Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
148s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
22/12/2023, 15:40 UTC
General
-
Target
dcee69edaea3abb5771670b92326661a.html
-
Size
45KB
-
MD5
dcee69edaea3abb5771670b92326661a
-
SHA1
c7ac0cda9fcfb9dae31e27b184de8a6e77120557
-
SHA256
8c2c6260b9cc78fe7e60df8a243ce9e8f4cc7dae21e0b5ec184cd8aef8cb3d33
-
SHA512
6e3585ec2b996453d0f1745500ff162bc6a44ea1c3bc8cafbd95ca9cfadf40ebfd292d38535d78b7791d43593a44e3c249cc428ffb66a49d211a2741a14f30f0
-
SSDEEP
768:GIRIOITIwIgIiKZgNDfIwIGI5IVJ7SqIRIOITIwIgIiKZgNDfIwIGI5IVJ7SZZFn:GIRIOITIwIgIiKZgNDfIwIGI5IVJ7Sq+
Score
1/10
Malware Config
Signatures
-
Modifies Internet Explorer settings 1 TTPs 64 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dcee69edaea3abb5771670b92326661a.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:888 CREDAT:275457 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
Network
-
DNSsevsoft.ruRemote address:8.8.8.8:53Requestsevsoft.ruIN AResponsesevsoft.ruIN A77.222.57.25 -
DNSsevsoft.ruRemote address:8.8.8.8:53Requestsevsoft.ruIN A
-
DNSremont-kolyasok.kiev.uaRemote address:8.8.8.8:53Requestremont-kolyasok.kiev.uaIN AResponseremont-kolyasok.kiev.uaIN A195.201.245.94
-
DNSremont-kolyasok.kiev.uaRemote address:8.8.8.8:53Requestremont-kolyasok.kiev.uaIN A
-
DNSajax.googleapis.comRemote address:8.8.8.8:53Requestajax.googleapis.comIN AResponseajax.googleapis.comIN A216.58.201.106
-
DNSajax.googleapis.comRemote address:8.8.8.8:53Requestajax.googleapis.comIN A
-
DNSblanki-blanki.narod.ruRemote address:8.8.8.8:53Requestblanki-blanki.narod.ruIN AResponseblanki-blanki.narod.ruIN A193.109.247.224
-
DNSblanki-blanki.narod.ruRemote address:8.8.8.8:53Requestblanki-blanki.narod.ruIN A
-
DNSnsovetnik.ruRemote address:8.8.8.8:53Requestnsovetnik.ruIN AResponsensovetnik.ruIN A82.202.165.4
-
DNSnsovetnik.ruRemote address:8.8.8.8:53Requestnsovetnik.ruIN A
-
DNSdata2.lact.ruRemote address:8.8.8.8:53Requestdata2.lact.ruIN AResponsedata2.lact.ruIN CNAMEcl-f8bfc2f6.edgecdn.rucl-f8bfc2f6.edgecdn.ruIN A193.17.93.93
-
DNSdata2.lact.ruRemote address:8.8.8.8:53Requestdata2.lact.ruIN A
-
GEThttp://blanki-blanki.narod.ru/faile/0029.gifRemote address:193.109.247.224:80RequestGET /faile/0029.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: blanki-blanki.narod.ru
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 24 Dec 2023 04:09:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
-
GEThttps://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.jsRemote address:216.58.201.106:443RequestGET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33593
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 19 Dec 2023 09:47:07 GMT
Expires: Wed, 18 Dec 2024 09:47:07 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 411722
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttp://remont-kolyasok.kiev.ua/images/doc/schet.jpgRemote address:195.201.245.94:80RequestGET /images/doc/schet.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: remont-kolyasok.kiev.ua
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Sun, 24 Dec 2023 04:09:07 GMT
Content-Type: image/jpeg
Last-Modified: Thu, 12 May 2016 13:55:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"57348b60-12276"
Expires: Tue, 23 Jan 2024 04:09:07 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
-
GEThttp://nsovetnik.ru/files/20150109shetprim.pngRemote address:82.202.165.4:80RequestGET /files/20150109shetprim.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: nsovetnik.ru
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx/1.14.2
Date: Sun, 24 Dec 2023 04:09:07 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://xn--h1apee0d.xn--p1ai/files/20150109shetprim.png
-
GEThttp://data2.lact.ru/f1/s/60/930/image/0/654/medium_kvitantsiya_eyvon.jpg?t=1483483207Remote address:193.17.93.93:80RequestGET /f1/s/60/930/image/0/654/medium_kvitantsiya_eyvon.jpg?t=1483483207 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: data2.lact.ru
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Sun, 24 Dec 2023 04:09:08 GMT
Content-Type: image/jpeg
Content-Length: 117024
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2016 08:22:17 GMT
ETag: "578f34b9-1c920"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Cache: MISS
X-Node: k12-up-gc12
Accept-Ranges: bytes
-
GEThttp://sevsoft.ru/1c-predpriyatie/1c-torgovlya-chp/schet-faktura-print0.pngRemote address:77.222.57.25:80RequestGET /1c-predpriyatie/1c-torgovlya-chp/schet-faktura-print0.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: sevsoft.ru
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx/1.23.2
Date: Sun, 24 Dec 2023 04:09:08 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 385
Connection: keep-alive
Keep-Alive: timeout=10
Location: https://sevsoft.ru/1c-predpriyatie/1c-torgovlya-chp/schet-faktura-print0.png
-
DNSpki.googRemote address:8.8.8.8:53Requestpki.googIN AResponsepki.googIN A216.239.32.29
-
DNSpki.googRemote address:8.8.8.8:53Requestpki.googIN AResponsepki.googIN A216.239.32.29
-
GEThttp://pki.goog/gsr1/gsr1.crtRemote address:216.239.32.29:80RequestGET /gsr1/gsr1.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: pki.goog
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 889
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 24 Dec 2023 03:42:01 GMT
Expires: Sun, 24 Dec 2023 04:32:01 GMT
Cache-Control: public, max-age=3000
Age: 1627
Last-Modified: Wed, 20 May 2020 16:45:00 GMT
Content-Type: application/pkix-cert
Vary: Accept-Encoding
-
GEThttp://pki.goog/gsr1/gsr1.crtRemote address:216.239.32.29:80RequestGET /gsr1/gsr1.crt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: pki.goog
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 889
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 24 Dec 2023 03:42:01 GMT
Expires: Sun, 24 Dec 2023 04:32:01 GMT
Cache-Control: public, max-age=3000
Age: 1627
Last-Modified: Wed, 20 May 2020 16:45:00 GMT
Content-Type: application/pkix-cert
Vary: Accept-Encoding
-
GEThttps://sevsoft.ru/1c-predpriyatie/1c-torgovlya-chp/schet-faktura-print0.pngRemote address:77.222.57.25:443RequestGET /1c-predpriyatie/1c-torgovlya-chp/schet-faktura-print0.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: sevsoft.ru
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Server: nginx/1.23.2
Date: Sun, 24 Dec 2023 04:09:14 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Vary: accept-language,accept-charset
Content-Language: en
Content-Encoding: gzip
-
DNSxn--h1apee0d.xn--p1aiRemote address:8.8.8.8:53Requestxn--h1apee0d.xn--p1aiIN AResponsexn--h1apee0d.xn--p1aiIN A82.202.165.4
-
GEThttps://xn--h1apee0d.xn--p1ai/files/20150109shetprim.pngRemote address:82.202.165.4:443RequestGET /files/20150109shetprim.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: xn--h1apee0d.xn--p1ai
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Sun, 24 Dec 2023 04:09:15 GMT
Content-Type: image/png
Content-Length: 30103
Last-Modified: Sat, 10 Jan 2015 17:33:00 GMT
Connection: keep-alive
ETag: "54b1624c-7597"
Expires: Sun, 31 Dec 2023 04:09:15 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
-
DNSwww.microsoft.comRemote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A92.123.241.137
