2023 10:44:45 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 305802
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 16:40:43 GMT
expires: Fri, 02 Feb 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 324242
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.39.49.137101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.49.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ps8Qhg3WWYk4BpIEbFH8zw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XnRqbBkG1IYZK6ghgK9Mh4BCatA=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a1b0adb1c8292e353e84a56a163dddf0
e72fe20524a0cc1d6077eeef4445bd24cae46a60
d82c206adfc4b455e24ae565256cca03e48944af39dbbef0c704ddfc1cce501a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
216.58.211.2302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 06 Feb 2023 10:44:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 10:43:12 GMT
expires: Mon, 06 Feb 2023 10:58:12 GMT
cache-control: public, max-age=900
age: 94
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a1b0adb1c8292e353e84a56a163dddf0
e72fe20524a0cc1d6077eeef4445bd24cae46a60
d82c206adfc4b455e24ae565256cca03e48944af39dbbef0c704ddfc1cce501a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 06 Feb 2023 10:44:46 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 62f6448343dd304653cfac9ab00a808d
68fbab21dc614d2851223a4c5a2796586f4ab280
a3f13bfa72337bdc7543abae29d5964578519ecdcf31464804a02f43488fa8b7
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 06 Feb 2023 10:44:46 GMT
server: ESF
cache-control: private
content-length: 30843
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36392)
Hash 224f0c569b57002328a0d93922ad4f85
49f653f477e53d804034c7daf3f6ff850693ea48
367eb30e42b960d0cf60b3bd0f2dd41b61101f15285358dffeb2309b428533a0
GET /js/th/hMfiIRZZaMzaAz5FYaI1FR-xuNlC9MpkqGZdkT5mV6Q.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14417
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:05:57 GMT
expires: Fri, 02 Feb 2024 10:05:57 GMT
cache-control: public, max-age=31536000
age: 347929
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJX8FsZ4GvN6k4rMxRtzWbC_V5HU6kTK6jK-OY7D=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.3 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJX8FsZ4GvN6k4rMxRtzWbC_V5HU6kTK6jK-OY7D=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash ac97ed347bafbb02471fc50feb9a39c0
c688b3c4f2655669b9ca6757a5477b048493f975
ab77a37164af7ca12ec45d4e296830ecc3d895bc9443ff80e1d27314760141cb
GET /ytc/AL5GRJX8FsZ4GvN6k4rMxRtzWbC_V5HU6kTK6jK-OY7D=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2264
x-xss-protection: 0
date: Mon, 06 Feb 2023 08:30:37 GMT
expires: Fri, 03 Feb 2023 13:36:29 GMT
cache-control: public, max-age=86400, no-transform
age: 8049
etag: "v5"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bitcomoneyup-en.sakosaco.com/sp-push-worker-fb.js
109.206.178.29200 OK 73 B URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/sp-push-worker-fb.js
IP 109.206.178.29:0
Hash ecb4f4007cc3480e6c061d771bb8fbe6
a569fa660b2506f93d15fe315fc8201dca64ad71
e2a91872ec3acf90b043e0a5c7d7870681ab685704b334a163194aaa55faacbc
Analyzer Verdict Alert fortinet Phishing
GET /sp-push-worker-fb.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd; XSRF-TOKEN=eyJpdiI6ImhHSy9Da2Z1NlFyeURvUG9pQ1V1Q2c9PSIsInZhbHVlIjoiNEUzd0JDQkhlS2ZmRlhLNGVVQ0E1L0tWVXhKS1JCbXRYSXB5azJ6UlRRazRHZmV6YmJYQWxVMStLNk1jeTUwVVRUZXFsLzR1UktwVGlhSWgxSThyTUpQZ2Z1cXR0a2RPWVowZnBJRlRtbUFGQ25CQjEybmszOHl6dm83c1AxMU0iLCJtYWMiOiI0YTI1YmYwOWI3M2MxMzY2YzU2MjEyN2VmNzc5MDNjM2JkMmM3M2FlZDUzMGNiM2I3YTAwNzBlMTBkZjk4NDI0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InhGNXkzb20vOGU1NE5HL29MbkRDQlE9PSIsInZhbHVlIjoiSGlhNW5zVXpnRi9NY3gzRFJ5cmR6M1J5aFpBVDhPNzA0TzZTWkhPY3hXWnovMitqSVI1cHhNWk9QSHpoSEtON3RmdVdzZlRDNm9hMDRhb2ZONHhQUCtLb3RhRGVTUHhabzBmYjV3NmQwRzNEenFIbnYxeE40UmxscFo4Tnl0enciLCJtYWMiOiIzMDc5ZDEwYTM5NGQ1ZThmZTM4ZjMwZWRmYWU2Y2I4NTJkNWRhMWQwN2IyMGNkYzQ0YjhlMjY2NGEzMTNiMzQ0IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:46 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "49-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 73
