Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    11/05/2024, 06:19 UTC

General

  • Target

    332974cc443a047c45e94565e8cb5019_JaffaCakes118.html

  • Size

    175KB

  • MD5

    332974cc443a047c45e94565e8cb5019

  • SHA1

    ef49eb6eed889504c0e05bc1e714f42c617a5f85

  • SHA256

    3d5bd4172ab8e2dc710d2f77fc2a18b48f6473faec7004ea00893bff2e14ace0

  • SHA512

    80a212711d8216e637063735819071b6c5f35a1e1b92219f248e6640415693368f8a9fa3c5704095d75c945d32f3beb07a5b70f7ed9495fc9b32b4d2a0f40930

  • SSDEEP

    1536:Sqt58hd8Wu8pI8Cd8hd8dQg0H//3oS3dGNkFTYfBCJis8+aeTH+WK/Lf1/hmnVSV:SOoT3d/FqBCJiqm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\332974cc443a047c45e94565e8cb5019_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2084
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2084 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3060

Network

  • flag-us
    DNS
    konthaiusa.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    konthaiusa.com
    IN A
    Response
  • flag-us
    DNS
    www.konthaiusa.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.konthaiusa.com
    IN A
    Response
  • flag-de
    GET
    http://fonts.googleapis.com/css?family=Arial
    IEXPLORE.EXE
    Remote address:
    142.250.185.170:80
    Request
    GET /css?family=Arial HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fonts.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 400 Bad Request
    Content-Type: text/html; charset=utf-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 11 May 2024 06:19:13 GMT
    Cross-Origin-Opener-Policy: same-origin-allow-popups
    Cross-Origin-Resource-Policy: cross-origin
    Content-Encoding: gzip
    Transfer-Encoding: chunked
    Server: ESF
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
  • flag-us
    DNS
    www.youtube.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.youtube.com
    IN A
    Response
    www.youtube.com
    IN CNAME
    youtube-ui.l.google.com
    youtube-ui.l.google.com
    IN A
    216.58.206.46
    youtube-ui.l.google.com
    IN A
    172.217.23.110
    youtube-ui.l.google.com
    IN A
    142.250.185.78
    youtube-ui.l.google.com
    IN A
    142.250.185.110
    youtube-ui.l.google.com
    IN A
    142.250.185.142
    youtube-ui.l.google.com
    IN A
    142.250.185.174
    youtube-ui.l.google.com
    IN A
    142.250.185.206
    youtube-ui.l.google.com
    IN A
    142.250.185.238
    youtube-ui.l.google.com
    IN A
    142.250.184.238
    youtube-ui.l.google.com
    IN A
    142.250.181.238
    youtube-ui.l.google.com
    IN A
    142.250.186.46
    youtube-ui.l.google.com
    IN A
    142.250.186.78
    youtube-ui.l.google.com
    IN A
    172.217.16.142
    youtube-ui.l.google.com
    IN A
    142.250.186.142
    youtube-ui.l.google.com
    IN A
    142.250.74.206
    youtube-ui.l.google.com
    IN A
    142.250.184.206
  • flag-us
    DNS
    www.facebook.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.facebook.com
    IN A
    Response
    www.facebook.com
    IN CNAME
    star-mini.c10r.facebook.com
    star-mini.c10r.facebook.com
    IN A
    163.70.151.35
  • flag-de
    GET
    http://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:80
    Request
    GET /embed/evMR3wn1LGk?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 11 May 2024 06:20:01 GMT
    Location: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-de
    GET
    http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:80
    Request
    GET /embed/ygK7kej0BPA?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 11 May 2024 06:20:08 GMT
    Location: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-de
    GET
    http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:80
    Request
    GET /embed/QMECDnECjJM?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 11 May 2024 06:20:08 GMT
    Location: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-gb
    GET
    http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    IEXPLORE.EXE
    Remote address:
    163.70.151.35:80
    Request
    GET /plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.facebook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Location: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Content-Type: text/plain
    Server: proxygen-bolt
    Date: Sat, 11 May 2024 06:20:01 GMT
    Connection: keep-alive
    Content-Length: 0
  • flag-gb
    GET
    https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    IEXPLORE.EXE
    Remote address:
    163.70.151.35:443
    Request
    GET /plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.facebook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
    report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
    cross-origin-opener-policy: unsafe-none;report-to="coop_report"
    Pragma: no-cache
    Cache-Control: private, no-cache, no-store, must-revalidate
    Expires: Sat, 01 Jan 2000 00:00:00 GMT
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Strict-Transport-Security: max-age=15552000; preload
    Content-Type: text/html; charset="utf-8"
    X-FB-Debug: i9O/Wg+XI+JLF/GFx7VqD2oR3iNTOLYnFDHGS+KDPIxdGp6eKxHwvOadN9wVjkfuonXpnvExkdA4/at1RG8xyQ==
    Date: Sat, 11 May 2024 06:20:02 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=10, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=137, ullat=0
    Alt-Svc: h3=":443"; ma=86400
    Transfer-Encoding: chunked
    Connection: keep-alive
  • flag-de
    GET
    https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /embed/evMR3wn1LGk?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 11 May 2024 06:20:02 GMT
    Strict-Transport-Security: max-age=31536000
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Cross-Origin-Resource-Policy: cross-origin
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=cswTFiDXHOM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_INFO1_LIVE=u3nKXv7ELRw; Domain=.youtube.com; Expires=Thu, 07-Nov-2024 06:20:02 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D; Domain=.youtube.com; Expires=Thu, 07-Nov-2024 06:20:02 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/www-player.css
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/www-player.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 58605
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 11 May 2024 05:19:09 GMT
    Expires: Sun, 11 May 2025 05:19:09 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/css
    Vary: Accept-Encoding, Origin
    Age: 3653
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/base.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/player_ias.vflset/en_US/base.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Encoding: gzip
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 813878
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 11 May 2024 05:18:55 GMT
    Expires: Sun, 11 May 2025 05:18:55 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 3667
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    POST
    https://www.youtube.com/api/stats/qoe?cpn=fAj8mPGXlhLeQ5bS&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C4110%2C2856%2C2%2C2870%2C3819%2C2007%2C9072%2C13110%2C16041%2C753%2C1445%2C764%2C8205%2C1025%2C1104%2C21%2C1865%2C2322%2C2744%2C102%2C2657%2C55%2C638%2C8%2C41%2C3%2C288%2C2%2C78%2C3625%2C8%2C173%2C659%2C451%2C176%2C5%2C38%2C2539%2C549%2C930%2C492%2C296%2C1360%2C3467%2C8%2C46%2C1023%2C835%2C319%2C1178&cl=631432265&seq=1&event=streamingstats&docid=evMR3wn1LGk&qclc=ChBmQWo4bVBHWGxoTGVRNWJTEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240507.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    POST /api/stats/qoe?cpn=fAj8mPGXlhLeQ5bS&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C4110%2C2856%2C2%2C2870%2C3819%2C2007%2C9072%2C13110%2C16041%2C753%2C1445%2C764%2C8205%2C1025%2C1104%2C21%2C1865%2C2322%2C2744%2C102%2C2657%2C55%2C638%2C8%2C41%2C3%2C288%2C2%2C78%2C3625%2C8%2C173%2C659%2C451%2C176%2C5%2C38%2C2539%2C549%2C930%2C492%2C296%2C1360%2C3467%2C8%2C46%2C1023%2C835%2C319%2C1178&cl=631432265&seq=1&event=streamingstats&docid=evMR3wn1LGk&qclc=ChBmQWo4bVBHWGxoTGVRNWJTEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240507.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000 HTTP/1.1
    Accept: */*
    X-Goog-Visitor-Id: Cgt1M25LWHY3RUxSdyiSnPyxBjIKCgJHQhIEGgAgHA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240507.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1715408401792&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C1524%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C590%2C250&vis=1&wgl=true&ca_type=image
    Content-Type: application/x-www-form-urlencoded
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 226
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Type: text/html; charset=UTF-8
    Date: Sat, 11 May 2024 06:20:03 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate
    X-Content-Type-Options: nosniff
    Server: Video Stats Server
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1715408404642
    Content-Type: application/json
    X-Goog-Visitor-Id: Cgt1M25LWHY3RUxSdyiSnPyxBjIKCgJHQhIEGgAgHA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240507.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1715408401520&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C1524%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C590%2C250&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 9743
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:05 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /embed/ygK7kej0BPA?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 11 May 2024 06:20:08 GMT
    Strict-Transport-Security: max-age=31536000
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    Cross-Origin-Resource-Policy: cross-origin
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/www-embed-player.vflset/www-embed-player.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/www-embed-player.vflset/www-embed-player.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 114718
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 10 May 2024 19:06:14 GMT
    Expires: Sat, 10 May 2025 19:06:14 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 40434