-
DNSwww.microsoft.comRemote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A92.123.241.137
-
DNSapps.identrust.comRemote address:8.8.8.8:53Requestapps.identrust.comIN AResponseapps.identrust.comIN CNAMEidentrust.edgesuite.netidentrust.edgesuite.netIN CNAMEa1952.dscq.akamai.neta1952.dscq.akamai.netIN A96.17.179.205a1952.dscq.akamai.netIN A96.17.179.184
-
DNSapps.identrust.comRemote address:8.8.8.8:53Requestapps.identrust.comIN AResponseapps.identrust.comIN CNAMEidentrust.edgesuite.netidentrust.edgesuite.netIN CNAMEa1952.dscq.akamai.neta1952.dscq.akamai.netIN A96.17.179.184a1952.dscq.akamai.netIN A96.17.179.205
-
GEThttp://apps.identrust.com/roots/dstrootcax3.p7cRemote address:96.17.179.205:80RequestGET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: apps.identrust.com
ResponseHTTP/1.1 200 OK
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Sun, 24 Dec 2023 05:09:11 GMT
Date: Sun, 24 Dec 2023 04:09:11 GMT
Connection: keep-alive
-
GEThttp://apps.identrust.com/roots/dstrootcax3.p7cRemote address:96.17.179.184:80RequestGET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: apps.identrust.com
ResponseHTTP/1.1 200 OK
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Sun, 24 Dec 2023 05:09:11 GMT
Date: Sun, 24 Dec 2023 04:09:11 GMT
Connection: keep-alive
-
DNSwww.youtube.comRemote address:8.8.8.8:53Requestwww.youtube.comIN AResponsewww.youtube.comIN CNAMEyoutube-ui.l.google.comyoutube-ui.l.google.comIN A216.58.212.238youtube-ui.l.google.comIN A172.217.169.46youtube-ui.l.google.comIN A142.250.179.238youtube-ui.l.google.comIN A142.250.180.14youtube-ui.l.google.comIN A142.250.187.206youtube-ui.l.google.comIN A142.250.187.238youtube-ui.l.google.comIN A172.217.16.238youtube-ui.l.google.comIN A142.250.178.14youtube-ui.l.google.comIN A142.250.200.46youtube-ui.l.google.comIN A142.250.200.14youtube-ui.l.google.comIN A216.58.201.110youtube-ui.l.google.comIN A216.58.204.78youtube-ui.l.google.comIN A216.58.213.14youtube-ui.l.google.comIN A216.58.212.206
-
GEThttps://www.youtube.com/embed/CYIAQyoQUPsRemote address:216.58.212.238:443RequestGET /embed/CYIAQyoQUPs HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.youtube.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 24 Dec 2023 04:09:09 GMT
Strict-Transport-Security: max-age=31536000
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
Origin-Trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
Cross-Origin-Resource-Policy: cross-origin
Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
Set-Cookie: YSC=1-gG2N0rSwU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
Set-Cookie: VISITOR_INFO1_LIVE=VfhJGw37HRQ; Domain=.youtube.com; Expires=Fri, 21-Jun-2024 04:09:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; Domain=.youtube.com; Expires=Fri, 21-Jun-2024 04:09:09 GMT; Path=/; Secure; HttpOnly; SameSite=lax
Set-Cookie: CONSENT=PENDING+936; expires=Tue, 23-Dec-2025 04:09:09 GMT; path=/; domain=.youtube.com; Secure
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
GEThttps://www.youtube.com/s/player/da154528/www-player.cssRemote address:216.58.212.238:443RequestGET /s/player/da154528/www-player.css HTTP/1.1
Accept: text/css, */*
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.youtube.com
Connection: Keep-Alive
Cookie: YSC=1-gG2N0rSwU; VISITOR_INFO1_LIVE=VfhJGw37HRQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; CONSENT=PENDING+936
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Content-Length: 58622
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 24 Dec 2023 02:38:03 GMT
Expires: Mon, 23 Dec 2024 02:38:03 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 18 Dec 2023 02:48:13 GMT
Content-Type: text/css
Vary: Accept-Encoding, Origin
Age: 5466
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.jsRemote address:216.58.212.238:443RequestGET /s/player/da154528/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.youtube.com
Connection: Keep-Alive
Cookie: YSC=1-gG2N0rSwU; VISITOR_INFO1_LIVE=VfhJGw37HRQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; CONSENT=PENDING+936
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Content-Length: 115921
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 23 Dec 2023 21:18:18 GMT
Expires: Sun, 22 Dec 2024 21:18:18 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 18 Dec 2023 02:48:13 GMT
Content-Type: text/javascript
Vary: Accept-Encoding, Origin
Age: 24652
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://www.youtube.com/embed/TaVJw9GGSXsRemote address:216.58.212.238:443RequestGET /embed/TaVJw9GGSXs HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.youtube.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 24 Dec 2023 04:09:09 GMT
Strict-Transport-Security: max-age=31536000
Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
Origin-Trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
Cross-Origin-Resource-Policy: cross-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
Set-Cookie: YSC=4M1yPtM3vYI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
Set-Cookie: VISITOR_INFO1_LIVE=5dD5oLgIEp8; Domain=.youtube.com; Expires=Fri, 21-Jun-2024 04:09:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgWQ%3D%3D; Domain=.youtube.com; Expires=Fri, 21-Jun-2024 04:09:09 GMT; Path=/; Secure; HttpOnly; SameSite=lax
Set-Cookie: CONSENT=PENDING+193; expires=Tue, 23-Dec-2025 04:09:09 GMT; path=/; domain=.youtube.com; Secure
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
GEThttp://www.google-analytics.com/ga.jsRemote address:142.250.200.14:80RequestGET /ga.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google-analytics.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sun, 24 Dec 2023 03:50:34 GMT
Expires: Sun, 24 Dec 2023 05:50:34 GMT
Cache-Control: public, max-age=7200
Age: 1115
Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
-
GEThttps://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.jsRemote address:216.58.212.238:443RequestGET /s/player/da154528/player_ias.vflset/en_US/base.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.youtube.com
Connection: Keep-Alive
Cookie: YSC=1-gG2N0rSwU; VISITOR_INFO1_LIVE=VfhJGw37HRQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; CONSENT=PENDING+936
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Content-Length: 785283
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 24 Dec 2023 02:35:23 GMT
Expires: Mon, 23 Dec 2024 02:35:23 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 18 Dec 2023 02:48:13 GMT
Content-Type: text/javascript
Vary: Accept-Encoding, Origin
Age: 5627
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/remote.jsRemote address:216.58.212.238:443RequestGET /s/player/da154528/player_ias.vflset/en_US/remote.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.youtube.com
Connection: Keep-Alive
Cookie: YSC=1-gG2N0rSwU; VISITOR_INFO1_LIVE=VfhJGw37HRQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; CONSENT=PENDING+936
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Content-Length: 39166
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 22 Dec 2023 22:59:57 GMT
Expires: Sat, 21 Dec 2024 22:59:57 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 18 Dec 2023 02:48:13 GMT
