r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6830
Expires: Mon, 05 Dec 2022 00:58:16 GMT
Date: Sun, 04 Dec 2022 23:04:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3741
Cache-Control: max-age=131352
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:04:26 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:33:38 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 22:20:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2657
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2788
Expires: Sun, 04 Dec 2022 23:50:54 GMT
Date: Sun, 04 Dec 2022 23:04:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: W11n0RqvOxQA+jiumMuSusJUwBVjQDUtQvd7VVfdUzife5oVUDRI5sMbiac1HZE26ITl2SbFb9E=
x-amz-request-id: 19TB2E05TJD9E7YW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 22:47:09 GMT
age: 1037
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
fa592ydj2d5e8bl2a1.youltube.biz/
172.67.148.44200 OK 5.4 kB URL HTTP/1.1 fa592ydj2d5e8bl2a1.youltube.biz/
IP 172.67.148.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5373)
Hash ddb50027f5c192a2c7c84b7aca2df47e
6c988c25b664287a07fbd67d9f648a6c4009ef8c
bb5303e14ed9e9cabda0304270a45b85ba87fa41408345af14d9653223c4c293
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: fa592ydj2d5e8bl2a1.youltube.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:04:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Er%2FV0K2wWDwj27enRaRwinNeLTsn%2FRNMT00%2BfBU9NFFvBmcR%2Fz9Kk5WP8Skl8eFAhAnglj%2FOgsU%2BNH55HnPNgfZNoR0XDnpC6wuw0jnlUMF43stxnew67IFJBAmRSKEmcLVxLcmuDmFpF3g5vHs%2FitpY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77482e59cde10b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/DsM5GOv2fqE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DsM5GOv2fqE
IP 142.250.74.131:0
Hash e3e98fa54e4715acd104778d65f67ed1
a0d522b3e40ac157bad1153e71de2efdfde3fb64
70cf64855b9bec6131e16489a83c6e5b328c4ca33aa6421f5d2ed2b2304a16f3
POST /s/gts1p5/DsM5GOv2fqE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:04:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 22:08:58 GMT
cache-control: public,max-age=3600
age: 3328
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
fa592ydj2d5e8bl2a1.youltube.biz/favicon.ico
172.67.148.44404 Not Found 1.4 kB URL HTTP/1.1 fa592ydj2d5e8bl2a1.youltube.biz/favicon.ico
IP 172.67.148.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (660)
Hash 5d5311d668a4899c6a2851284adc4f8d
f2142341d483367c49583914e9d60e8f25f6e176
cce548759b07863c03628991f10afb1bd8770055c1f5af113db0622c5b84b08e
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: fa592ydj2d5e8bl2a1.youltube.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fa592ydj2d5e8bl2a1.youltube.biz/
HTTP/1.1 404 Not Found
Date: Sun, 04 Dec 2022 23:04:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 14 Jul 2022 00:17:54 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4B08dzndnTiumeoR4%2FV%2BHg5cAa4rsueqUaCfjxz9KKJNfih9CYGopslELfYfdCt9KUNrGGCx8roJRP6gnKymoccjYshAynkDHax4prFZklYyFxOYk3PMBNBOfuDEvYBjCMW63ib1F%2FOmp53xTAv2Otfb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77482e5db92b0b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3731
Cache-Control: max-age=126276
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:04:26 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:09:02 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/DsM5GOv2fqE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DsM5GOv2fqE
IP 142.250.74.131:0
Hash e3e98fa54e4715acd104778d65f67ed1
a0d522b3e40ac157bad1153e71de2efdfde3fb64
70cf64855b9bec6131e16489a83c6e5b328c4ca33aa6421f5d2ed2b2304a16f3
POST /s/gts1p5/DsM5GOv2fqE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:04:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AKuBxvJiAwtL2uFLqSmjwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f1WjQD9Ckyczh/neNkM/ectv9BE=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9a121e479738af503e7961a4898d72f
1da4bb2515b33ff7c920c46355dadc1410172220
cdc0752adc23140bc21deb6e26a3d21d70931ab632ba0f4bc1aaeac4b1af2bef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CDC0752ADC23140BC21DEB6E26A3D21D70931AB632BA0F4BC1AAEAC4B1AF2BEF"
Last-Modified: Sat, 03 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5295
Expires: Mon, 05 Dec 2022 00:32:42 GMT
Date: Sun, 04 Dec 2022 23:04:27 GMT
Connection: keep-alive
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=fa592ydj2d5e8bl2a1.youltube.biz&var=null&ymid=null&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 0 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=fa592ydj2d5e8bl2a1.youltube.biz&var=null&ymid=null&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=fa592ydj2d5e8bl2a1.youltube.biz&var=null&ymid=null&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fa592ydj2d5e8bl2a1.youltube.biz
Connection: keep-alive
Referer: http://fa592ydj2d5e8bl2a1.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:24 GMT
content-length: 0
x-trace-id: 7ab45b7bb8cff0044ee5c67ea6ff848d
access-control-allow-origin: http://fa592ydj2d5e8bl2a1.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/DsM5GOv2fqE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DsM5GOv2fqE
IP 142.250.74.131:0
Hash e3e98fa54e4715acd104778d65f67ed1
a0d522b3e40ac157bad1153e71de2efdfde3fb64
70cf64855b9bec6131e16489a83c6e5b328c4ca33aa6421f5d2ed2b2304a16f3