Vary: User-Agent
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bitcomoneyup-en.sakosaco.com/js/utils.js
109.206.178.29200 OK 234 kB URL HTTP/1.1 bitcomoneyup-en.sakosaco.com/js/utils.js
IP 109.206.178.29:0
File type ASCII text, with very long lines (2048)
Size 234 kB (233928 bytes)
Hash 13fbad1cb845a3281cf3821792a9931a
979f77248eea85be89ab91297b8fad6eabad4111
e5277eaf274835757d6682660675f6c3af0d95f8462d007483c881730f1a95e2
Analyzer Verdict Alert fortinet Phishing
GET /js/utils.js HTTP/1.1
Host: bitcomoneyup-en.sakosaco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Cookie: t=b9914ca243f54fc6886bb42253c6e9bd; XSRF-TOKEN=eyJpdiI6ImhHSy9Da2Z1NlFyeURvUG9pQ1V1Q2c9PSIsInZhbHVlIjoiNEUzd0JDQkhlS2ZmRlhLNGVVQ0E1L0tWVXhKS1JCbXRYSXB5azJ6UlRRazRHZmV6YmJYQWxVMStLNk1jeTUwVVRUZXFsLzR1UktwVGlhSWgxSThyTUpQZ2Z1cXR0a2RPWVowZnBJRlRtbUFGQ25CQjEybmszOHl6dm83c1AxMU0iLCJtYWMiOiI0YTI1YmYwOWI3M2MxMzY2YzU2MjEyN2VmNzc5MDNjM2JkMmM3M2FlZDUzMGNiM2I3YTAwNzBlMTBkZjk4NDI0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InhGNXkzb20vOGU1NE5HL29MbkRDQlE9PSIsInZhbHVlIjoiSGlhNW5zVXpnRi9NY3gzRFJ5cmR6M1J5aFpBVDhPNzA0TzZTWkhPY3hXWnovMitqSVI1cHhNWk9QSHpoSEtON3RmdVdzZlRDNm9hMDRhb2ZONHhQUCtLb3RhRGVTUHhabzBmYjV3NmQwRzNEenFIbnYxeE40UmxscFo4Tnl0enciLCJtYWMiOiIzMDc5ZDEwYTM5NGQ1ZThmZTM4ZjMwZWRmYWU2Y2I4NTJkNWRhMWQwN2IyMGNkYzQ0YjhlMjY2NGEzMTNiMzQ0IiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 10:44:46 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 19 Aug 2022 15:50:49 GMT
ETag: "391c8-5e69a0fe7265c"
Accept-Ranges: bytes
Content-Length: 233928
Vary: User-Agent
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/javascript
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 06 Feb 2023 10:44:46 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash af65da640c7c07816e28f75d45c4d43b
d2dbcc73491935d587bf1443898b1e70aa2ef08b
b47b668d888dfd65a71b9ca89ebd01524cd677e6746d9a98c072236bbd1ecfb0
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1192
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 06 Feb 2023 10:44:46 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 74c10ba20642605a6157b61ba2391606
be654c2aeab4baa47e9b95388f400146bb122e7f
783b07bb03aa82ff3164b6296c678092b083fabd681c6d80e05dde79c5a3435f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 74c10ba20642605a6157b61ba2391606
be654c2aeab4baa47e9b95388f400146bb122e7f
783b07bb03aa82ff3164b6296c678092b083fabd681c6d80e05dde79c5a3435f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=251&source=youtube&requiressl=yes&mh=E6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2013750&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=audio%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=1859558&dur=126.421&lmt=1618887966650268&mt=1675679834&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgASswwV0XhI8_qsapvDoi6ShyvZS7N_fOxTZduMFXYtkCIQCyNNC--vCSJ1CqrvunXsC5ndimws3Fs0bALwOrcIgfNA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgamDPo2wshej5LT4oNFg4cMhfs9bON0D6LtR4qOhDmKkCIHZGkVn9QpI-t40a1aL-6JZcl6tg8LvQtgoQMhDhCfsi&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&range=0-66019&rn=2&rbuf=0