Content-Type: text/javascript
Vary: Accept-Encoding, Origin
Age: 104954
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/embed.jsRemote address:216.58.212.238:443RequestGET /s/player/da154528/player_ias.vflset/en_US/embed.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.youtube.com
Connection: Keep-Alive
Cookie: YSC=1-gG2N0rSwU; VISITOR_INFO1_LIVE=VfhJGw37HRQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; CONSENT=PENDING+936
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Content-Length: 18490
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 24 Dec 2023 00:40:43 GMT
Expires: Mon, 23 Dec 2024 00:40:43 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 18 Dec 2023 02:48:13 GMT
Content-Type: text/javascript
Vary: Accept-Encoding, Origin
Age: 12509
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://www.youtube.com/generate_204?nlh3rgRemote address:216.58.212.238:443RequestGET /generate_204?nlh3rg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.youtube.com
Connection: Keep-Alive
Cookie: YSC=1-gG2N0rSwU; VISITOR_INFO1_LIVE=VfhJGw37HRQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; CONSENT=PENDING+936
ResponseHTTP/1.1 204 No Content
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 24 Dec 2023 04:09:12 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://www.youtube.com/generate_204?Q10raQRemote address:216.58.212.238:443RequestGET /generate_204?Q10raQ HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.youtube.com
Connection: Keep-Alive
Cookie: YSC=1-gG2N0rSwU; VISITOR_INFO1_LIVE=VfhJGw37HRQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; CONSENT=PENDING+936
ResponseHTTP/1.1 204 No Content
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 24 Dec 2023 04:09:12 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
POSThttps://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8Remote address:216.58.212.238:443RequestPOST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Accept: */*
X-Goog-Request-Time: 1703390952504
Content-Type: application/json
X-Goog-Visitor-Id: Cgs1ZEQ1b0xnSUVwOCjl3Z6sBjIKCgJHQhIEGgAgWQ%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Ad-Signals: dt=1703390949089&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=11%2C1045%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C560%2C315&vis=1&wgl=true&ca_type=image
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.youtube.com
Content-Length: 15841
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: YSC=1-gG2N0rSwU; VISITOR_INFO1_LIVE=VfhJGw37HRQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; CONSENT=PENDING+936
ResponseHTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Vary: Origin
Vary: X-Origin
Vary: Referer
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:13 GMT
Server: scaffolding on HTTPServer2
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
POSThttps://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8Remote address:216.58.212.238:443RequestPOST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Accept: */*
X-Goog-Request-Time: 1703390953374
Content-Type: application/json
X-Goog-Visitor-Id: CgtWZmhKR3czN0hSUSjl3Z6sBjIKCgJHQhIEGgAgSg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Ad-Signals: dt=1703390949103&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=98%2C1656%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C560%2C315&vis=1&wgl=true&ca_type=image
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.youtube.com
Content-Length: 15844
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: YSC=1-gG2N0rSwU; VISITOR_INFO1_LIVE=VfhJGw37HRQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; CONSENT=PENDING+936
ResponseHTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Vary: Origin
Vary: X-Origin
Vary: Referer
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:15 GMT
Server: scaffolding on HTTPServer2
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
POSThttps://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8Remote address:216.58.212.238:443RequestPOST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Accept: */*
X-Goog-Request-Time: 1703391009537
Content-Type: application/json
X-Goog-Visitor-Id: Cgs1ZEQ1b0xnSUVwOCjl3Z6sBjIKCgJHQhIEGgAgWQ%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Ad-Signals: dt=1703390949456&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=11%2C1045%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C560%2C315&vis=1&wgl=true&ca_type=image
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.youtube.com
Content-Length: 1119
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: YSC=1-gG2N0rSwU; VISITOR_INFO1_LIVE=VfhJGw37HRQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; CONSENT=PENDING+936
ResponseHTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Vary: Origin
Vary: X-Origin
Vary: Referer
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:10:10 GMT
Server: scaffolding on HTTPServer2
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
POSThttps://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8Remote address:216.58.212.238:443RequestPOST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Accept: */*
X-Goog-Request-Time: 1703391009800
Content-Type: application/json
X-Goog-Visitor-Id: CgtWZmhKR3czN0hSUSjl3Z6sBjIKCgJHQhIEGgAgSg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Ad-Signals: dt=1703390949710&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=98%2C1656%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C560%2C315&vis=1&wgl=true&ca_type=image
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.youtube.com
Content-Length: 1130
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: YSC=1-gG2N0rSwU; VISITOR_INFO1_LIVE=VfhJGw37HRQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgSg%3D%3D; CONSENT=PENDING+936
ResponseHTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Vary: Origin
Vary: X-Origin
Vary: Referer
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:10:10 GMT
Server: scaffolding on HTTPServer2
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
DNSgoogleads.g.doubleclick.netRemote address:8.8.8.8:53Requestgoogleads.g.doubleclick.netIN AResponsegoogleads.g.doubleclick.netIN A142.250.187.226
-
DNSstatic.doubleclick.netRemote address:8.8.8.8:53Requeststatic.doubleclick.netIN AResponsestatic.doubleclick.netIN A142.250.200.38
-
GEThttps://googleads.g.doubleclick.net/pagead/idRemote address:142.250.187.226:443RequestGET /pagead/id HTTP/1.1
Accept: */*
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Access-Control-Allow-Credentials: true
Date: Sun, 24 Dec 2023 04:09:11 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://googleads.g.doubleclick.net/pagead/id?slf_rd=1Remote address:142.250.187.226:443RequestGET /pagead/id?slf_rd=1 HTTP/1.1
Accept: */*
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=UTF-8
Date: Sun, 24 Dec 2023 04:09:11 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
GEThttps://googleads.g.doubleclick.net/pagead/idRemote address:142.250.187.226:443RequestGET /pagead/id HTTP/1.1
Accept: */*
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Access-Control-Allow-Credentials: true