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/base.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/player_ias.vflset/en_US/base.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Encoding: gzip
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 813878
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 11 May 2024 05:18:55 GMT
    Expires: Sun, 11 May 2025 05:18:55 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 3673
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/remote.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/player_ias.vflset/en_US/remote.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 39305
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 11 May 2024 03:34:58 GMT
    Expires: Sun, 11 May 2025 03:34:58 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 9911
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/player_ias.vflset/en_US/embed.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 22512
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 10 May 2024 13:54:21 GMT
    Expires: Sat, 10 May 2025 13:54:21 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 59148
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/base.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/player_ias.vflset/en_US/base.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Encoding: gzip
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 813878
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 11 May 2024 05:18:55 GMT
    Expires: Sun, 11 May 2025 05:18:55 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 3675
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/player_ias.vflset/en_US/embed.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 22512
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 10 May 2024 13:54:21 GMT
    Expires: Sat, 10 May 2025 13:54:21 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 59149
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/generate_204?cpZs3A
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /generate_204?cpZs3A HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Length: 0
    Cross-Origin-Resource-Policy: cross-origin
    Date: Sat, 11 May 2024 06:20:11 GMT
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/remote.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/player_ias.vflset/en_US/remote.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 39305
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 11 May 2024 03:34:58 GMT
    Expires: Sun, 11 May 2025 03:34:58 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 9913
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/player_ias.vflset/en_US/embed.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 22512
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 10 May 2024 13:54:21 GMT
    Expires: Sat, 10 May 2025 13:54:21 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 59151
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    POST
    https://www.youtube.com/api/stats/qoe?cpn=qAvT7VNhYXzCKzR5&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C4110%2C2856%2C2%2C2870%2C3819%2C2007%2C9072%2C13110%2C16042%2C752%2C1445%2C764%2C8205%2C1025%2C1104%2C21%2C1865%2C2322%2C2744%2C102%2C2657%2C55%2C638%2C8%2C41%2C3%2C288%2C2%2C78%2C3625%2C8%2C173%2C659%2C451%2C176%2C5%2C38%2C2539%2C549%2C930%2C492%2C296%2C1360%2C3467%2C8%2C46%2C1023%2C835%2C319%2C1178&cl=631432265&seq=1&event=streamingstats&docid=ywSeSlVcY4w&qclc=ChBxQXZUN1ZOaFlYekNLelI1EAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240507.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    POST /api/stats/qoe?cpn=qAvT7VNhYXzCKzR5&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C4110%2C2856%2C2%2C2870%2C3819%2C2007%2C9072%2C13110%2C16042%2C752%2C1445%2C764%2C8205%2C1025%2C1104%2C21%2C1865%2C2322%2C2744%2C102%2C2657%2C55%2C638%2C8%2C41%2C3%2C288%2C2%2C78%2C3625%2C8%2C173%2C659%2C451%2C176%2C5%2C38%2C2539%2C549%2C930%2C492%2C296%2C1360%2C3467%2C8%2C46%2C1023%2C835%2C319%2C1178&cl=631432265&seq=1&event=streamingstats&docid=ywSeSlVcY4w&qclc=ChBxQXZUN1ZOaFlYekNLelI1EAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240507.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000 HTTP/1.1
    Accept: */*
    X-Goog-Visitor-Id: Cgt1M25LWHY3RUxSdyiYnPyxBjIKCgJHQhIEGgAgHA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240507.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1715408410379&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12994%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Content-Type: application/x-www-form-urlencoded
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 226
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Type: text/html; charset=UTF-8
    Date: Sat, 11 May 2024 06:20:12 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate
    X-Content-Type-Options: nosniff
    Server: Video Stats Server
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/www-embed-player.vflset/www-embed-player.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/www-embed-player.vflset/www-embed-player.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 114718
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 10 May 2024 19:06:14 GMT
    Expires: Sat, 10 May 2025 19:06:14 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 40428
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/player_ias.vflset/en_US/embed.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 22512
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 10 May 2024 13:54:21 GMT
    Expires: Sat, 10 May 2025 13:54:21 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 59142
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /embed/QMECDnECjJM?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 11 May 2024 06:20:08 GMT
    Strict-Transport-Security: max-age=31536000
    Cross-Origin-Resource-Policy: cross-origin
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/www-player.css
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/www-player.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 58605
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 11 May 2024 05:19:09 GMT
    Expires: Sun, 11 May 2025 05:19:09 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/css
    Vary: Accept-Encoding, Origin
    Age: 3659
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1715408411939
    Content-Type: application/json
    X-Goog-Visitor-Id: Cgt1M25LWHY3RUxSdyiYnPyxBjIKCgJHQhIEGgAgHA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240507.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1715408407899&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12594%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 7185
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:13 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://www.youtube.com/generate_204?gcoSAw
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /generate_204?gcoSAw HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Length: 0
    Cross-Origin-Resource-Policy: cross-origin
    Date: Sat, 11 May 2024 06:20:13 GMT
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1715408413918
    Content-Type: application/json
    X-Goog-Visitor-Id: Cgt1M25LWHY3RUxSdyiYnPyxBjIKCgJHQhIEGgAgHA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240507.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1715408407911&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12394%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 2394
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:14 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1715408414197
    Content-Type: application/json
    X-Goog-Visitor-Id: Cgt1M25LWHY3RUxSdyiYnPyxBjIKCgJHQhIEGgAgHA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240507.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1715408409984&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12794%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 9748
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:15 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1715408414738
    Content-Type: application/json
    X-Goog-Visitor-Id: Cgt1M25LWHY3RUxSdyiYnPyxBjIKCgJHQhIEGgAgHA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240507.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1715408408102&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12594%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 2603
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:15 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    static.xx.fbcdn.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    static.xx.fbcdn.net
    IN A
    Response
    static.xx.fbcdn.net
    IN CNAME
    scontent.xx.fbcdn.net
    scontent.xx.fbcdn.net
    IN A
    163.70.151.21
  • flag-us
    DNS
    scontent.xx.fbcdn.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    scontent.xx.fbcdn.net
    IN A
    Response
    scontent.xx.fbcdn.net
    IN A
    163.70.151.21
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/SHojUHmeyWm.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    163.70.151.21:443
    Request
    GET /rsrc.php/v3/yh/r/SHojUHmeyWm.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Sat, 10 May 2025 02:42:21 GMT
    Cache-Control: public,max-age=31536000,immutable
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    content-md5: mbhCMMh8ecxLLzwUOouxPg==
    X-FB-Debug: crBbARKrWt6UnSW+WVq4h5hYya/efqyng9NCGGIsogPK7RRA6+hfMuB9nYaY1ywL0I+/gZc2mBpxHFhqJ7pNeA==
    Date: Sat, 11 May 2024 06:20:02 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=14, mss=1357, tbw=3223, tp=-1, tpl=-1, uplat=2, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 120131
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
    IEXPLORE.EXE
    Remote address:
    163.70.151.21:443
    Request
    GET /rsrc.php/v3/yw/r/UXtr_j2Fwe-.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
    Expires: Sun, 04 May 2025 04:46:51 GMT
    Cache-Control: public,max-age=31536000,immutable
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    X-FB-Debug: qAqPfnZwtnn5fnnlZklvVzrMT65ylR1PWwrsAMPoGnLuRp8ea9OR5N0oS/gIWqLqQ3nm0i89Z6GKjndVVBhCCQ==