POST /s/gts1p5/DsM5GOv2fqE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:04:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7476
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 23:04:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7476
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 23:04:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7476
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 23:04:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b475d52dd164b9cc0efbecfd58282b6
973e77db7fb34c60e08719dc7196d865e8831cb2
3985e24217a2bd811a0ea9bf0223eb0cda31604986f3467fae028a086a8b827e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: 4d20bc36-d129-468d-b30d-f6b571d528af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKz6G86oAMF9oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abe7f-5f9353c04487352b64ba3bf8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:11:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pjwTv-Ry-1NHzZj6N-Mwul76sDeRSpLlVh7azqqqls44kH-mNhnggw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:24:11 GMT
age: 70817
etag: "973e77db7fb34c60e08719dc7196d865e8831cb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pFKMx6_a5Ml_dBK1dafOt4KFMeC5SwUqNlNpc8sO4DVj0Ocb2Yksrw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:17:39 GMT
age: 71209
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gp9v8CfWmPctcSly9jWOxy0VCbBOE-CZs9z636yfpgpVi8eNt_PVvg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
age: 4559
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d5IKLNblcA9AzCoGMpGmIGwUu-kQlHlouju5mm2NwsSOin4MFT40mg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:56:21 GMT
age: 4087
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGsNaADKr1KoJT7rxDSFf8dxM1_IXsaF67Eqe8DIO9PAJy8HtqQKng==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:21:42 GMT
age: 70966
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kf_hcK2d2YFhladZn1S4cyGq7vLTSKdWgPUTNT0M9LwHXuOV-nlgGw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:07 GMT
age: 4341
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9a121e479738af503e7961a4898d72f
1da4bb2515b33ff7c920c46355dadc1410172220
cdc0752adc23140bc21deb6e26a3d21d70931ab632ba0f4bc1aaeac4b1af2bef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CDC0752ADC23140BC21DEB6E26A3D21D70931AB632BA0F4BC1AAEAC4B1AF2BEF"
Last-Modified: Sat, 03 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5294
Expires: Mon, 05 Dec 2022 00:32:42 GMT
Date: Sun, 04 Dec 2022 23:04:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5f25c4c99bce7de9166e989e0e94df3
977a8feb8420b10fc4b27440203b08ecae7516f8
5e444685fc55211330424827c83a0b4a885ff07f4c97fa667eead72cdc3c3eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E444685FC55211330424827C83A0B4A885FF07F4C97FA667EEAD72CDC3C3EAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9710
Expires: Mon, 05 Dec 2022 01:46:18 GMT
Date: Sun, 04 Dec 2022 23:04:28 GMT
Connection: keep-alive
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=douy0t82a8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 0 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=douy0t82a8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=douy0t82a8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://douy0t82a8.youltube.biz
Connection: keep-alive
Referer: https://douy0t82a8.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:23 GMT
content-length: 0
x-trace-id: 287053a9f853ba41df4ee7351616b184
access-control-allow-origin: https://douy0t82a8.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 9fb0abfa5eb869f8e8c5c7d65f9232a1
06b33b1b8f809be49f8eda2b078d4380333e855d
3beb3655d971027cc31af13c2fd5b94d565c3b7cf292a967207743b119ed95b7
GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://douy0t82a8.youltube.biz/
Origin: https://douy0t82a8.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:28 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://douy0t82a8.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8382cf02a6ea49fa9393e94cb744ae03; expires=Mon, 04 Dec 2023 23:04:28 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=douy0t82a8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
139.45.197.253200 OK 734 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=douy0t82a8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
IP 139.45.197.253:0
File type JSON data\012- , ASCII text, with very long lines (733)
Hash 805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95
GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=douy0t82a8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://douy0t82a8.youltube.biz/
Origin: https://douy0t82a8.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:25 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: be2319cb062a979822c27adb3ef3abb6
access-control-allow-origin: https://douy0t82a8.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=exwc1kuof4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 0 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=exwc1kuof4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=exwc1kuof4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exwc1kuof4.youltube.biz
Connection: keep-alive
Referer: https://exwc1kuof4.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:24 GMT
content-length: 0
x-trace-id: 865617a2a4a5d3edf1dbf2db41821d68