Date: Sun, 24 Dec 2023 04:09:11 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://googleads.g.doubleclick.net/pagead/id?slf_rd=1Remote address:142.250.187.226:443RequestGET /pagead/id?slf_rd=1 HTTP/1.1
Accept: */*
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=UTF-8
Date: Sun, 24 Dec 2023 04:09:11 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
GEThttps://static.doubleclick.net/instream/ad_status.jsRemote address:142.250.200.38:443RequestGET /instream/ad_status.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.doubleclick.net
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-doubleclick-media"
Report-To: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
Timing-Allow-Origin: *
Content-Length: 29
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 24 Dec 2023 04:00:09 GMT
Expires: Sun, 24 Dec 2023 04:15:09 GMT
Cache-Control: public, max-age=900
Age: 542
Last-Modified: Thu, 12 Dec 2013 23:40:16 GMT
Content-Type: text/javascript
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
DNSjnn-pa.googleapis.comRemote address:8.8.8.8:53Requestjnn-pa.googleapis.comIN AResponsejnn-pa.googleapis.comIN A172.217.16.234jnn-pa.googleapis.comIN A142.250.178.10jnn-pa.googleapis.comIN A142.250.200.42jnn-pa.googleapis.comIN A142.250.200.10jnn-pa.googleapis.comIN A216.58.201.106jnn-pa.googleapis.comIN A216.58.204.74jnn-pa.googleapis.comIN A216.58.213.10jnn-pa.googleapis.comIN A172.217.169.10jnn-pa.googleapis.comIN A216.58.212.234jnn-pa.googleapis.comIN A172.217.169.74jnn-pa.googleapis.comIN A142.250.179.234jnn-pa.googleapis.comIN A142.250.180.10jnn-pa.googleapis.comIN A142.250.187.202jnn-pa.googleapis.comIN A142.250.187.234
-
POSThttps://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/CreateRemote address:172.217.16.234:443RequestPOST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Accept: */*
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: jnn-pa.googleapis.com
Content-Length: 24
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Content-Type: application/json+protobuf; charset=UTF-8
Vary: Origin
Vary: X-Origin
Vary: Referer
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:12 GMT
Server: ESF
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
POSThttps://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateITRemote address:172.217.16.234:443RequestPOST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Accept: */*
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: jnn-pa.googleapis.com
Content-Length: 922
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Content-Type: application/json+protobuf; charset=UTF-8
Vary: Origin
Vary: X-Origin
Vary: Referer
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:13 GMT
Server: ESF
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
DNSwww.google.comRemote address:8.8.8.8:53Requestwww.google.comIN AResponsewww.google.comIN A142.250.200.4
-
DNSi.ytimg.comRemote address:8.8.8.8:53Requesti.ytimg.comIN AResponsei.ytimg.comIN A142.250.180.22i.ytimg.comIN A142.250.187.214i.ytimg.comIN A142.250.187.246i.ytimg.comIN A172.217.16.246i.ytimg.comIN A142.250.178.22i.ytimg.comIN A142.250.200.54i.ytimg.comIN A142.250.200.22i.ytimg.comIN A216.58.201.118i.ytimg.comIN A216.58.204.86i.ytimg.comIN A216.58.212.246i.ytimg.comIN A172.217.169.86i.ytimg.comIN A172.217.169.54i.ytimg.comIN A142.250.179.246
-
GEThttps://www.google.com/js/th/SQgbchfOupGpmqTGWTosnYfncWnz9Dj8T9-qGXYPu1Q.jsRemote address:142.250.200.4:443RequestGET /js/th/SQgbchfOupGpmqTGWTosnYfncWnz9Dj8T9-qGXYPu1Q.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Length: 23415
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 19 Dec 2023 02:30:37 GMT
Expires: Wed, 18 Dec 2024 02:30:37 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 28 Nov 2023 18:30:00 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 437914
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://i.ytimg.com/vi/TaVJw9GGSXs/sddefault.jpgRemote address:142.250.180.22:443RequestGET /vi/TaVJw9GGSXs/sddefault.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: i.ytimg.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/jpeg
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 61980
Date: Sun, 24 Dec 2023 04:09:11 GMT
Expires: Sun, 24 Dec 2023 06:09:11 GMT
Cache-Control: public, max-age=7200
ETag: "1428923003"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://i.ytimg.com/vi/CYIAQyoQUPs/sddefault.jpgRemote address:142.250.180.22:443RequestGET /vi/CYIAQyoQUPs/sddefault.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: i.ytimg.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/jpeg
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 63587
Date: Sun, 24 Dec 2023 04:09:12 GMT
Expires: Sun, 24 Dec 2023 06:09:12 GMT
Cache-Control: public, max-age=7200
ETag: "1454136647"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
POSThttps://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/CreateRemote address:172.217.16.234:443RequestPOST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Accept: */*
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: jnn-pa.googleapis.com
Content-Length: 24
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Content-Type: application/json+protobuf; charset=UTF-8
Vary: Origin
Vary: X-Origin
Vary: Referer
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:12 GMT
Server: ESF
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
POSThttps://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateITRemote address:172.217.16.234:443RequestPOST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Accept: */*
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: jnn-pa.googleapis.com
Content-Length: 924
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Content-Type: application/json+protobuf; charset=UTF-8
Vary: Origin
Vary: X-Origin
Vary: Referer
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:13 GMT
Server: ESF
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
DNSyt3.ggpht.comRemote address:8.8.8.8:53Requestyt3.ggpht.comIN AResponseyt3.ggpht.comIN CNAMEphotos-ugc.l.googleusercontent.comphotos-ugc.l.googleusercontent.comIN A142.250.200.33
-
GEThttps://yt3.ggpht.com/ytc/AIf8zZSsoO3cwd3Fbe3qIryANb_yuzEhkhgWjihgJDcV=s68-c-k-c0x00ffffff-no-rjRemote address:142.250.200.33:443RequestGET /ytc/AIf8zZSsoO3cwd3Fbe3qIryANb_yuzEhkhgWjihgJDcV=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: yt3.ggpht.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="unnamed.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3485
X-XSS-Protection: 0
Date: Sun, 24 Dec 2023 04:09:14 GMT
Expires: Mon, 25 Dec 2023 04:09:14 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v37"
Content-Type: image/jpeg
Vary: Origin
Age: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://yt3.ggpht.com/CPNVkj9aBoHvryAyMLZ1rYKv2XRgUhVRkBpAHsF6Cr9t2nXDCrsrQDYCu_mlAB90NNvFGlO4ZQ=s68-c-k-c0x00ffffff-no-rjRemote address:142.250.200.33:443RequestGET /CPNVkj9aBoHvryAyMLZ1rYKv2XRgUhVRkBpAHsF6Cr9t2nXDCrsrQDYCu_mlAB90NNvFGlO4ZQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: yt3.ggpht.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1"
Expires: Mon, 25 Dec 2023 04:09:14 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="channels4_profile.jpg"