    Date: Sat, 11 May 2024 06:20:03 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=104, mss=1357, tbw=125837, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 573
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/xjg1QNQguf-.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    163.70.151.21:443
    Request
    GET /rsrc.php/v3/yr/r/xjg1QNQguf-.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Mon, 05 May 2025 17:24:20 GMT
    Cache-Control: public,max-age=31536000,immutable
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    content-md5: l/6Eix4LqOT7TVzK9MFiKg==
    X-FB-Debug: Us3WXzYe2U3w9MQvBqPwBKNNa6Apzij6kluDvs69MNjGhWb+pdSPIMS+tc4eBHuvbcEH/1Nnt0bsv2fXwobgxQ==
    Date: Sat, 11 May 2024 06:20:02 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=14, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 6186
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    163.70.151.21:443
    Request
    GET /rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Thu, 01 May 2025 18:08:37 GMT
    Cache-Control: public,max-age=31536000,immutable
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    content-md5: ivkhXUQG4wQzNqI4NjhapA==
    X-FB-Debug: v00KXOIvnNUyX2Wz9MWOiEAD5x5YEkUzsvWu4Gqu6ReVfnL02gaQZBu6kl0XRCgT1YxCMzW40Z+d4Z4Hg9xMfw==
    Date: Sat, 11 May 2024 06:20:02 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=22, mss=1357, tbw=11396, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 302
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/qnn7MVQZYOT.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    163.70.151.21:443
    Request
    GET /rsrc.php/v3/yX/r/qnn7MVQZYOT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Thu, 08 May 2025 10:00:05 GMT
    Cache-Control: public,max-age=31536000,immutable
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    content-md5: 8PCvFKDybF3MIm5mER6XhA==
    X-FB-Debug: wmNv2Rimuf9/NVZXaMbZvXeOrGoAMqprOtwcIo0jyTEAku7A2CcFUgnVrjLIRG98WiAp+f/pbtvWxSvzFK50kw==
    Date: Sat, 11 May 2024 06:20:02 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=14, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 4910
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/eQ3e44cCeXh.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    163.70.151.21:443
    Request
    GET /rsrc.php/v3/yz/r/eQ3e44cCeXh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Thu, 08 May 2025 01:53:24 GMT
    Cache-Control: public,max-age=31536000,immutable
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    origin-agent-cluster: ?0
    content-md5: /UvaYYFz4TYTsgCAstdYzg==
    X-FB-Debug: pA5ljP399Er/OanRj5A420MYe+JAHMxbtlcpBQNJEPe0pBIsYnd6yri3OsKZYn40bztVYSBUrRvR2xIOFaA4yA==
    Date: Sat, 11 May 2024 06:20:02 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=14, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 20741
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/7CmGfGBVS6H.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    163.70.151.21:443
    Request
    GET /rsrc.php/v3/yV/r/7CmGfGBVS6H.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Fri, 09 May 2025 18:35:01 GMT
    Cache-Control: public,max-age=31536000,immutable
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    content-md5: SjbY5lxdzgPHEQ3arBIKTA==
    X-FB-Debug: iK+ofABg+5rpO9eu122WPnC79gsTYH2kolzMf6e4Dtc4aqRPyuc1GB3FtoJJS4liSCv3ngYpv0dAY2nu+QLU9Q==
    Date: Sat, 11 May 2024 06:20:02 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=14, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 13761
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3i7244/yb/l/en_GB/OWkNLphO4cA.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    163.70.151.21:443
    Request
    GET /rsrc.php/v3i7244/yb/l/en_GB/OWkNLphO4cA.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Sat, 10 May 2025 21:56:30 GMT
    Cache-Control: public,max-age=31536000,immutable
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    content-md5: 1w2b0ekC1gMiCUey3Q7IUg==
    X-FB-Debug: lgqmG9PmhooVDK0C9+GfRpft4rKty+MKq2JSNQxnUtG9jw1RRHdXJ562MnPjy5c0HKIck55ZqldWOhSIS1oXCg==
    Date: Sat, 11 May 2024 06:20:02 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=28, mss=1357, tbw=19000, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 25897
  • flag-gb
    GET
    https://scontent.xx.fbcdn.net/v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=5f2048&_nc_ohc=jVOeTrk1NiQQ7kNvgGWA7F_&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AYAm4EZ3_VLuv9lcDxX1DS63I5ip2fOWIK0BtBWjLamsWw&oe=6644F993
    IEXPLORE.EXE
    Remote address:
    163.70.151.21:443
    Request
    GET /v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=5f2048&_nc_ohc=jVOeTrk1NiQQ7kNvgGWA7F_&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AYAm4EZ3_VLuv9lcDxX1DS63I5ip2fOWIK0BtBWjLamsWw&oe=6644F993 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: scontent.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Last-Modified: Sat, 10 Sep 2022 01:27:37 GMT
    X-Needle-Checksum: 2883854034
    thrift_fmhk: GBCZYNYXAgFzY/LVoSBpVfPBFfDr4Z0EvFUAHCYEAAAA
    Content-Type: image/jpeg
    content-digest: adler32=740015753
    cross-origin-resource-policy: cross-origin
    timing-allow-origin: *
    Access-Control-Allow-Origin: *
    Cache-Control: max-age=1209600, no-transform
    Accept-Ranges: bytes
    Date: Sat, 11 May 2024 06:20:02 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=14, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 1967
  • flag-us
    DNS
    googleads.g.doubleclick.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    googleads.g.doubleclick.net
    IN A
    Response
    googleads.g.doubleclick.net
    IN A
    142.250.185.66
  • flag-us
    DNS
    static.doubleclick.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    static.doubleclick.net
    IN A
    Response
    static.doubleclick.net
    IN A
    142.250.185.70
  • flag-de
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.185.66:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 11 May 2024 06:20:03 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.185.66:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 11 May 2024 06:20:03 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.185.66:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 11 May 2024 06:20:09 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.185.66:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 11 May 2024 06:20:09 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.185.66:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 11 May 2024 06:20:11 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.185.66:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 11 May 2024 06:20:11 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.185.66:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 11 May 2024 06:20:10 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.185.66:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 11 May 2024 06:20:10 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.185.66:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 11 May 2024 06:20:11 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.185.66:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 11 May 2024 06:20:11 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://static.doubleclick.net/instream/ad_status.js
    IEXPLORE.EXE
    Remote address:
    142.250.185.70:443
    Request
    GET /instream/ad_status.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-doubleclick-media"
    Report-To: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
    Timing-Allow-Origin: *
    Content-Length: 29
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 11 May 2024 06:18:55 GMT
    Expires: Sat, 11 May 2024 06:33:55 GMT
    Cache-Control: public, max-age=900
    Age: 68
    Last-Modified: Thu, 12 Dec 2013 23:40:16 GMT
    Content-Type: text/javascript
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    jnn-pa.googleapis.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    jnn-pa.googleapis.com
    IN A
    Response
    jnn-pa.googleapis.com
    IN A
    142.250.186.106
    jnn-pa.googleapis.com
    IN A
    172.217.16.202
    jnn-pa.googleapis.com
    IN A
    142.250.186.170
    jnn-pa.googleapis.com
    IN A
    216.58.206.74
    jnn-pa.googleapis.com
    IN A
    216.58.206.42
    jnn-pa.googleapis.com
    IN A
    172.217.18.106
    jnn-pa.googleapis.com
    IN A
    172.217.23.106
    jnn-pa.googleapis.com
    IN A
    216.58.212.138
    jnn-pa.googleapis.com
    IN A
    142.250.185.74
    jnn-pa.googleapis.com
    IN A
    142.250.185.106
    jnn-pa.googleapis.com
    IN A
    142.250.185.138
    jnn-pa.googleapis.com
    IN A
    142.250.185.170
    jnn-pa.googleapis.com
    IN A
    142.250.185.202
    jnn-pa.googleapis.com
    IN A
    142.250.185.234
    jnn-pa.googleapis.com
    IN A
    142.250.184.234
    jnn-pa.googleapis.com
    IN A
    142.250.181.234
  • flag-de
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.186.106:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:03 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.186.106:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 866
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:03 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.186.106:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:10 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.186.106:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 1216
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:13 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:80
    Request
    GET /embed/gS2GhpTPLvQ?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 11 May 2024 06:20:08 GMT
    Location: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-de
    GET
    http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:80
    Request
    GET /embed/ywSeSlVcY4w?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 11 May 2024 06:20:08 GMT
    Location: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-de
    GET
    http://www.google-analytics.com/ga.js
    IEXPLORE.EXE
    Remote address:
    142.250.185.78:80
    Request
    GET /ga.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google-analytics.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
    X-Content-Type-Options: nosniff
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 17168
    Date: Sat, 11 May 2024 05:59:52 GMT
    Expires: Sat, 11 May 2024 07:59:52 GMT
    Cache-Control: public, max-age=7200
    Age: 1216
    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
  • flag-de
    GET
    https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /embed/gS2GhpTPLvQ?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 11 May 2024 06:20:08 GMT
    Strict-Transport-Security: max-age=31536000
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    Cross-Origin-Resource-Policy: cross-origin
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/www-player.css
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/www-player.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 58605
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 11 May 2024 05:19:09 GMT
    Expires: Sun, 11 May 2025 05:19:09 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/css
    Vary: Accept-Encoding, Origin
    Age: 3661
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1715408411916
    Content-Type: application/json
    X-Goog-Visitor-Id: Cgt1M25LWHY3RUxSdyiYnPyxBjIKCgJHQhIEGgAgHA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240507.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1715408408283&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12394%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 7801
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:13 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1715408414211
    Content-Type: application/json
    X-Goog-Visitor-Id: Cgt1M25LWHY3RUxSdyiYnPyxBjIKCgJHQhIEGgAgHA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240507.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1715408410007&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12994%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 8167
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:15 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /embed/ywSeSlVcY4w?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 11 May 2024 06:20:08 GMT
    Strict-Transport-Security: max-age=31536000
    Cross-Origin-Resource-Policy: cross-origin
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    GET
    https://www.youtube.com/s/player/17fd9675/www-embed-player.vflset/www-embed-player.js
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    GET /s/player/17fd9675/www-embed-player.vflset/www-embed-player.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 114718
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 10 May 2024 19:06:14 GMT
    Expires: Sat, 10 May 2025 19:06:14 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 May 2024 04:20:16 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 40436
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    POST
    https://www.youtube.com/api/stats/qoe?cpn=F8BbED6OlrTxt_7k&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C4110%2C2856%2C2%2C2870%2C3819%2C2007%2C9072%2C13110%2C16042%2C752%2C1445%2C764%2C8205%2C1025%2C1104%2C21%2C1865%2C2322%2C2744%2C102%2C2657%2C55%2C638%2C8%2C41%2C3%2C288%2C2%2C78%2C3625%2C8%2C173%2C659%2C451%2C176%2C5%2C38%2C2539%2C549%2C930%2C492%2C296%2C1360%2C3467%2C8%2C46%2C1023%2C835%2C319%2C1178&cl=631432265&seq=1&event=streamingstats&docid=QMECDnECjJM&qclc=ChBGOEJiRUQ2T2xyVHh0XzdrEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240507.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000
    IEXPLORE.EXE
    Remote address:
    216.58.206.46:443
    Request
    POST /api/stats/qoe?cpn=F8BbED6OlrTxt_7k&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C4110%2C2856%2C2%2C2870%2C3819%2C2007%2C9072%2C13110%2C16042%2C752%2C1445%2C764%2C8205%2C1025%2C1104%2C21%2C1865%2C2322%2C2744%2C102%2C2657%2C55%2C638%2C8%2C41%2C3%2C288%2C2%2C78%2C3625%2C8%2C173%2C659%2C451%2C176%2C5%2C38%2C2539%2C549%2C930%2C492%2C296%2C1360%2C3467%2C8%2C46%2C1023%2C835%2C319%2C1178&cl=631432265&seq=1&event=streamingstats&docid=QMECDnECjJM&qclc=ChBGOEJiRUQ2T2xyVHh0XzdrEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240507.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000 HTTP/1.1
    Accept: */*
    X-Goog-Visitor-Id: Cgt1M25LWHY3RUxSdyiYnPyxBjIKCgJHQhIEGgAgHA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240507.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1715408408102&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12594%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Content-Type: application/x-www-form-urlencoded
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 226
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=cswTFiDXHOM; VISITOR_INFO1_LIVE=u3nKXv7ELRw; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgHA%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Type: text/html; charset=UTF-8
    Date: Sat, 11 May 2024 06:20:12 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate
    X-Content-Type-Options: nosniff
    Server: Video Stats Server
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    www.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.google.com
    IN A
    Response
    www.google.com
    IN A
    142.250.185.164
  • flag-de
    GET
    https://www.google.com/js/th/--9dH29IQ9CksBulhkJupx8P-yH9Jquge0_97VfE0Pw.js
    IEXPLORE.EXE
    Remote address:
    142.250.185.164:443
    Request
    GET /js/th/--9dH29IQ9CksBulhkJupx8P-yH9Jquge0_97VfE0Pw.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
    Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
    Content-Length: 23856
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 09 May 2024 15:19:03 GMT
    Expires: Fri, 09 May 2025 15:19:03 GMT
    Cache-Control: public, max-age=31536000
    Age: 140466
    Last-Modified: Mon, 29 Apr 2024 11:30:00 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    i.ytimg.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    i.ytimg.com
    IN A
    Response
    i.ytimg.com
    IN A
    142.250.185.214
    i.ytimg.com
    IN A
    142.250.185.246
    i.ytimg.com
    IN A
    142.250.184.246
    i.ytimg.com
    IN A
    216.58.212.182
    i.ytimg.com
    IN A
    142.250.181.246
    i.ytimg.com
    IN A
    142.250.186.54
    i.ytimg.com
    IN A
    142.250.186.86
    i.ytimg.com
    IN A
    142.250.186.150
    i.ytimg.com
    IN A
    142.250.74.214
    i.ytimg.com
    IN A
    142.250.184.214
    i.ytimg.com
    IN A
    172.217.18.22
    i.ytimg.com
    IN A
    142.250.186.118
    i.ytimg.com
    IN A
    172.217.16.214
    i.ytimg.com
    IN A
    142.250.186.182
    i.ytimg.com
    IN A
    216.58.206.86
    i.ytimg.com
    IN A
    216.58.206.54
  • flag-de
    GET
    https://i.ytimg.com/vi/ygK7kej0BPA/sddefault.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.185.214:443
    Request
    GET /vi/ygK7kej0BPA/sddefault.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: i.ytimg.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Timing-Allow-Origin: *
    Content-Length: 35419
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 11 May 2024 05:56:48 GMT
    Expires: Sat, 11 May 2024 07:56:48 GMT
    Cache-Control: public, max-age=7200
    Age: 1402
    ETag: "0"
    Content-Type: image/jpeg
    Vary: Origin
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    GET
    https://i.ytimg.com/vi/gS2GhpTPLvQ/sddefault.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.185.214:443
    Request
    GET /vi/gS2GhpTPLvQ/sddefault.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: i.ytimg.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Timing-Allow-Origin: *
    Content-Length: 36415
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 11 May 2024 06:09:03 GMT
    Expires: Sat, 11 May 2024 08:09:03 GMT
    Cache-Control: public, max-age=7200
    ETag: "1376813903"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 668
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    yt3.ggpht.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    yt3.ggpht.com
    IN A
    Response
    yt3.ggpht.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    142.250.185.97
  • flag-de
    GET
    https://yt3.ggpht.com/ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj
    IEXPLORE.EXE
    Remote address:
    142.250.185.97:443
    Request
    GET /ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: yt3.ggpht.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Expires: Sun, 12 May 2024 06:20:10 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="unnamed.jpg"
    X-Content-Type-Options: nosniff
    Date: Sat, 11 May 2024 06:20:10 GMT
    Server: fife
    Content-Length: 1182
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-de
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.186.106:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:12 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.186.106:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 1308
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:13 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    fe0.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fe0.google.com
    IN A
    Response
  • flag-de
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.186.106:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:13 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.186.106:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 1108
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:13 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.186.106:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:13 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-de
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.186.106:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 1139
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 11 May 2024 06:20:13 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • 142.250.185.170:80
    http://fonts.googleapis.com/css?family=Arial
    http
    IEXPLORE.EXE
    523 B
    1.4kB
    6
    4