access-control-allow-origin: https://exwc1kuof4.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=exwc1kuof4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
139.45.197.253200 OK 734 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=exwc1kuof4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
IP 139.45.197.253:0
File type JSON data\012- , ASCII text, with very long lines (733)
Hash 805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95
GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=exwc1kuof4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exwc1kuof4.youltube.biz/
Origin: https://exwc1kuof4.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:26 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: c3f8c1889a89302574b2f66a9792454f
access-control-allow-origin: https://exwc1kuof4.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 9fb0abfa5eb869f8e8c5c7d65f9232a1
06b33b1b8f809be49f8eda2b078d4380333e855d
3beb3655d971027cc31af13c2fd5b94d565c3b7cf292a967207743b119ed95b7
GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exwc1kuof4.youltube.biz/
Origin: https://exwc1kuof4.youltube.biz
Connection: keep-alive
Cookie: ID=8382cf02a6ea49fa9393e94cb744ae03
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:29 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://exwc1kuof4.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8382cf02a6ea49fa9393e94cb744ae03; expires=Mon, 04 Dec 2023 23:04:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=hfi4krg88g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 0 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=hfi4krg88g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=hfi4krg88g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hfi4krg88g.youltube.biz
Connection: keep-alive
Referer: https://hfi4krg88g.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:24 GMT
content-length: 0
x-trace-id: 2959595337d9b38e8f2c2198cf473e0f
access-control-allow-origin: https://hfi4krg88g.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=hfi4krg88g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
139.45.197.253200 OK 734 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=hfi4krg88g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
IP 139.45.197.253:0
File type JSON data\012- , ASCII text, with very long lines (733)
Hash 805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95
GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=hfi4krg88g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hfi4krg88g.youltube.biz/
Origin: https://hfi4krg88g.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:26 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 4358dd05fd7430cddcf91f1f8a9be9cb
access-control-allow-origin: https://hfi4krg88g.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
douy0t82a8.youltube.biz/?cnv_id=undefined
104.21.71.197200 OK 5.2 kB URL HTTP/2 douy0t82a8.youltube.biz/?cnv_id=undefined
IP 104.21.71.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5373)
Hash 79ac65cbe9e9361f570ed711af1a0d80
3c154281eae966431b227b014459dce5db58734b
ba1bad0ffaa006ff406100448b3f2c17aaf786f63d2c0d30b87f781e0c6ccc00
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /?cnv_id=undefined HTTP/1.1
Host: douy0t82a8.youltube.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fa592ydj2d5e8bl2a1.youltube.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:04:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncMit6hM1l%2Bqd%2F%2FzsLSh4JzpV1L2%2F4qxYdTna3r5xhj%2B3l3y7ITK0jEd2zg9AR%2BfC%2F26I5Pawk52CgcBt%2Bq%2BeJAhT5%2FyjLAYQXspQDPWBPkkXBCLVhlZMCnM8%2BPw1zIb1p2A2CJ%2BNlkCkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77482e641f6fb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=yw3wsczjpc.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 0 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=yw3wsczjpc.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=yw3wsczjpc.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yw3wsczjpc.youltube.biz
Connection: keep-alive
Referer: https://yw3wsczjpc.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:25 GMT
content-length: 0
x-trace-id: dbfa0f2f431f0c6b5b80feed32bd0950
access-control-allow-origin: https://yw3wsczjpc.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
139.45.195.8200 OK 5.2 kB URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
IP 139.45.195.8:0
Hash 79ac65cbe9e9361f570ed711af1a0d80
3c154281eae966431b227b014459dce5db58734b
ba1bad0ffaa006ff406100448b3f2c17aaf786f63d2c0d30b87f781e0c6ccc00
GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yw3wsczjpc.youltube.biz/
Origin: https://yw3wsczjpc.youltube.biz
Connection: keep-alive
Cookie: ID=8382cf02a6ea49fa9393e94cb744ae03
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:30 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://yw3wsczjpc.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8382cf02a6ea49fa9393e94cb744ae03; expires=Mon, 04 Dec 2023 23:04:30 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=yw3wsczjpc.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
139.45.197.253200 OK 734 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=yw3wsczjpc.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
IP 139.45.197.253:0
File type JSON data\012- , ASCII text, with very long lines (733)