X-Content-Type-Options: nosniff
Date: Sun, 24 Dec 2023 04:09:14 GMT
Server: fife
Content-Length: 2708
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
DNSfe0.google.comRemote address:8.8.8.8:53Requestfe0.google.comIN AResponse
-
GEThttp://www.bing.com/favicon.icoRemote address:92.123.128.181:80RequestGET /favicon.ico HTTP/1.1
Accept: */*
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko
Host: www.bing.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cache-Control: public, max-age=15552000
Content-Length: 4286
Content-Type: image/x-icon
Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-MSEdge-Ref: Ref A: A62F93718A53497DB04EF7D88EEA696D Ref B: MIL30EDGE1421 Ref C: 2022-06-29T22:27:17Z
Date: Sun, 24 Dec 2023 04:09:24 GMT
Connection: keep-alive
X-CDN-TraceID: 0.b5777b5c.1703390964.504ef52
-
DNSRemote address:92.123.128.181:80ResponseHTTP/1.0 408 Request Time-out
Server: AkamaiGHost
Mime-Version: 1.0
Date: Sun, 24 Dec 2023 04:10:15 GMT
Content-Type: text/html
Content-Length: 218
Expires: Sun, 24 Dec 2023 04:10:15 GMT
-
DNSplay.google.comRemote address:8.8.8.8:53Requestplay.google.comIN AResponseplay.google.comIN A216.58.204.78
-
POSThttps://play.google.com/log?format=json&hasfast=true&authuser=0Remote address:216.58.204.78:443RequestPOST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Accept: */*
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: play.google.com
Content-Length: 1280
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: http://play.google.com
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:41 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: CONSENT=PENDING+640; expires=Tue, 23-Dec-2025 04:09:41 GMT; path=/; domain=.google.com; Secure
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Expires: Sun, 24 Dec 2023 04:09:41 GMT
Transfer-Encoding: chunked
-
POSThttps://play.google.com/log?format=json&hasfast=true&authuser=0Remote address:216.58.204.78:443RequestPOST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Accept: */*
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: play.google.com
Content-Length: 1285
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: CONSENT=PENDING+640
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: http://play.google.com
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:41 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
POSThttps://play.google.com/log?format=json&hasfast=true&authuser=0Remote address:216.58.204.78:443RequestPOST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Accept: */*
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: play.google.com
Content-Length: 409
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: CONSENT=PENDING+640
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: http://play.google.com
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:42 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
POSThttps://play.google.com/log?format=json&hasfast=true&authuser=0Remote address:216.58.204.78:443RequestPOST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Accept: */*
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: play.google.com
Content-Length: 409
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: CONSENT=PENDING+640
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: http://play.google.com
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:42 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
POSThttps://play.google.com/log?format=json&hasfast=true&authuser=0Remote address:216.58.204.78:443RequestPOST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Accept: */*
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: play.google.com
Content-Length: 592
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: CONSENT=PENDING+640
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: http://play.google.com
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:42 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
POSThttps://play.google.com/log?format=json&hasfast=true&authuser=0Remote address:216.58.204.78:443RequestPOST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Accept: */*
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: play.google.com
Content-Length: 592
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: CONSENT=PENDING+640
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: http://play.google.com
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Playlog-Web
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 24 Dec 2023 04:09:43 GMT
Server: Playlog
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
GEThttps://googleads.g.doubleclick.net/pagead/idRemote address:142.250.187.226:443RequestGET /pagead/id HTTP/1.1
Accept: */*
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Access-Control-Allow-Credentials: true
Date: Sun, 24 Dec 2023 04:11:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://googleads.g.doubleclick.net/pagead/id?slf_rd=1Remote address:142.250.187.226:443RequestGET /pagead/id?slf_rd=1 HTTP/1.1
Accept: */*
Referer: https://www.youtube.com/embed/CYIAQyoQUPs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=UTF-8
Date: Sun, 24 Dec 2023 04:11:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
GEThttps://googleads.g.doubleclick.net/pagead/idRemote address:142.250.187.226:443RequestGET /pagead/id HTTP/1.1
Accept: */*
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Access-Control-Allow-Credentials: true
Date: Sun, 24 Dec 2023 04:11:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://googleads.g.doubleclick.net/pagead/id?slf_rd=1Remote address:142.250.187.226:443RequestGET /pagead/id?slf_rd=1 HTTP/1.1
Accept: */*
Referer: https://www.youtube.com/embed/TaVJw9GGSXs
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=UTF-8
Date: Sun, 24 Dec 2023 04:11:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
193.109.247.224:80blanki-blanki.narod.ru
-
216.58.201.106:443ajax.googleapis.comtls
-
193.109.247.224:80http://blanki-blanki.narod.ru/faile/0029.gifhttp
HTTP Request
GET http://blanki-blanki.narod.ru/faile/0029.gifHTTP Response
404 -
216.58.201.106:443https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.jstls, http
HTTP Request
GET https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.jsHTTP Response
200 -
195.201.245.94:80http://remont-kolyasok.kiev.ua/images/doc/schet.jpghttp
HTTP Request
GET http://remont-kolyasok.kiev.ua/images/doc/schet.jpgHTTP Response
200 -
195.201.245.94:80remont-kolyasok.kiev.ua
-
82.202.165.4:80nsovetnik.ru
-
82.202.165.4:80http://nsovetnik.ru/files/20150109shetprim.pnghttp
HTTP Request
GET http://nsovetnik.ru/files/20150109shetprim.pngHTTP Response
301 -
193.17.93.93:80http://data2.lact.ru/f1/s/60/930/image/0/654/medium_kvitantsiya_eyvon.jpg?t=1483483207http
HTTP Request
GET http://data2.lact.ru/f1/s/60/930/image/0/654/medium_kvitantsiya_eyvon.jpg?t=1483483207HTTP Response
200 -
193.17.93.93:80data2.lact.ru
-
77.222.57.25:80sevsoft.ru
-
77.222.57.25:80http://sevsoft.ru/1c-predpriyatie/1c-torgovlya-chp/schet-faktura-print0.pnghttp
HTTP Request
GET http://sevsoft.ru/1c-predpriyatie/1c-torgovlya-chp/schet-faktura-print0.pngHTTP Response
301 -
216.239.32.29:80http://pki.goog/gsr1/gsr1.crthttp