    HTTP Request

    GET http://fonts.googleapis.com/css?family=Arial

    HTTP Response

    400
  • 142.250.185.170:80
    fonts.googleapis.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 216.58.206.46:80
    http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    http
    IEXPLORE.EXE
    876 B
    1.1kB
    7
    6

    HTTP Request

    GET http://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque

    HTTP Response

    301

    HTTP Request

    GET http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque

    HTTP Response

    301
  • 216.58.206.46:80
    http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    http
    IEXPLORE.EXE
    510 B
    579 B
    5
    4

    HTTP Request

    GET http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque

    HTTP Response

    301
  • 163.70.151.35:80
    http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    http
    IEXPLORE.EXE
    730 B
    1.0kB
    6
    5

    HTTP Request

    GET http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75

    HTTP Response

    301
  • 163.70.151.35:80
    www.facebook.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 163.70.151.35:443
    https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    tls, http
    IEXPLORE.EXE
    1.5kB
    21.0kB
    17
    23

    HTTP Request

    GET https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75

    HTTP Response

    200
  • 216.58.206.46:443
    https://www.youtube.com/api/stats/qoe?cpn=qAvT7VNhYXzCKzR5&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C4110%2C2856%2C2%2C2870%2C3819%2C2007%2C9072%2C13110%2C16042%2C752%2C1445%2C764%2C8205%2C1025%2C1104%2C21%2C1865%2C2322%2C2744%2C102%2C2657%2C55%2C638%2C8%2C41%2C3%2C288%2C2%2C78%2C3625%2C8%2C173%2C659%2C451%2C176%2C5%2C38%2C2539%2C549%2C930%2C492%2C296%2C1360%2C3467%2C8%2C46%2C1023%2C835%2C319%2C1178&cl=631432265&seq=1&event=streamingstats&docid=ywSeSlVcY4w&qclc=ChBxQXZUN1ZOaFlYekNLelI1EAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240507.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000
    tls, http
    IEXPLORE.EXE
    107.4kB
    3.0MB
    1504
    2200

    HTTP Request

    GET https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/www-player.css

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/base.js

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/api/stats/qoe?cpn=fAj8mPGXlhLeQ5bS&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C4110%2C2856%2C2%2C2870%2C3819%2C2007%2C9072%2C13110%2C16041%2C753%2C1445%2C764%2C8205%2C1025%2C1104%2C21%2C1865%2C2322%2C2744%2C102%2C2657%2C55%2C638%2C8%2C41%2C3%2C288%2C2%2C78%2C3625%2C8%2C173%2C659%2C451%2C176%2C5%2C38%2C2539%2C549%2C930%2C492%2C296%2C1360%2C3467%2C8%2C46%2C1023%2C835%2C319%2C1178&cl=631432265&seq=1&event=streamingstats&docid=evMR3wn1LGk&qclc=ChBmQWo4bVBHWGxoTGVRNWJTEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240507.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000

    HTTP Response

    204

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/www-embed-player.vflset/www-embed-player.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/base.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/remote.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/base.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/generate_204?cpZs3A

    HTTP Response

    204

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/remote.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/api/stats/qoe?cpn=qAvT7VNhYXzCKzR5&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C4110%2C2856%2C2%2C2870%2C3819%2C2007%2C9072%2C13110%2C16042%2C752%2C1445%2C764%2C8205%2C1025%2C1104%2C21%2C1865%2C2322%2C2744%2C102%2C2657%2C55%2C638%2C8%2C41%2C3%2C288%2C2%2C78%2C3625%2C8%2C173%2C659%2C451%2C176%2C5%2C38%2C2539%2C549%2C930%2C492%2C296%2C1360%2C3467%2C8%2C46%2C1023%2C835%2C319%2C1178&cl=631432265&seq=1&event=streamingstats&docid=ywSeSlVcY4w&qclc=ChBxQXZUN1ZOaFlYekNLelI1EAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240507.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000

    HTTP Response

    204
  • 216.58.206.46:443
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    tls, http
    IEXPLORE.EXE
    34.4kB
    256.5kB
    129
    219

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/www-embed-player.vflset/www-embed-player.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/player_ias.vflset/en_US/embed.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/www-player.css

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/generate_204?gcoSAw

    HTTP Response

    204

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200
  • 216.58.206.46:443
    www.youtube.com
    tls
    IEXPLORE.EXE
    519 B
    355 B
    6
    5
  • 216.58.206.46:443
    www.youtube.com
    tls
    IEXPLORE.EXE
    519 B
    355 B
    6
    5
  • 163.70.151.21:443
    static.xx.fbcdn.net
    tls
    IEXPLORE.EXE
    2.1kB
    14.3kB
    16
    20
  • 163.70.151.21:443
    https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
    tls, http
    IEXPLORE.EXE
    4.1kB
    132.5kB
    59
    104

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/SHojUHmeyWm.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

    HTTP Response

    200
  • 163.70.151.21:443
    https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    2.1kB
    14.5kB
    16
    20

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/xjg1QNQguf-.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 163.70.151.21:443
    https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/qnn7MVQZYOT.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    1.5kB
    11.7kB
    14
    16

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/qnn7MVQZYOT.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 163.70.151.21:443
    https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/eQ3e44cCeXh.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    1.8kB
    27.8kB
    21
    28

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/eQ3e44cCeXh.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 163.70.151.21:443
    https://static.xx.fbcdn.net/rsrc.php/v3i7244/yb/l/en_GB/OWkNLphO4cA.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    2.7kB
    48.8kB
    29
    45

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/7CmGfGBVS6H.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3i7244/yb/l/en_GB/OWkNLphO4cA.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 163.70.151.21:443
    https://scontent.xx.fbcdn.net/v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=5f2048&_nc_ohc=jVOeTrk1NiQQ7kNvgGWA7F_&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AYAm4EZ3_VLuv9lcDxX1DS63I5ip2fOWIK0BtBWjLamsWw&oe=6644F993
    tls, http
    IEXPLORE.EXE
    1.6kB
    6.4kB
    11
    12

    HTTP Request

    GET https://scontent.xx.fbcdn.net/v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=5f2048&_nc_ohc=jVOeTrk1NiQQ7kNvgGWA7F_&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AYAm4EZ3_VLuv9lcDxX1DS63I5ip2fOWIK0BtBWjLamsWw&oe=6644F993

    HTTP Response

    200
  • 163.70.151.21:443
    scontent.xx.fbcdn.net
    tls
    IEXPLORE.EXE
    712 B
    3.7kB
    9
    9
  • 142.250.185.66:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    3.0kB
    11.0kB
    16
    23