91.90.45.172200 OK 1.0 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=251&source=youtube&requiressl=yes&mh=E6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2013750&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=audio%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=1859558&dur=126.421&lmt=1618887966650268&mt=1675679834&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgASswwV0XhI8_qsapvDoi6ShyvZS7N_fOxTZduMFXYtkCIQCyNNC--vCSJ1CqrvunXsC5ndimws3Fs0bALwOrcIgfNA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgamDPo2wshej5LT4oNFg4cMhfs9bON0D6LtR4qOhDmKkCIHZGkVn9QpI-t40a1aL-6JZcl6tg8LvQtgoQMhDhCfsi&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&range=0-66019&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1023), with no line terminators
Hash a0f089224cf83eb7ec9ea9d62a8c0227
2688ccd8f3be20374dbe89fa821f8a03d92c62cc
be8bfa0ccb474d14b0d48811f93713283a727aee8cc4341ddcd8a75577696c00
POST /videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=251&source=youtube&requiressl=yes&mh=E6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2013750&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=audio%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=1859558&dur=126.421&lmt=1618887966650268&mt=1675679834&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgASswwV0XhI8_qsapvDoi6ShyvZS7N_fOxTZduMFXYtkCIQCyNNC--vCSJ1CqrvunXsC5ndimws3Fs0bALwOrcIgfNA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgamDPo2wshej5LT4oNFg4cMhfs9bON0D6LtR4qOhDmKkCIHZGkVn9QpI-t40a1aL-6JZcl6tg8LvQtgoQMhDhCfsi&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&range=0-66019&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Mon, 06 Feb 2023 10:44:46 GMT
Expires: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1023
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=E6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2013750&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=video%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=3827978&dur=126.392&lmt=1618887963688646&mt=1675679834&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOfqVwSSZjR4md9DbQY2VGO2TAWn2huNFjozh-e1nvPvAiB0o1TeAsLVTfrGaUoH1VVhQHkgbp0rD3dC9tN91Qf5VA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgamDPo2wshej5LT4oNFg4cMhfs9bON0D6LtR4qOhDmKkCIHZGkVn9QpI-t40a1aL-6JZcl6tg8LvQtgoQMhDhCfsi&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&range=0-104214&rn=1&rbuf=0
91.90.45.172200 OK 1.1 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=E6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2013750&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=video%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=3827978&dur=126.392&lmt=1618887963688646&mt=1675679834&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOfqVwSSZjR4md9DbQY2VGO2TAWn2huNFjozh-e1nvPvAiB0o1TeAsLVTfrGaUoH1VVhQHkgbp0rD3dC9tN91Qf5VA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgamDPo2wshej5LT4oNFg4cMhfs9bON0D6LtR4qOhDmKkCIHZGkVn9QpI-t40a1aL-6JZcl6tg8LvQtgoQMhDhCfsi&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&range=0-104214&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1091), with no line terminators
Hash c88885062eaeba8af7bb19f0bf90ed1d
ad70b344bd19ce01a4eb92b943ac2351b35afd7c
3586402293ade6c166de4e6c1e5533ffa199bfd2f84d76dae5ed1175dd83a494
POST /videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=E6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2013750&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=video%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=3827978&dur=126.392&lmt=1618887963688646&mt=1675679834&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOfqVwSSZjR4md9DbQY2VGO2TAWn2huNFjozh-e1nvPvAiB0o1TeAsLVTfrGaUoH1VVhQHkgbp0rD3dC9tN91Qf5VA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgamDPo2wshej5LT4oNFg4cMhfs9bON0D6LtR4qOhDmKkCIHZGkVn9QpI-t40a1aL-6JZcl6tg8LvQtgoQMhDhCfsi&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&range=0-104214&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Mon, 06 Feb 2023 10:44:46 GMT
Expires: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1091