HTTP Request
GET http://pki.goog/gsr1/gsr1.crtHTTP Response
200 -
216.239.32.29:80http://pki.goog/gsr1/gsr1.crthttp
HTTP Request
GET http://pki.goog/gsr1/gsr1.crtHTTP Response
200 -
77.222.57.25:443https://sevsoft.ru/1c-predpriyatie/1c-torgovlya-chp/schet-faktura-print0.pngtls, http
HTTP Request
GET https://sevsoft.ru/1c-predpriyatie/1c-torgovlya-chp/schet-faktura-print0.pngHTTP Response
404 -
82.202.165.4:443xn--h1apee0d.xn--p1aitls
-
82.202.165.4:443https://xn--h1apee0d.xn--p1ai/files/20150109shetprim.pngtls, http
HTTP Request
GET https://xn--h1apee0d.xn--p1ai/files/20150109shetprim.pngHTTP Response
200 -
96.17.179.205:80http://apps.identrust.com/roots/dstrootcax3.p7chttp
HTTP Request
GET http://apps.identrust.com/roots/dstrootcax3.p7cHTTP Response
200 -
96.17.179.184:80http://apps.identrust.com/roots/dstrootcax3.p7chttp
HTTP Request
GET http://apps.identrust.com/roots/dstrootcax3.p7cHTTP Response
200 -
216.58.212.238:443https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.jstls, http
HTTP Request
GET https://www.youtube.com/embed/CYIAQyoQUPsHTTP Response
200HTTP Request
GET https://www.youtube.com/s/player/da154528/www-player.cssHTTP Response
200HTTP Request
GET https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.jsHTTP Response
200 -
216.58.212.238:443https://www.youtube.com/embed/TaVJw9GGSXstls, http
HTTP Request
GET https://www.youtube.com/embed/TaVJw9GGSXsHTTP Response
200 -
142.250.200.14:80www.google-analytics.com
-
142.250.200.14:80http://www.google-analytics.com/ga.jshttp
HTTP Request
GET http://www.google-analytics.com/ga.jsHTTP Response
200 -
216.58.212.238:443www.youtube.comtls
-
216.58.212.238:443https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8tls, http
HTTP Request
GET https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/base.jsHTTP Response
200HTTP Request
GET https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/remote.jsHTTP Response
200HTTP Request
GET https://www.youtube.com/s/player/da154528/player_ias.vflset/en_US/embed.jsHTTP Response
200HTTP Request
GET https://www.youtube.com/generate_204?nlh3rgHTTP Response
204HTTP Request
GET https://www.youtube.com/generate_204?Q10raQHTTP Response
204HTTP Request
POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8HTTP Response
200HTTP Request
POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8HTTP Response
200HTTP Request
POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8HTTP Response
200HTTP Request
POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8HTTP Response
200 -
216.58.212.238:443www.youtube.comtls
-
142.250.187.226:443https://googleads.g.doubleclick.net/pagead/id?slf_rd=1tls, http
HTTP Request
GET https://googleads.g.doubleclick.net/pagead/idHTTP Response
302HTTP Request
GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1HTTP Response
200 -
142.250.187.226:443https://googleads.g.doubleclick.net/pagead/id?slf_rd=1tls, http
HTTP Request
GET https://googleads.g.doubleclick.net/pagead/idHTTP Response
302HTTP Request
GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1HTTP Response
200 -
142.250.200.38:443https://static.doubleclick.net/instream/ad_status.jstls, http
HTTP Request
GET https://static.doubleclick.net/instream/ad_status.jsHTTP Response
200 -
142.250.200.38:443static.doubleclick.nettls
-
172.217.16.234:443https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateITtls, http
HTTP Request
POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/CreateHTTP Response
200HTTP Request
POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateITHTTP Response
200 -
142.250.200.4:443www.google.comtls
-
142.250.200.4:443https://www.google.com/js/th/SQgbchfOupGpmqTGWTosnYfncWnz9Dj8T9-qGXYPu1Q.jstls, http
HTTP Request
GET https://www.google.com/js/th/SQgbchfOupGpmqTGWTosnYfncWnz9Dj8T9-qGXYPu1Q.jsHTTP Response
200 -
142.250.180.22:443https://i.ytimg.com/vi/CYIAQyoQUPs/sddefault.jpgtls, http
HTTP Request
GET https://i.ytimg.com/vi/TaVJw9GGSXs/sddefault.jpgHTTP Response
200HTTP Request
GET https://i.ytimg.com/vi/CYIAQyoQUPs/sddefault.jpgHTTP Response
200 -
142.250.180.22:443i.ytimg.comtls
-
172.217.16.234:443https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateITtls, http
HTTP Request
POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/CreateHTTP Response
200HTTP Request
POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateITHTTP Response
200 -
142.250.200.33:443https://yt3.ggpht.com/ytc/AIf8zZSsoO3cwd3Fbe3qIryANb_yuzEhkhgWjihgJDcV=s68-c-k-c0x00ffffff-no-rjtls, http
HTTP Request
GET https://yt3.ggpht.com/ytc/AIf8zZSsoO3cwd3Fbe3qIryANb_yuzEhkhgWjihgJDcV=s68-c-k-c0x00ffffff-no-rjHTTP Response
200 -
142.250.200.33:443https://yt3.ggpht.com/CPNVkj9aBoHvryAyMLZ1rYKv2XRgUhVRkBpAHsF6Cr9t2nXDCrsrQDYCu_mlAB90NNvFGlO4ZQ=s68-c-k-c0x00ffffff-no-rjtls, http
HTTP Request
GET https://yt3.ggpht.com/CPNVkj9aBoHvryAyMLZ1rYKv2XRgUhVRkBpAHsF6Cr9t2nXDCrsrQDYCu_mlAB90NNvFGlO4ZQ=s68-c-k-c0x00ffffff-no-rjHTTP Response
200 -
92.123.128.181:80http://www.bing.com/favicon.icohttp
HTTP Request
GET http://www.bing.com/favicon.icoHTTP Response
200 -
92.123.128.181:80www.bing.comhttp
HTTP Response
408 -
216.58.204.78:443https://play.google.com/log?format=json&hasfast=true&authuser=0tls, http
HTTP Request
POST https://play.google.com/log?format=json&hasfast=true&authuser=0HTTP Response
200HTTP Request
POST https://play.google.com/log?format=json&hasfast=true&authuser=0HTTP Response
200HTTP Request
POST https://play.google.com/log?format=json&hasfast=true&authuser=0HTTP Response
200HTTP Request
POST https://play.google.com/log?format=json&hasfast=true&authuser=0HTTP Response
200HTTP Request
POST https://play.google.com/log?format=json&hasfast=true&authuser=0HTTP Response
200 -
216.58.204.78:443https://play.google.com/log?format=json&hasfast=true&authuser=0tls, http
HTTP Request
POST https://play.google.com/log?format=json&hasfast=true&authuser=0HTTP Response
200 -
204.79.197.200:443ieonline.microsoft.comtls
-
204.79.197.200:443ieonline.microsoft.comtls
-
204.79.197.200:443ieonline.microsoft.comtls
-
142.250.187.226:443https://googleads.g.doubleclick.net/pagead/id?slf_rd=1tls, http
HTTP Request
GET https://googleads.g.doubleclick.net/pagead/idHTTP Response
302HTTP Request
GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1HTTP Response
200 -
142.250.187.226:443https://googleads.g.doubleclick.net/pagead/id?slf_rd=1tls, http
HTTP Request
GET https://googleads.g.doubleclick.net/pagead/idHTTP Response
302HTTP Request
GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1HTTP Response
200
-
8.8.8.8:53sevsoft.rudns
DNS Request
sevsoft.ru
DNS Request
sevsoft.ru
DNS Response
77.222.57.25
-
8.8.8.8:53remont-kolyasok.kiev.uadns
DNS Request
remont-kolyasok.kiev.ua
DNS Request
remont-kolyasok.kiev.ua
DNS Response
195.201.245.94
-
8.8.8.8:53ajax.googleapis.comdns
DNS Request
ajax.googleapis.com
DNS Request
ajax.googleapis.com
DNS Response
216.58.201.106
-
8.8.8.8:53blanki-blanki.narod.rudns
DNS Request
blanki-blanki.narod.ru
DNS Request
blanki-blanki.narod.ru
DNS Response
193.109.247.224
-
8.8.8.8:53nsovetnik.rudns
DNS Request
nsovetnik.ru
DNS Request
nsovetnik.ru
DNS Response
82.202.165.4
-
8.8.8.8:53data2.lact.rudns
DNS Request
data2.lact.ru