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.185.66:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    2.2kB
    9.0kB
    13
    18

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.185.70:443
    static.doubleclick.net
    tls
    IEXPLORE.EXE
    713 B
    5.0kB
    9
    9
  • 142.250.185.70:443
    https://static.doubleclick.net/instream/ad_status.js
    tls, http
    IEXPLORE.EXE
    1.2kB
    5.8kB
    12
    10

    HTTP Request

    GET https://static.doubleclick.net/instream/ad_status.js

    HTTP Response

    200
  • 142.250.186.106:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    8.0kB
    97.6kB
    65
    84

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 216.58.206.46:80
    http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    http
    IEXPLORE.EXE
    510 B
    579 B
    5
    4

    HTTP Request

    GET http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque

    HTTP Response

    301
  • 216.58.206.46:80
    http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    http
    IEXPLORE.EXE
    510 B
    579 B
    5
    4

    HTTP Request

    GET http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque

    HTTP Response

    301
  • 142.250.185.78:80
    http://www.google-analytics.com/ga.js
    http
    IEXPLORE.EXE
    766 B
    18.2kB
    11
    15

    HTTP Request

    GET http://www.google-analytics.com/ga.js

    HTTP Response

    200
  • 142.250.185.78:80
    www.google-analytics.com
    IEXPLORE.EXE
    98 B
    52 B
    2
    1
  • 216.58.206.46:443
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    tls, http
    IEXPLORE.EXE
    23.8kB
    109.6kB
    84
    97

    HTTP Request

    GET https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/www-player.css

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200
  • 216.58.206.46:443
    https://www.youtube.com/api/stats/qoe?cpn=F8BbED6OlrTxt_7k&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C4110%2C2856%2C2%2C2870%2C3819%2C2007%2C9072%2C13110%2C16042%2C752%2C1445%2C764%2C8205%2C1025%2C1104%2C21%2C1865%2C2322%2C2744%2C102%2C2657%2C55%2C638%2C8%2C41%2C3%2C288%2C2%2C78%2C3625%2C8%2C173%2C659%2C451%2C176%2C5%2C38%2C2539%2C549%2C930%2C492%2C296%2C1360%2C3467%2C8%2C46%2C1023%2C835%2C319%2C1178&cl=631432265&seq=1&event=streamingstats&docid=QMECDnECjJM&qclc=ChBGOEJiRUQ2T2xyVHh0XzdrEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240507.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000
    tls, http
    IEXPLORE.EXE
    9.1kB
    166.8kB
    105
    129

    HTTP Request

    GET https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/17fd9675/www-embed-player.vflset/www-embed-player.js

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/api/stats/qoe?cpn=F8BbED6OlrTxt_7k&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C121055%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C4110%2C2856%2C2%2C2870%2C3819%2C2007%2C9072%2C13110%2C16042%2C752%2C1445%2C764%2C8205%2C1025%2C1104%2C21%2C1865%2C2322%2C2744%2C102%2C2657%2C55%2C638%2C8%2C41%2C3%2C288%2C2%2C78%2C3625%2C8%2C173%2C659%2C451%2C176%2C5%2C38%2C2539%2C549%2C930%2C492%2C296%2C1360%2C3467%2C8%2C46%2C1023%2C835%2C319%2C1178&cl=631432265&seq=1&event=streamingstats&docid=QMECDnECjJM&qclc=ChBGOEJiRUQ2T2xyVHh0XzdrEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240507.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000

    HTTP Response

    204
  • 216.58.206.46:443
    www.youtube.com
    tls
    IEXPLORE.EXE
    427 B
    315 B
    4
    4
  • 216.58.206.46:443
    www.youtube.com
    tls
    IEXPLORE.EXE
    427 B
    315 B
    4
    4
  • 142.250.185.164:443
    https://www.google.com/js/th/--9dH29IQ9CksBulhkJupx8P-yH9Jquge0_97VfE0Pw.js
    tls, http
    IEXPLORE.EXE
    1.5kB
    30.6kB
    17
    26

    HTTP Request

    GET https://www.google.com/js/th/--9dH29IQ9CksBulhkJupx8P-yH9Jquge0_97VfE0Pw.js

    HTTP Response

    200
  • 142.250.185.164:443
    www.google.com
    tls
    IEXPLORE.EXE
    705 B
    4.8kB
    9
    10
  • 142.250.185.214:443
    https://i.ytimg.com/vi/gS2GhpTPLvQ/sddefault.jpg
    tls, http
    IEXPLORE.EXE
    2.8kB
    83.3kB
    37
    64

    HTTP Request

    GET https://i.ytimg.com/vi/ygK7kej0BPA/sddefault.jpg

    HTTP Response

    200

    HTTP Request

    GET https://i.ytimg.com/vi/gS2GhpTPLvQ/sddefault.jpg

    HTTP Response

    200
  • 142.250.185.214:443
    i.ytimg.com
    tls
    IEXPLORE.EXE
    680 B
    5.2kB
    8
    8
  • 142.250.185.97:443
    yt3.ggpht.com
    tls
    IEXPLORE.EXE
    704 B
    9.6kB
    9
    10
  • 142.250.185.97:443
    https://yt3.ggpht.com/ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj
    tls, http
    IEXPLORE.EXE
    1.1kB
    11.4kB
    9
    12

    HTTP Request

    GET https://yt3.ggpht.com/ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj

    HTTP Response

    200
  • 142.250.186.106:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    3.9kB
    46.9kB
    26
    41

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 142.250.186.106:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    3.7kB
    46.9kB
    26
    42

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 142.250.186.106:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    3.7kB
    46.9kB
    26
    42

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
    7.7kB
    9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
    7.7kB
    9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    831 B
    7.7kB
    10
    13
  • 8.8.8.8:53
    konthaiusa.com
    dns
    IEXPLORE.EXE
    60 B
    133 B
    1
    1

    DNS Request

    konthaiusa.com

  • 8.8.8.8:53
    www.konthaiusa.com
    dns
    IEXPLORE.EXE
    64 B
    137 B
    1
    1

    DNS Request

    www.konthaiusa.com

  • 8.8.8.8:53
    www.youtube.com
    dns
    IEXPLORE.EXE
    61 B
    351 B
    1
    1

    DNS Request

    www.youtube.com

    DNS Response

    216.58.206.46
    172.217.23.110
    142.250.185.78
    142.250.185.110
    142.250.185.142
    142.250.185.174
    142.250.185.206
    142.250.185.238
    142.250.184.238
    142.250.181.238
    142.250.186.46
    142.250.186.78
    172.217.16.142
    142.250.186.142
    142.250.74.206
    142.250.184.206

  • 8.8.8.8:53
    www.facebook.com
    dns
    IEXPLORE.EXE
    62 B
    107 B
    1
    1

    DNS Request

    www.facebook.com

    DNS Response

    163.70.151.35

  • 8.8.8.8:53
    static.xx.fbcdn.net
    dns
    IEXPLORE.EXE
    65 B
    104 B
    1
    1

    DNS Request

    static.xx.fbcdn.net

    DNS Response

    163.70.151.21

  • 8.8.8.8:53
    scontent.xx.fbcdn.net
    dns
    IEXPLORE.EXE
    67 B
    83 B
    1
    1

    DNS Request

    scontent.xx.fbcdn.net

    DNS Response

    163.70.151.21

  • 8.8.8.8:53
    googleads.g.doubleclick.net
    dns
    IEXPLORE.EXE
    73 B
    89 B
    1
    1

    DNS Request

    googleads.g.doubleclick.net

    DNS Response

    142.250.185.66

  • 8.8.8.8:53
    static.doubleclick.net
    dns
    IEXPLORE.EXE
    68 B
    84 B
    1
    1