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 74c10ba20642605a6157b61ba2391606
be654c2aeab4baa47e9b95388f400146bb122e7f
783b07bb03aa82ff3164b6296c678092b083fabd681c6d80e05dde79c5a3435f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 168fa5619143ca4b0875a0808912445c
94f916ad79f09d1aebc9df90eb5dd82d772816ff
77a38b1011b892ffe5c749fb6f38d68d038820824a668116d1f7582922b2e072
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 168fa5619143ca4b0875a0808912445c
94f916ad79f09d1aebc9df90eb5dd82d772816ff
77a38b1011b892ffe5c749fb6f38d68d038820824a668116d1f7582922b2e072
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=251&source=youtube&requiressl=yes&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=audio%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=1859558&dur=126.421&lmt=1618887966650268&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgASswwV0XhI8_qsapvDoi6ShyvZS7N_fOxTZduMFXYtkCIQCyNNC--vCSJ1CqrvunXsC5ndimws3Fs0bALwOrcIgfNA%3D%3D&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=E6&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675680083&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAM-RnuE93NRTWGjmsRu_plD8jU5GQ0UHCC2qDGkdBWtvAiADTHxx4D1ouSzLJ2015ejFhQ0OINHhxAL8ysTsAKA6pw%3D%3D&range=0-66019&rn=4&rbuf=0&pot=D6KiQeC7dh9IopmSErilV-EjIgYwIpet_eeHiN41PkzJq5DkQ28_LiyOo_J7HpWzDXTthBLDOK5Zxv8UoSAaM9wRA_owx3Fs_d5HCbTQJtOuqE87readnYd_QnZIZUAgCbuEe4fNYUw=
74.125.111.39200 OK 66 kB URL HTTP/1.1 rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=251&source=youtube&requiressl=yes&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=audio%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=1859558&dur=126.421&lmt=1618887966650268&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgASswwV0XhI8_qsapvDoi6ShyvZS7N_fOxTZduMFXYtkCIQCyNNC--vCSJ1CqrvunXsC5ndimws3Fs0bALwOrcIgfNA%3D%3D&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=E6&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675680083&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAM-RnuE93NRTWGjmsRu_plD8jU5GQ0UHCC2qDGkdBWtvAiADTHxx4D1ouSzLJ2015ejFhQ0OINHhxAL8ysTsAKA6pw%3D%3D&range=0-66019&rn=4&rbuf=0&pot=D6KiQeC7dh9IopmSErilV-EjIgYwIpet_eeHiN41PkzJq5DkQ28_LiyOo_J7HpWzDXTthBLDOK5Zxv8UoSAaM9wRA_owx3Fs_d5HCbTQJtOuqE87readnYd_QnZIZUAgCbuEe4fNYUw=
IP 74.125.111.39:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 27c97563a414bb74999fe27e261351d7
1bf31b0ca97a4bbcac01ca2176d7e7245552cd10
8ff5cd6edd4ed2b5eda68b4a0f396c09d5fcf01e1676402385ad41719749e334
POST /videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=251&source=youtube&requiressl=yes&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=audio%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=1859558&dur=126.421&lmt=1618887966650268&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgASswwV0XhI8_qsapvDoi6ShyvZS7N_fOxTZduMFXYtkCIQCyNNC--vCSJ1CqrvunXsC5ndimws3Fs0bALwOrcIgfNA%3D%3D&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=E6&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675680083&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAM-RnuE93NRTWGjmsRu_plD8jU5GQ0UHCC2qDGkdBWtvAiADTHxx4D1ouSzLJ2015ejFhQ0OINHhxAL8ysTsAKA6pw%3D%3D&range=0-66019&rn=4&rbuf=0&pot=D6KiQeC7dh9IopmSErilV-EjIgYwIpet_eeHiN41PkzJq5DkQ28_LiyOo_J7HpWzDXTthBLDOK5Zxv8UoSAaM9wRA_owx3Fs_d5HCbTQJtOuqE87readnYd_QnZIZUAgCbuEe4fNYUw= HTTP/1.1
Host: rr2---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 20 Apr 2021 03:06:06 GMT
Content-Type: audio/webm
Date: Mon, 06 Feb 2023 10:44:46 GMT
Expires: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 66020
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 168fa5619143ca4b0875a0808912445c
94f916ad79f09d1aebc9df90eb5dd82d772816ff
77a38b1011b892ffe5c749fb6f38d68d038820824a668116d1f7582922b2e072