DNS Request
data2.lact.ru
DNS Response
193.17.93.93
-
8.8.8.8:53pki.googdns
DNS Request
pki.goog
DNS Response
216.239.32.29
-
8.8.8.8:53pki.googdns
DNS Request
pki.goog
DNS Response
216.239.32.29
-
8.8.8.8:53xn--h1apee0d.xn--p1aidns
DNS Request
xn--h1apee0d.xn--p1ai
DNS Response
82.202.165.4
-
8.8.8.8:53www.microsoft.comdns
DNS Request
www.microsoft.com
DNS Response
92.123.241.137
-
8.8.8.8:53www.microsoft.comdns
DNS Request
www.microsoft.com
DNS Response
92.123.241.137
-
8.8.8.8:53apps.identrust.comdns
DNS Request
apps.identrust.com
DNS Response
96.17.179.20596.17.179.184
-
8.8.8.8:53apps.identrust.comdns
DNS Request
apps.identrust.com
DNS Response
96.17.179.18496.17.179.205
-
8.8.8.8:53www.youtube.comdns
DNS Request
www.youtube.com
DNS Response
216.58.212.238172.217.169.46142.250.179.238142.250.180.14142.250.187.206142.250.187.238172.217.16.238142.250.178.14142.250.200.46142.250.200.14216.58.201.110216.58.204.78216.58.213.14216.58.212.206
-
8.8.8.8:53googleads.g.doubleclick.netdns
DNS Request
googleads.g.doubleclick.net
DNS Response
142.250.187.226
-
8.8.8.8:53static.doubleclick.netdns
DNS Request
static.doubleclick.net
DNS Response
142.250.200.38
-
8.8.8.8:53jnn-pa.googleapis.comdns
DNS Request
jnn-pa.googleapis.com
DNS Response
172.217.16.234142.250.178.10142.250.200.42142.250.200.10216.58.201.106216.58.204.74216.58.213.10172.217.169.10216.58.212.234172.217.169.74142.250.179.234142.250.180.10142.250.187.202142.250.187.234
-
8.8.8.8:53www.google.comdns
DNS Request
www.google.com
DNS Response
142.250.200.4
-
8.8.8.8:53i.ytimg.comdns
DNS Request
i.ytimg.com
DNS Response
142.250.180.22142.250.187.214142.250.187.246172.217.16.246142.250.178.22142.250.200.54142.250.200.22216.58.201.118216.58.204.86216.58.212.246172.217.169.86172.217.169.54142.250.179.246
-
8.8.8.8:53yt3.ggpht.comdns
DNS Request
yt3.ggpht.com
DNS Response
142.250.200.33
-
8.8.8.8:53fe0.google.comdns
DNS Request
fe0.google.com
-
8.8.8.8:53play.google.comdns
DNS Request
play.google.com
DNS Response
216.58.204.78
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
914B
MD5e4a68ac854ac5242460afd72481b2a44
SHA1df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA5125622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5
-
Filesize
65KB
MD5ac05d27423a85adc1622c714f2cb6184
SHA1b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA5126d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d
-
Filesize
1KB
MD5a266bb7dcc38a562631361bbf61dd11b
SHA13b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA5120da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc
-
Filesize
252B
MD5eeeb6354ae3e3068cda4c0c7c4c96a69
SHA13ad4376c2efd61cfb3b32180716105e8d6f9e5d6
SHA25655cabbe1e69e130ac269fd1360c71a86b296713a63f09abd4b4e0b3d076a767d
SHA512f17a480413cad131c0f4f0fd17787818035ff5173018b22282ad6fbfe2b4dff88e1b035ac002e6db70f982b49e81602e914adbf7fcbd3ed038742ea9850d4697
-
Filesize
344B
MD53d1c228660e56cdf2fd101459e5e338a
SHA1f4e22a4e80699ba7bcdf38cf35138d4946ae68b8
SHA256dc6d5a1583453d83bfadc033e7d692c908364b6857f6ff6f9bc643708b7d4d8b
SHA5125088da6f26491f8c18ba5c8b6d754a3db24ebabd8e629bbeb725da9585779997d4635db28d7853b20246a869513447f06bfe97062143195063779fafe04945d2
-
Filesize
344B
MD5168e69ede443caea3be048cdd362df99
SHA1d5bd6beeeaba56f88e632bfb1964224f6cd006ec
SHA25688e37baf892c26b3ce4fce7aacb2620e1fbc12c8acfc615da825b3aa3d326e0c
SHA5126332c0b5b159c4478d0af6f760881c8d765daa2ba3229f39a6641f088722ec7cc8503c5fba7b73eb179b9bc2261e3c78d79c852e425c2de46475ff776868937a
-
Filesize
344B
MD5d822fdea22772246fca10806012a914c
SHA1bd9965d491d71a0b3161720b59474882429742d3
SHA256e3d5980bcff6b28a6dec60724abc0c3b77e3a30813a0b14a1dfaea09320a42ae
SHA512ebd8ca0b7b50ba03c83d7382e596c791186a39397d51879b97df224e2e88c469577ab71791c14fd9b5ca445eb4b1f0d2e8d71668d821828260437ec13e63ac6c
-
Filesize
344B
MD59e2b1ca5871cfa2a7e00d7f108f0b809
SHA1405b6ea921f69d20432efcd9e6b2b943029214f9
SHA256c8aeac627789037590891d1da64afddfea8835d0be027bb8e1c2c7d5db07e63d
SHA512696b15d0f1bbf43af6a43f445a3f0e911f72dafca09714bf5517e7ba32da91632543b304faf277b5b0444f1355b74123e7c429f29df09fd4fbd4dd436178d901
-
Filesize
344B
MD5da46a1b415a46c8f8d7b1a7a1aa3203f
SHA17e3a6cf87f9cffb99e4f2294d62fd941326ab2e2
SHA2562ce643144f8f269360cd22a77f6ef48d8e9e6f9f861553e934aa8ce8ba70553c
SHA512643fce5fcca87bacecc57afedc3ef2cf624b825561ed49634a217515dfccbb06a1b5d6560a60738cc61758af6417e97027adb7de002f6e74eaad2d2165e57cf6
-
Filesize
344B
MD5f8a718418a76bc9d6d52ce8d26d90bfb
SHA13c8ea0a999429fcbbb3822937e9ba63a2d84db76
SHA256a183d203d0869d42913146c73b7dc696009613b71f640172a4887e9d158c4760
SHA5120f7c560feba536e82478acca40d6cb015bfd1ddb9e81b34d715bda2b2f018b60dd74c1c5ded88a057a62acb96dbdc91b84a35a91f646115a2f3346a32bbaa620
-
Filesize
344B
MD5a543190e840a77b40251a17327b2e14c
SHA1086f3547b9ed9357efb5e3340ecbbab60452856f
SHA2566d56ef26ee293f8b6ac5c9fff29cd03208a74b1672ce50c735e623d83926606e
SHA512c8d15283cd9920c209e9fc3f75eabd969a3a3b0a7717fd8d04d5f16cdcb44303225b4a73dc92e83b62ac302bc4ac06f7486c437bb715632d8affec09ea9e45e5
-
Filesize
344B
MD5bd29d84a053a9d1eb739f73ea5487797
SHA1df7d2f3babf05b86dcf4c6e7a7cd601b0e5f67d4
SHA256645f2672d120816b79dae25126a3127917e85df764359f4e5e3063d2d7d3ad2e
SHA512ec95d64334f01e9cc6823cb765b058ffd0767b39df4e99a6e3cde561f3f724216edb0244c404d814279a44e0a8ea71f1f1120b148467b6e2d9bc1a81079b6329
-
Filesize
344B
MD54fa548b5402a6963bf5ce2cc19477dc3
SHA181a7c8ad2dbd1b5d9ceafe2ab59030ab21b4048e
SHA256ce0eed5497dbe790ecfeb56f20e2662f257230010fb263c6223aca3a49e95a72
SHA512baf2914e080ade8b14f8cbde2cf2bb11f1ba75254e182609641cf59f0487e6ab61348cb7742fbd42be1411827a1616773ffdee2620b6c8da65a857ddfa5f55e0
-
Filesize
344B
MD51a8374e75b82513ec99eb8aef78bdbb7
SHA19ccd15b93b6d98b2f3bb7f8d7eef356fbe5cc655
SHA256686cb9166894ce0f27b3be4da93bc264ae56f57515d54a94a4962b82cd702a7a
SHA512ec763ac4f207cb9a187f96433d00801c19be8ebf991d5f99d8a66d10ee625bb94a3c8ece47422c6ff4dcc9c97865f17a1bcc8b3d81cd985010607be440e3208b
-
Filesize
344B
MD5f4f78cae08de5ee364ccb6000d3ff05b
SHA19ffbc244ef0f9bdf71eb60b79af173a67459d5bd
SHA256bd81391eec77ddc49836135192845334a4ed7e2af22a2c4c81dda98ecf203ce3
SHA51283d756fe901cee0cd2928128c34eb18583f460b127525838424baeb7020dcde542942207a22429347713190ab7027c0b26ac6a70dd264946d82d7585e9cdf6cc
-
Filesize
344B
MD5eb2b5ecb94ed86e5c87810a553a24b24
SHA188318253e50a21a7d0e1b1b249cd1de887241959
SHA256bd4c8204715d86e6e4f5595aad2df395cc6031f5a7bcc7e7a4071f4334a72e31
SHA51262a28fbe5c1f195bce4f135f019a09ad08c1a58ee5996b39a24b6cd42e4293b3ea8f8c6ebed1f6c7992f42df2f32cd6abbc57bc5f19a50d524949b38d7a5a95b
-
Filesize
344B
MD59bf7d7d1a39cba9cb17b72ffecca1b73
SHA1126b6f42022d99fc40bd55a68b36dcbbda14b068
SHA256782814a056625d1fc3c201a2fbb581b98689c1f7cebaa662a5741c320447300a
SHA512c0868e59eab75b24f3f5e1f1a4b656c68ca3666cfee800be550ec54e6e8eab4f991731a8913faecfcc725fe3d78614708f43dbbb5f54950b8581811ded6073eb
-
Filesize
344B
MD593dd6beee56ba789b746ed4c7384ae5d
SHA11b04024ffdf6d35b4c046191d285f86c3fd6b75d
SHA256e3199bf9c77474e88d8121835a40e7d882eb7a9c8af647e681836e57153d5997
SHA5127f94629e49dc1d6cfd73bc5dd6d0132890b2280aa63026239374ef9f6ed6dbf418944d6c85ca9149ae56da64416968a98487e47830e57c3614ba17cfb6754345
-
Filesize
344B
MD565d4bfd5a2e243fc98bb2ac4c7e05252