    DNS Request

    static.doubleclick.net

    DNS Response

    142.250.185.70

  • 8.8.8.8:53
    jnn-pa.googleapis.com
    dns
    IEXPLORE.EXE
    67 B
    323 B
    1
    1

    DNS Request

    jnn-pa.googleapis.com

    DNS Response

    142.250.186.106
    172.217.16.202
    142.250.186.170
    216.58.206.74
    216.58.206.42
    172.217.18.106
    172.217.23.106
    216.58.212.138
    142.250.185.74
    142.250.185.106
    142.250.185.138
    142.250.185.170
    142.250.185.202
    142.250.185.234
    142.250.184.234
    142.250.181.234

  • 8.8.8.8:53
    www.google.com
    dns
    IEXPLORE.EXE
    60 B
    76 B
    1
    1

    DNS Request

    www.google.com

    DNS Response

    142.250.185.164

  • 8.8.8.8:53
    i.ytimg.com
    dns
    IEXPLORE.EXE
    57 B
    313 B
    1
    1

    DNS Request

    i.ytimg.com

    DNS Response

    142.250.185.214
    142.250.185.246
    142.250.184.246
    216.58.212.182
    142.250.181.246
    142.250.186.54
    142.250.186.86
    142.250.186.150
    142.250.74.214
    142.250.184.214
    172.217.18.22
    142.250.186.118
    172.217.16.214
    142.250.186.182
    216.58.206.86
    216.58.206.54

  • 8.8.8.8:53
    yt3.ggpht.com
    dns
    IEXPLORE.EXE
    59 B
    120 B
    1
    1

    DNS Request

    yt3.ggpht.com

    DNS Response

    142.250.185.97

  • 8.8.8.8:53
    fe0.google.com
    dns
    IEXPLORE.EXE
    60 B
    110 B
    1
    1

    DNS Request

    fe0.google.com

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6ebcc81ddd8b4708be75629e01780a06

    SHA1

    bb9492b850d6a13984d307848529f16b66368436

    SHA256

    b37da2b89a4556c0e35752f4a1289cde1be1fc5ec9349f2534a903a45951896c

    SHA512

    225aa093980e9b3dddef7f88924347775a922182034213907a855d518142adf5827a1954fd7587269122e1ff26b1c6896809a22210fafeff422238bfb63bf1fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    82f987cc3a752f377379d0d82e99dc04

    SHA1

    64ae557656b648efbf4c99aa467b4eddb0126118

    SHA256

    b9d1dd633af2203ff93725c337cf98c7bef3d5b0881604e5ba5d61342a04bcad

    SHA512

    57d06bf524f017ce1dc9e5881460dd5933350c8c50808541cd072ec2878933ff691e7bd1ead27735c0fc25a95b781f891858fbfe06f0a85dce3d7452011dca8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d605942f1791b8957e49638581d44559

    SHA1

    0412189306af258c0b110711144efef1d8a7c3c2

    SHA256

    b29eb04734a5e67bc795800e3b92f055de51b6e93c7ab342fb7b2078d6b21ac7

    SHA512

    d8de0ee6e8a48de99a5f00c1d9d5d34e1d2d7299fbc4348dc7982a619963c8131416be709c9a9e0d3e1591287926cd1d3b03689774fe1e2b663e0a5e4d4b5935

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b183a3a6d5dbbf6587424f2a47dec6d3

    SHA1

    9b92abe5908e34057a1e686c1890531b43ce59b7

    SHA256

    cbcd1748be1e233b1e3a7e03b277e38d60b7cbcd02ad18cf0e3fb320efdb6c55

    SHA512

    575e477bcbcd62f787bcf35527c3da95577f3b6f3b16b06ef2869dc437391df3a45c81362b96ee0aeda1ae8f18d5fcac799b980f42ee60bd0a0d3a586bf6eda2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0eac3b399899b64451c9185e794b14a4

    SHA1

    3750225551e492950181fd8979ed0d5d9682bd46

    SHA256

    b61fbf13bbcaaaff0f316142db9c458353ec716781a578d6ee01646fe9983ac9

    SHA512

    5dc6e4a72d060cbe30018ba42ee881569de39e958370abb3934c66b27867b9e540e30479fd90373f43e19476e91ee36cb7f09590e34ccba0ef8fd57ec23c7dcd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b1499e8339d9ab02e33d047872341f11

    SHA1

    42e3a088c01eb8c23507adebd13fc16ef9f6ac6e

    SHA256

    049e438e1b977c2616c28f063f0d459dd3d8b1ebb24e4bcea0a459cc6e65cfbb

    SHA512

    40f9cf0205d4fd99f64a1464a8b66670d4487976742e3b50a429c2b3213dc04af753ae7b4a5e5dbeaff9ee180b2915a057fcb6b9d1463000af57e3fa32e24e71

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    47f94bbeeba2a0e97f0bdb79623b98ba

    SHA1

    3c71eaf401e3eb411a46d33a0f89c89ae732b12f

    SHA256

    a068437afd419e3e66c2bd9bd19a028fde29e75076f2dd359d9f42ff10bfbf39

    SHA512

    681a06996e685087002841d72d683c76f5c84c2fcc9980c8b90e560e1108c929e1955b52b20e54a708686b44990bfac56a5f51caef807e160565136eee363be3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8c688b484ec147fd4b3c9ded2b62508f

    SHA1

    ff04bf252bd759dedca85aad22f43da0845d6d6e

    SHA256

    aab8115f64f913ef0883971e95d7a99e214ad4e41140851e416dcebb9c986c9a

    SHA512

    034e0b75c0d18a97a1772aa1a3bdb1ebfd645b678fd187e33576929c3350889febf8b78a64ebd5897d269cbd9aab07934fe5f18767ccb1f7fc84915f93886f56

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7f5501386f33de65671d99aaf24c90f6

    SHA1

    ac92c86bdcfa9085fc96f1f93b8b17a83e5079a2

    SHA256

    748b2bbec3eb66f0d60e93482c895d763ff7a31463d2e98b54c8fd2c3e2e4fdf

    SHA512

    a450d4ebb374db2bd43ee2191fd935d7517b919510e56507590fc17e7f3e1f3c9aa980df62b4f5e7f57a7da524001c3be5419cec2967854d4c190dfa1adaaff1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    522e000c752fdc17b5fbd1ba71df15d5

    SHA1

    dd4e928f8b3e91bb284b1b06d45cd185a7795b99

    SHA256

    c4d8f862c6a094f52df6f284687e2a1a0adc24f8935fd21bce497a1057fb8967

    SHA512

    1a7083815595b869635335ff0bcde43d2df1b635b8e13b782c6e91c46c820da1e3891831dc1fab96d010c3b996749a0418ff686c02453b837883de3b142df018

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    76b3975b7a12eae00bc85c4a5a1085bb

    SHA1

    2aa0d8da418d53395d0b204f08c74ad218260174

    SHA256

    e73904ef8953ecfcc327d754ab78983629ed63747f942dd2ecc932138fd9daf7

    SHA512

    f04e73442bbeb62f13c2c9550af0d196fc5c528d0ad7b1f24eec61008457f9f9c800d50fda73fdf768cafb39e9a5a6188f696953afe1db30a12dd39c9bcc8e6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a3c64169aca0f9d3d1b4e9afda94f73

    SHA1

    e23e578e9aed6d24d7b157c5d6c4aff1967dce74

    SHA256

    da024fcaeb57318f534e5a8852ed4fa446b64639755e9895c2019e2048275dbd

    SHA512

    e6846bc377cff2112e9e23c6014856838a94a69876a93c37a1e3d03d1d5e5cf12e880c7314348d7d6c3f9318c8c6c46de70ef2f2d00716239ef483b51e83c902

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cfd7c94b44ef671315d234f301206142