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=video%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=3827978&dur=126.392&lmt=1618887963688646&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOfqVwSSZjR4md9DbQY2VGO2TAWn2huNFjozh-e1nvPvAiB0o1TeAsLVTfrGaUoH1VVhQHkgbp0rD3dC9tN91Qf5VA%3D%3D&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=E6&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675680083&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAI8rt-j6Z4BLPoB7NCgL3MFebgcQcuVFCInE_kEbFH6LAiB8e9Qai1HxJn__Peo_qZdhiLeu-dcq1WjeWQF1yMYi7A%3D%3D&range=0-104214&rn=3&rbuf=0&pot=D6KiQeC7dh9IopmSErilV-EjIgYwIpet_eeHiN41PkzJq5DkQ28_LiyOo_J7HpWzDXTthBLDOK5Zxv8UoSAaM9wRA_owx3Fs_d5HCbTQJtOuqE87readnYd_QnZIZUAgCbuEe4fNYUw=
74.125.111.39200 OK 104 kB URL HTTP/1.1 rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=video%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=3827978&dur=126.392&lmt=1618887963688646&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOfqVwSSZjR4md9DbQY2VGO2TAWn2huNFjozh-e1nvPvAiB0o1TeAsLVTfrGaUoH1VVhQHkgbp0rD3dC9tN91Qf5VA%3D%3D&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=E6&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675680083&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAI8rt-j6Z4BLPoB7NCgL3MFebgcQcuVFCInE_kEbFH6LAiB8e9Qai1HxJn__Peo_qZdhiLeu-dcq1WjeWQF1yMYi7A%3D%3D&range=0-104214&rn=3&rbuf=0&pot=D6KiQeC7dh9IopmSErilV-EjIgYwIpet_eeHiN41PkzJq5DkQ28_LiyOo_J7HpWzDXTthBLDOK5Zxv8UoSAaM9wRA_owx3Fs_d5HCbTQJtOuqE87readnYd_QnZIZUAgCbuEe4fNYUw=
IP 74.125.111.39:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 104 kB (104215 bytes)
Hash 564d7248345a45d6af0e708298d17f08
e82abd4390c93ee05c7f2d938f8227513ae30a17
82e11e388dd817b4bcbaae6304863d5b5a7c31a6b58063c9828f2b1d1116b7ed
POST /videoplayback?expire=1675701886&ei=HtrgY8uGE5fNyQWx-7iIDg&ip=91.90.42.154&id=o-ALRQCs5-tmsG5h8FIIJ4i81v2IfZ84m-n_sZjW6j5cNw&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&spc=H3gIhlSCzI9vZIkHyM_g-_M1o_vs82E&vprv=1&mime=video%2Fwebm&ns=Roc2iDC--efLXbo235tpkl0L&gir=yes&clen=3827978&dur=126.392&lmt=1618887963688646&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=rXLyCrl4L6vTqQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOfqVwSSZjR4md9DbQY2VGO2TAWn2huNFjozh-e1nvPvAiB0o1TeAsLVTfrGaUoH1VVhQHkgbp0rD3dC9tN91Qf5VA%3D%3D&alr=yes&cpn=b28C29dxmlmaTuej&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=E6&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1675680083&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAI8rt-j6Z4BLPoB7NCgL3MFebgcQcuVFCInE_kEbFH6LAiB8e9Qai1HxJn__Peo_qZdhiLeu-dcq1WjeWQF1yMYi7A%3D%3D&range=0-104214&rn=3&rbuf=0&pot=D6KiQeC7dh9IopmSErilV-EjIgYwIpet_eeHiN41PkzJq5DkQ28_LiyOo_J7HpWzDXTthBLDOK5Zxv8UoSAaM9wRA_owx3Fs_d5HCbTQJtOuqE87readnYd_QnZIZUAgCbuEe4fNYUw= HTTP/1.1
Host: rr2---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 20 Apr 2021 03:06:03 GMT
Content-Type: video/webm
Date: Mon, 06 Feb 2023 10:44:46 GMT
Expires: Mon, 06 Feb 2023 10:44:46 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 104215
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17594
Expires: Mon, 06 Feb 2023 15:38:01 GMT
Date: Mon, 06 Feb 2023 10:44:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17594
Expires: Mon, 06 Feb 2023 15:38:01 GMT
Date: Mon, 06 Feb 2023 10:44:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17594
Expires: Mon, 06 Feb 2023 15:38:01 GMT
Date: Mon, 06 Feb 2023 10:44:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17594
Expires: Mon, 06 Feb 2023 15:38:01 GMT
Date: Mon, 06 Feb 2023 10:44:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17594
Expires: Mon, 06 Feb 2023 15:38:01 GMT
Date: Mon, 06 Feb 2023 10:44:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 45233