Hash 805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95
GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=yw3wsczjpc.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yw3wsczjpc.youltube.biz/
Origin: https://yw3wsczjpc.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:27 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 176af45cada6fcf60605f6b3dea410f3
access-control-allow-origin: https://yw3wsczjpc.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=2d2g5aqrm8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 0 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=2d2g5aqrm8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=2d2g5aqrm8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://2d2g5aqrm8.youltube.biz
Connection: keep-alive
Referer: https://2d2g5aqrm8.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:25 GMT
content-length: 0
x-trace-id: f24caea59450a714b4e518b7ba6cffbc
access-control-allow-origin: https://2d2g5aqrm8.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=2d2g5aqrm8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
139.45.197.253200 OK 734 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=2d2g5aqrm8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
IP 139.45.197.253:0
File type JSON data\012- , ASCII text, with very long lines (733)
Hash 805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95
GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=2d2g5aqrm8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2d2g5aqrm8.youltube.biz/
Origin: https://2d2g5aqrm8.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:28 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: f2ba3b88716d66f622b8a5c64ad6c7f8
access-control-allow-origin: https://2d2g5aqrm8.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 9fb0abfa5eb869f8e8c5c7d65f9232a1
06b33b1b8f809be49f8eda2b078d4380333e855d
3beb3655d971027cc31af13c2fd5b94d565c3b7cf292a967207743b119ed95b7
GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2d2g5aqrm8.youltube.biz/
Origin: https://2d2g5aqrm8.youltube.biz
Connection: keep-alive
Cookie: ID=8382cf02a6ea49fa9393e94cb744ae03
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:31 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://2d2g5aqrm8.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8382cf02a6ea49fa9393e94cb744ae03; expires=Mon, 04 Dec 2023 23:04:31 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=av5dypq1j4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 5.1 kB URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=av5dypq1j4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash 9e4da18dce54477f1859e35f006d7f91
25dff0baba603cb4f21a97ecd83ad7f80ab629c7
2236e65fa69d46dccd0f21ae0c79cde304cc5ebb1a3b415df79aab0a03ff860b
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=av5dypq1j4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://av5dypq1j4.youltube.biz
Connection: keep-alive
Referer: https://av5dypq1j4.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:26 GMT
content-length: 0
x-trace-id: b11e363ee2f25b28a6145fdc56ee1949
access-control-allow-origin: https://av5dypq1j4.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=av5dypq1j4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
139.45.197.253200 OK 5.8 kB URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=av5dypq1j4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
IP 139.45.197.253:0
Hash bf4f0ea581e04693896278436c2698ef
bbbf88e346675420d1abb61ee5d39afa49737992
8215b257aa511ac5d432c26ef4d15ab21f5eb240f780b90732fc5ed5b62303ad
GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=av5dypq1j4.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av5dypq1j4.youltube.biz/
Origin: https://av5dypq1j4.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:28 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 8e1aa30ffdcd99b7181d7a07cde23f1e
access-control-allow-origin: https://av5dypq1j4.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 9fb0abfa5eb869f8e8c5c7d65f9232a1
06b33b1b8f809be49f8eda2b078d4380333e855d
3beb3655d971027cc31af13c2fd5b94d565c3b7cf292a967207743b119ed95b7
GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av5dypq1j4.youltube.biz/
Origin: https://av5dypq1j4.youltube.biz
Connection: keep-alive
Cookie: ID=8382cf02a6ea49fa9393e94cb744ae03
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:31 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://av5dypq1j4.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8382cf02a6ea49fa9393e94cb744ae03; expires=Mon, 04 Dec 2023 23:04:31 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=qgsil4qzog.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 0 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=qgsil4qzog.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=qgsil4qzog.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qgsil4qzog.youltube.biz
Connection: keep-alive
Referer: https://qgsil4qzog.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:27 GMT
content-length: 0
x-trace-id: d54c16142e1c0c7689e9de5fb84ce0c5
access-control-allow-origin: https://qgsil4qzog.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=qgsil4qzog.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
139.45.197.253200 OK 734 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=qgsil4qzog.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