SHA11c80c4825d9bd85ac21916b21d9b41fe5784cc69
SHA2562e9df9be659f5d348c245e6ed9f476418ce162f35aad1b5b21b4901ed0f84396
SHA512bd1fd016c396ce369837a356489e21a2a3b9a18fba02f995b0896b40552f8e5074fd008d8c0e1fe292702cfe2e897158a2be31e7f67bf012fbbbffaf461e744d
-
Filesize
344B
MD5d28c1efeb1ebdd1186b91a9244c4f100
SHA1e2521cfe2a9150eeed4e2490b5f3e0f03bb36912
SHA256e10c8ea18176d25212c1057ab6e5947ba654f339fc1ecfe840a2eac77117b54d
SHA5124fee5b62d6f6700ceeba83a21cb64ba5fe38aee0e5c7c94ce5f7e7af951ea008282d7d6a8089c1139a8bf5ccddfa97f20691db43e93055ec1f13ab38ef81dc72
-
Filesize
344B
MD5d93528c0b120c44132da6e9962250015
SHA19685185b05cc16167fcccc65e3057a70c7fd84ee
SHA25680633f36765f8c629830f6d4efcf8ccd64891549084917acb3ec4d03f8c125c8
SHA512eed0b678c8e1ccae5738a93663ff2c42c39fd4e106d61e2b9a0128777c7a9413e8e05d0fa3894a5baad6eac9e60a34a6365a886cb2f0469f2e2121ebc2eeb0df
-
Filesize
344B
MD556bcc2babefdcd511ad69265da34e6e5
SHA1c7fbf544477d897b0484b675b269e7740f425397
SHA2568f360f07ea96d4b459c92790de2622c1322225fd682e8de88986d57e00368ca6
SHA512d353d83298beddde7b2ec335a4b1746d61cccfe4f6bc61aee1c286bfc751b132bcd3fe3254bbeabc606b1e6621213f8da100b1d6666a4c6c6e72289d1dd85718
-
Filesize
344B
MD518cddec3013a2e7fa7cee179910279fd
SHA1f1ccafa0e94cb28320e6629b847cb35e8b3c5dec
SHA25687717101236a036d1c6878e64d0a28508d45cdfed31a41657bdf39084a4502e9
SHA512e98268b9016abe7d9e3bc838490e68a367ded2cfbf14b5bc745e131e8d92e84eac9113c7d1ed68989c2239483d0ebf5f28caeacbee01b5220420eafd68b030b4
-
Filesize
344B
MD5a0f0aab9080591e809de88faeeb4e49c
SHA17f52761a996a5e350c25e5f6714882ff7b44a97b
SHA25670b0135184b67ff168921700216185511d5a08a9dc0b69a9127a3f3a1ccdd3ff
SHA512391c928ddb46e675065c45528e29845fb8a7dffc91910f36cc60437e09bb8cca9cafc1369632d6e45eecd2ef611e9aa881af6811569726a677ea530fc084a741
-
Filesize
344B
MD5608da81fddc5acc61337019d134bd06b
SHA1e2951866dc92fff156635e9efb282eb3c3839cb4
SHA256998348b19e4544ce3946153607a7457553659051c868d8ca5b09acb3830ab66c
SHA5127f8953f9cb6087220f1994a16506a530664654a6afe9bb65be4bb9247d60546a2d631e167fd956fc0073a9da48591156a7c11de7c049c1eedf0e1a3ef28774ce
-
Filesize
344B
MD503d1ec557bfa28a74a96fe7d6b700b7d
SHA1e0581d061d76628d61d709f545813740923c3477
SHA2567f6bb4f174a955acedeb4ff80da5de23a8b8f7cc2af1c494cbcc7547c5de09e2
SHA5121ee2287bafea05e8b05efcb7e3e5497b0899f266e4a505b100fed6f861ff6f023b750328cf465c211c2c47c45bd77bc9d1dc9b7a5aa8cabae842cda95545f768
-
Filesize
242B
MD5c0107cc32e00f1863a81817f2fd7e9e0
SHA19d4d150cbf3f88347993ea94e9df63082cb2a239
SHA256077d2abb37c6d1e4bf0c336fe5396ca795f8b1e7be4102eaa78a9cd5d63e9356
SHA512fbdd4e5f4432369d8ca60d78ca427236cf7ba773d155308a1e5a5290368e182f2cc63a7006c57995a8576007513649504806d825c45b10b079089c824b760861
-
Filesize
4KB
MD5da597791be3b6e732f0bc8b20e38ee62
SHA11125c45d285c360542027d7554a5c442288974de
SHA2565b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
SHA512d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e
-
Filesize
13B
MD5c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA135e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA5126be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed
-
Filesize
229B
MD5bb894e57d37b0ca0f8c7081d378c8845
SHA1149423818a966ce889c8637cb01888999294d536
SHA256723691d9cf894f3e5777f4d92d9701fdecddd8f9e5760e0323e865d9493dbf31
SHA5128f93d6874875151eaf5d289f03986d892ea632139c391dff1e26004a239171b8ad165554e25de5ae318fbb1f51748a490c1d3d6c8f9075f16da176dbd5f11c8a
-
Filesize
229B
MD51a4e86c0f7c0c3789ea1fd45e562d785
SHA18182bff684cc1dbb08b40bb2a2cc52fc81304595
SHA2566ea1a9e34132bf64f2d448c8d93c98493ebcdf747b1651e241d8c228f0f14db5
SHA51217929c4d80fe9bb70fc5bab1c33213b213d1edf3c10fda9d6226ea4c77859bf4011525e318a2e0253789b5f8ed1b29260a3b55e4b15646409836591131ff3152
-
Filesize
641B
MD5f3a340c637cc0e04bf6705532c5ca34a
SHA18392fa74ec4d8b13769a155819b0ccda19463da9
SHA256ea2ffa1e2064886fe96348e03454face6eba2b791dc3d944d12f2e3c091e3ae1
SHA5123661d3c5e2fff997dd27149465dc96209b8b0c0dc8df32725f9c7865d662aaa050e208c34a5515e99ae008a56dc5f05c798ec575a86462b4fc9c741ff023942a
-
Filesize
641B
MD59ea350ee199a72ac2153e570fcd335d2
SHA158c5f8d950a646e6f3f4ca90ba6847332d0a869c
SHA256ecff2a309270ebb0a9159cf0ac32bd41e3edd3b94646747c75473faabf05a55a
SHA512b36a55bdda8c08409c4d162dceb311ef177eb5158a9e8785cf344e7407ff3b2635ce5b01a265718626971fd439835a3f790161fcdd57976c71d4d5d47305f8a5
-
Filesize
25KB
MD519e7a8556c796785d707655c74ba5fca
SHA10d84baa59d101c1338285aa91e6b3eecbf264672
SHA256f745c1ac4e90cbc7513bce884bd716b44e75da4c84386eb161f0e9a7a41b251f
SHA512da08b6f3db64d8adec1a6fe513a75a7047c191165bcea4eb1b9d11f68d4a26c6c8e06941d4b7b2e2ee799f29a09eb6da3d4e325ef491e70a0c2aef910a8bdb8e
-
Filesize
990B
MD51c1e544a55ec2c8f6a10de89105a4480
SHA1ed98220d5a95fd834d8185e15108bcaf92c3d002
SHA256a113446cf250c8227a337bb61ba2c771a0c4fce16923d33bbb9abbae52ba8327
SHA51216b75d9b0f3a3b8df82d2d4eb7d81671490d1aaaa73a7e4326d116df3b8a8f1e53aa87765a222f37f6b0cfb8f4a6d8741da71dbb3d11105ec9e959819fe4844e
-
Filesize
25KB
MD5b68554a10c4f3145d0e57237ead70810
SHA18d6461fe30e16c617ef2e727e09e8617b544503b
SHA256f0e18c80694cae4e00f83fd4a8d3d4a22bfd20deda046eb044220ae8f17a5a39
SHA5125f7619543208556ab047cff450fe48078cf63acbc7498b823f63e97f14332746524cec132a25eb94301cce661ea70d22ab657e4b5794871d2bc67f895ee42ed4
-
Filesize
990B
MD5a15d2174c475fab97f13e7b186a517cd
SHA17f3fa48a39981d6716bb97b445c904c7b5678fee
SHA25621d6056da29ad0304176f06aa5b7c4244bc67a6f17c14e21453afe57826bcd3c
SHA512b8d3a7804bfd7dabb2905135e32d91e64d5e422738eb41c4739affa8e954c34e50455d9d7a804aa0ddf412d631195bfcfc7e9b61ea29df291219578ec00fcb98
-
Filesize
990B
MD5eef3978ad0111cf6a2766a59954b954b
SHA1faf54f3a4c362a43ab7806b6e6d47e9f5a2a5c2a
SHA2563cd9e6f454d618bf88d36f1705db941140139baf82fb38d7812216c080300715
SHA5126dc94fd6b516ba815df9a944b51c80d3255d24b017e237ce4ff69fb5e87e64b6761391185a7f8861da4954df1054f0c12599a1d2c489d1b25c18f6e4a14652ab
-
Filesize
990B
MD593b9b6e85313f48fdc52c06fb7527975
SHA1462b4bab0cf1b8cfe8966cebd69f9c69e767a5f9
SHA2565134b6eb018d28949547a57371f2d1d4c33994235974e305873a31af7b543c3d
SHA51259694d595a1eb9268587392e355356cddfdb73f024db9a042ad18e55e030ab774f17b2f845e5cc94d63da66127b59f94f33dd75cc5600770465675502e39d1ba
-
Filesize
990B
MD57d2346d01e24d50c1e6d4deb2918e181
SHA1032aa56d2e9c8df15d7133a0fbf369c3edb619d8
SHA2568ca4949abf45e340e8d8ea4f5015f17e20483d2fc5a4a063ff68fedc1dd13517
SHA5122ea4f54ffa687654e0f98ff90a888f072e384a04cba8adfa190385eae901f4d59cebac757d2d9b7d01b31672ec16a392706a28430114e28d93d7446d793ed83d
-
Filesize
990B
MD58c1c34278dc35eb97537e181af4c1726
SHA183a9db2c7612d9b0e530ffa0e2840acf631d8eea
SHA2563ae19064a2df3b534a8d0ef7f3ca7b7d9fe55936b1a12227677bd03af30873dd
SHA512ba099abbbea8608d6bc49f8a9a74289a7dedd3f8fb7ec9523dcb413094380a7640bf5d1b0e7345912567199905f7215aed37c794eab35f9fcb470fe8c4b84888
-
Filesize
990B
MD5ca12eb6ed1eb278b28f7711845121653
SHA1f6b98dfdd7f8068f1348ce7f9d1820ba7f0ac0b5
SHA256e31f52ea0145d12b0cda5401021b1487a6125793fbc52f5355520488af91b75d
SHA512316b8e1d2232825ab5e1bcb179daf6f48d9b6b9a94b78a91861b6e0b28a3a29c50d24963820f84a7ed59879b2b829e3177898108ed88022390defde57d2624a9
-
Filesize
171KB
MD59c0c641c06238516f27941aa1166d427
SHA164cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA2564276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06