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6941fb6-e957-4628-8403-b30032e53952.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6941fb6-e957-4628-8403-b30032e53952.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d97807096c24402f2938faa7bef0bb1f
5dcc91fcfb218579f9bb8d74949c62b42a0ee0f5
61d5e5e14348dcd17a2d65ed50bf4870cfa0869b2027bd9e02e5656b71ae7b07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6941fb6-e957-4628-8403-b30032e53952.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9504
x-amzn-requestid: 5ed1526b-636a-4aac-9900-3438fe44bc68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4o9ZF4fIAMFuhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e021ef-6925f9fa343504e94459aa70;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:38:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U81u29w8Kam-xsluWwUqh-4J1bS-8viBRP4f6ERFJcGUpsDLcB-feg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:57:34 GMT
age: 46033
etag: "5dcc91fcfb218579f9bb8d74949c62b42a0ee0f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 46478
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f267c5cee67458c0f6ef42c4feb5217e
f5092ce77834e8f1f245b987204ff6a194c38ef6
84c5cde3d7e06e6dd32d1c98172606c8d912c7032a4677f8851e42e4b195e420
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9451
x-amzn-requestid: 3f95347b-f0bf-43dd-90fc-5087bf0de607
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okJGUCoAMF0sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214d-53d6a2de41af72770b086196;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jmGGGqJoMe4zt4RqNID5Xo7SVaWVAIAYf9s9YcduklkfdFnYniULOA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:03 GMT
age: 46424
etag: "f5092ce77834e8f1f245b987204ff6a194c38ef6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea463f7a06fe1403c18c8ce8781244a1
fbbe4b97e4b39983b36340030f6b40adc69cd485
93a12a85886512e3336d027c889a2276087976b1c9106356cc81596b88087042
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8971
x-amzn-requestid: b1baa973-5b7c-4daa-af2e-e9f0b3c6a604
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzViwFG1IAMF4qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de02de-4a0c9cf45c1a20083bb838dc;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:01:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L2u3Gp-3bJ8TbGiqayHuab-ELwY7ZpVqc_4TrpraHwvWobAqn21tBw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 07:32:23 GMT
age: 11544
etag: "fbbe4b97e4b39983b36340030f6b40adc69cd485"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 46484
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/embed/PI4ZEUsyYmM?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=PI4ZEUsyYmM&mute=1&enablejsapi=1&origin=http%3A%2F%2Fbitcomoneyup-en.sakosaco.com&widgetid=1
142.250.74.142200 OK 0 B URL HTTP/2 www.youtube.com/embed/PI4ZEUsyYmM?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=PI4ZEUsyYmM&mute=1&enablejsapi=1&origin=http%3A%2F%2Fbitcomoneyup-en.sakosaco.com&widgetid=1
IP 142.250.74.142:0
GET /embed/PI4ZEUsyYmM?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=PI4ZEUsyYmM&mute=1&enablejsapi=1&origin=http%3A%2F%2Fbitcomoneyup-en.sakosaco.com&widgetid=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bitcomoneyup-en.sakosaco.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Feb 2023 10:44:45 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=qCUaCQZ-9NU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TmprNU1qQXlNemt5TmprNE5qUXlOUT09EJ20g58GGJ20g58G; Domain=.youtube.com; Expires=Sat, 05-Aug-2023 10:44:45 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=ZATmUv998OQ; Domain=.youtube.com; Expires=Sat, 05-Aug-2023 10:44:45 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+931; expires=Wed, 05-Feb-2025 10:44:45 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2