IP 139.45.197.253:0
File type JSON data\012- , ASCII text, with very long lines (733)
Hash 805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95
GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=qgsil4qzog.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qgsil4qzog.youltube.biz/
Origin: https://qgsil4qzog.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:29 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 3c9b0e3e6662a5fa5b07d16ec524fdef
access-control-allow-origin: https://qgsil4qzog.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 9fb0abfa5eb869f8e8c5c7d65f9232a1
06b33b1b8f809be49f8eda2b078d4380333e855d
3beb3655d971027cc31af13c2fd5b94d565c3b7cf292a967207743b119ed95b7
GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qgsil4qzog.youltube.biz/
Origin: https://qgsil4qzog.youltube.biz
Connection: keep-alive
Cookie: ID=8382cf02a6ea49fa9393e94cb744ae03
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:32 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://qgsil4qzog.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8382cf02a6ea49fa9393e94cb744ae03; expires=Mon, 04 Dec 2023 23:04:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=jia8odu90g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 0 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=jia8odu90g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=jia8odu90g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jia8odu90g.youltube.biz
Connection: keep-alive
Referer: https://jia8odu90g.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:27 GMT
content-length: 0
x-trace-id: 8dc5248e0055a1a934e215df13cb3989
access-control-allow-origin: https://jia8odu90g.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=jia8odu90g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
139.45.197.253200 OK 734 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=jia8odu90g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
IP 139.45.197.253:0
File type JSON data\012- , ASCII text, with very long lines (733)
Hash 805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95
GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=jia8odu90g.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jia8odu90g.youltube.biz/
Origin: https://jia8odu90g.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:29 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: f7b39143990ac27be61ad4e8a3111912
access-control-allow-origin: https://jia8odu90g.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 9fb0abfa5eb869f8e8c5c7d65f9232a1
06b33b1b8f809be49f8eda2b078d4380333e855d
3beb3655d971027cc31af13c2fd5b94d565c3b7cf292a967207743b119ed95b7
GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jia8odu90g.youltube.biz/
Origin: https://jia8odu90g.youltube.biz
Connection: keep-alive
Cookie: ID=8382cf02a6ea49fa9393e94cb744ae03
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:33 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://jia8odu90g.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8382cf02a6ea49fa9393e94cb744ae03; expires=Mon, 04 Dec 2023 23:04:33 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=z8z2jt5m1c.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 5.1 kB URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=z8z2jt5m1c.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash 9e4da18dce54477f1859e35f006d7f91
25dff0baba603cb4f21a97ecd83ad7f80ab629c7
2236e65fa69d46dccd0f21ae0c79cde304cc5ebb1a3b415df79aab0a03ff860b
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=z8z2jt5m1c.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://z8z2jt5m1c.youltube.biz
Connection: keep-alive
Referer: https://z8z2jt5m1c.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:28 GMT
content-length: 0
x-trace-id: f62f78f1c67eb2b0d85e2177b9fbea5b
access-control-allow-origin: https://z8z2jt5m1c.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
139.45.195.8200 OK 5.2 kB URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
IP 139.45.195.8:0
Hash 79ac65cbe9e9361f570ed711af1a0d80
3c154281eae966431b227b014459dce5db58734b
ba1bad0ffaa006ff406100448b3f2c17aaf786f63d2c0d30b87f781e0c6ccc00
GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://z8z2jt5m1c.youltube.biz/
Origin: https://z8z2jt5m1c.youltube.biz
Connection: keep-alive
Cookie: ID=8382cf02a6ea49fa9393e94cb744ae03
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:33 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://z8z2jt5m1c.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8382cf02a6ea49fa9393e94cb744ae03; expires=Mon, 04 Dec 2023 23:04:33 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=z8z2jt5m1c.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
139.45.197.253200 OK 734 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=z8z2jt5m1c.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
IP 139.45.197.253:0
File type JSON data\012- , ASCII text, with very long lines (733)
Hash 805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95
GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=z8z2jt5m1c.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://z8z2jt5m1c.youltube.biz/
Origin: https://z8z2jt5m1c.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:30 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: b2f5d485aa11c90db80b2dae1cc82fdf
access-control-allow-origin: https://z8z2jt5m1c.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7ogw350la8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 5.1 kB URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7ogw350la8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash 9e4da18dce54477f1859e35f006d7f91
25dff0baba603cb4f21a97ecd83ad7f80ab629c7
2236e65fa69d46dccd0f21ae0c79cde304cc5ebb1a3b415df79aab0a03ff860b
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7ogw350la8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://7ogw350la8.youltube.biz
Connection: keep-alive
Referer: https://7ogw350la8.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:28 GMT
content-length: 0
x-trace-id: 04cd8c26cb06971f0425ec860e9acfa6
access-control-allow-origin: https://7ogw350la8.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7ogw350la8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
139.45.197.253200 OK 734 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7ogw350la8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
IP 139.45.197.253:0
File type JSON data\012- , ASCII text, with very long lines (733)
Hash 805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95
GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=7ogw350la8.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7ogw350la8.youltube.biz/
Origin: https://7ogw350la8.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:30 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 169ce68b5160cdce91832a1b7b5c8647
access-control-allow-origin: https://7ogw350la8.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
139.45.195.8200 OK 5.2 kB URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
IP 139.45.195.8:0
Hash 79ac65cbe9e9361f570ed711af1a0d80
3c154281eae966431b227b014459dce5db58734b
ba1bad0ffaa006ff406100448b3f2c17aaf786f63d2c0d30b87f781e0c6ccc00
GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7ogw350la8.youltube.biz/
Origin: https://7ogw350la8.youltube.biz
Connection: keep-alive
Cookie: ID=8382cf02a6ea49fa9393e94cb744ae03
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:34 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://7ogw350la8.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8382cf02a6ea49fa9393e94cb744ae03; expires=Mon, 04 Dec 2023 23:04:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=nulpnsl4ow.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
139.45.197.253200 OK 0 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=nulpnsl4ow.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest
IP 139.45.197.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=nulpnsl4ow.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nulpnsl4ow.youltube.biz
Connection: keep-alive
Referer: https://nulpnsl4ow.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:29 GMT
content-length: 0
x-trace-id: eac8933ba49eae23b2603233ec310a34
access-control-allow-origin: https://nulpnsl4ow.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=nulpnsl4ow.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
139.45.197.253200 OK 734 B URL HTTP/2 ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=nulpnsl4ow.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings
IP 139.45.197.253:0
File type JSON data\012- , ASCII text, with very long lines (733)
Hash 805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95
GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=nulpnsl4ow.youltube.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nulpnsl4ow.youltube.biz/
Origin: https://nulpnsl4ow.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:31 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: aa1c73bd975787855e89749bb0a07080
access-control-allow-origin: https://nulpnsl4ow.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 9fb0abfa5eb869f8e8c5c7d65f9232a1
06b33b1b8f809be49f8eda2b078d4380333e855d
3beb3655d971027cc31af13c2fd5b94d565c3b7cf292a967207743b119ed95b7
GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nulpnsl4ow.youltube.biz/
Origin: https://nulpnsl4ow.youltube.biz
Connection: keep-alive
Cookie: ID=8382cf02a6ea49fa9393e94cb744ae03
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:04:34 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://nulpnsl4ow.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8382cf02a6ea49fa9393e94cb744ae03; expires=Mon, 04 Dec 2023 23:04:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
youltube.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js
172.67.148.44200 OK 0 B URL HTTP/2 youltube.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js
IP 172.67.148.44:0
Analyzer Verdict Alert quad9 Sinkholed
GET /micro.tag.min.js?z=5137789&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: youltube.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fa592ydj2d5e8bl2a1.youltube.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:04:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 14 Jul 2022 00:36:03 GMT
vary: Accept-Encoding
etag: W/"62cf64f3-133cd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJe6%2BjkfMQLItOnjFM%2Fm4y22KaC5JgGBVDnNC%2FiAPiHnPlKQQcKrLvO%2FRG%2Fr7VSo9L2JtB9FaBeZLd%2FdQ9H1K24dlkNOXoRQHSTUFyKLl5rZQOKqD6aiqrBZFXRtIwo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77482e5e6f48b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2