    SHA1

    b0c94f52d9ecd5e22bc6f81497a157e7134be681

    SHA256

    6ea59645dd05f66c5105d10034d99aaacbe7e70adaec687cfd1af59d38f8f30c

    SHA512

    07824159a139d4f323050ba6b1e3f7f3cbd35865a28d9fc4aae6c50d9b4196184bdfe9661c35315555580e6f21f3530fc9639332fffee7cc5df5b73899f69418

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9449a8ce21291055222f2f9176ab8a36

    SHA1

    6ada70008c3ac4165dd5f4ee553c116a47c8fc00

    SHA256

    fef90edefad74153d21a16ca00caf9c390e177abd73b649cca945a3cae2110aa

    SHA512

    0992f0309a0390ad4a4715373c677991e644815940fd5b04a015ce740f39b6319c790ea77ee954af47c7799cb08eea5cb67d284998505fe03562258d1d5d84ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1a2f5260a8f9fcc941d984a4e7a60f89

    SHA1

    e9555e74359a26f54168e61b4801c5de551d0ec4

    SHA256

    4af39d44e47f11659a3a35f90870d2f062795c0d3f1c34d31ab6ef5b183a0803

    SHA512

    41c367428edabc6b39dce4d952f03c275a762280303dbf6ba70d73cc4b741ce7d7c06024eaabc6e19e2094c5efb55ba1c6d71e477a301ed064ff727cbfcf605f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a36056e2eafb30cfbabac2ddd0c1747d

    SHA1

    65bc32117696fb97d68b4501cc8579610b91e006

    SHA256

    f6c246f21b14d3fe8254f8dcb8f702f71c8fc6432fd7f737516bc9cd113dc130

    SHA512

    16e56357648b94559a5c268d55a56740d3b27b6abf8236b0b8106ada82908cbf718ff5397d910668bb1cfaf043b91f0d35ee712f6476527997722b9012ad47d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8061905580b925542635021cc5d530f2

    SHA1

    ef2c623c719ff964b36782b2415e7b697d639695

    SHA256

    e1e7db1528e7e199e3f3e4c691a3d92bce4381413eb1388844b21bc176bd4da8

    SHA512

    de92839ac79911a7f405311d15bebb1b0cb2bda8c6997c272741f57d37ca08c0c27000dcc8091cb359c353b604db1f03697a42741fe0c1cfb16bd924764949c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a8904155cc74f039cb4a771087be6ecf

    SHA1

    b974f555d605090bc5ee406bbed40d31238c8cb2

    SHA256

    a9ac1b34260e455d71b6c4eb297859f76c43e324cae6eb6b477e8f9c9d710600

    SHA512

    44f8ebf329c67eac4d49c1bab3eea51832fbafe17a0ec612ea9ad43120d3d37c7cb5b7e339a5c2e613fe7179d725382ccc7e0fabc8689eb1c472f47e065a9c77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1515ffeb0afec7cb3d78be72cf5dcf1d

    SHA1

    5af3babc6a9ce5a37313b051da79a9888d4d7574

    SHA256

    19f19f622ab13932def41a7ee0bc3ef6cabe20dc4ac0c11f8b9291003cc7c64a

    SHA512

    d400980d3348ed475050bec5e8806ca044a40edcc5d962011c896c56b7bf88388181d9eba6239191f667df74994f130980d7d37770ee4354f57da55a957f587c

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    afe8814cf54a429ca1e938b1e520e0aa

    SHA1

    07f9582586d31f1784fa889b7f4f65879045ecd8

    SHA256

    516b8651255efd8482efe975784bc3d4775a6b97e8063696e5d62acd9b3cb61a

    SHA512

    58e7d62328d5ef4e065e01d53797ff040af45445aa63e7e33d902c0e93a7bb063985efd447e28168bf984b5cb507d359855eca9648e1c44f1b419e5b2404d4b2

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    ac0ae325541d2971a8f62fe7a0183d4c

    SHA1

    cddcabcc0c03a9d51aa47b470ba459fd333673ea

    SHA256

    12aea8279878d8c5bf4ee33a0098dbc8c31aa1944a4e6aef43dc61b745db7485

    SHA512

    e578ed656df169a7501ac4e7312fa55cf223a226cbd4707b97ff0606a43069b31723fe4cb4540c8b6243866534207c82df64db7e4aafc2ad270e2ebac4536be7

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    7f9f185b7ae9a3a5192b0ca2a6054fd9

    SHA1

    267a000a4eff2f589605a789644ace4d9e90538b

    SHA256

    cceab953550d1fa48ca0540d62e59b968b8edbb6b3986162b463c7c19aa9d986

    SHA512

    180ea24ab20eed31cb56cfa1fb18e8a48357fd916550ef2bed12ea69f58e44505d5a2ac2fa8f628fc12aec326ca4cbea90f2365dcb6c4136367abfa5f62c7370

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    74d9ce1edec133e2233418c939405610

    SHA1

    b2df0a505315b919e3ba83a37e35502d7097dbac

    SHA256

    f376cc2eef3898859fd98623308cc45a6908a9dbea7288712ca9a7b22edb7b8f

    SHA512

    0e56b74ea04007fbf49b06d91baeb1fd81f3b2d455218016cc5588c368eb1316edfc8af73370754b2a849e17bcf001a549e830ea4ba3c47d155f942479d9e825

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    ae8af28dfc6b2087042cfd80d89948e1

    SHA1

    d4c959d09800feb50cf1728ab3cf9cddb81efcf5

    SHA256

    9bb828cfc1c6853dbdc886ca90cab6dd38d6413f7be2c6bd3e0e8dfa25b60c6f

    SHA512

    17ffaf0570078506b53e3c0a3a7a14e20218abf0b086d5957474e7b5ee08387f33175f82ac5cf4138f79b292c81fadab1f428db022bcee8756be7edf5aeeba66

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    229B

    MD5

    b79b66113d9ca82ecec7447150fd0361

    SHA1

    df6df7234f12b7a91ef5b4d73c5ee9afd54e7e59

    SHA256

    303f20dff67cc3a1ee14c5aa6d6f9fc76410c87b1b2f8ceb2dffd34bc72a8d10

    SHA512

    aaa86bdfaa8d4347a19e5483bc738a490009dd7daf8ff7b6bb343bb3fae31a151608e9c79e7680685bb81d98622ea9da2297b66581b32f0960cd50145c45bbe6

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    10bd8d23c6fe6d121ad3ad4e84f9edb7

    SHA1

    25390c4ded7d67c6dcf2a3578cb7d47682fa571f

    SHA256

    4abb72ca767c66de2b5ef4995f74ad61012a3a169a600a00b2964b7f125d9830

    SHA512

    ab9d1648eac2757653bc05e4df9f755c25e5c617aa5afc5ef284136923045a14b71f2cf6b57b72e6ae693d0ff5f38b2ed1c5a23cbc426e48a8c6ce4aac1c8996

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    c607a0b5aef7d11ea6b26be1b20ecf03

    SHA1

    7894dd8d87871bdf83492bd6cb79140fcc90415a

    SHA256

    77df25679ab1ce642616b0dd680ca3c491d05d34fe593ae2bb11da508866ede7

    SHA512

    80b98bf5b1fbbdaafefd92be28fb4db3ad447a41e28bfce73a09f73ead7397a0e069448ab2204bb713216b9ac966f489fee9ad9960a6d1429c53c343f660c0c9

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    2e4b4996c6f80ecdeeccda80db90ccbe

    SHA1

    321dd581de095c84b81396b1c0b4c56d1ca2dcf2

    SHA256

    1d505a906d187150289c152dfffbda1ac0c787d7ba4fdd485308f1bb171d1c6f

    SHA512

    01aa49c849f8a4ddf22977ceac3ee473690fa2bc2611acd72c0ee31c81b2b40b27a4628489420ddf7c48ace173a468f89d92b3a4a57a532a6998d48a9d64ec9c

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    814B

    MD5

    946fcb4fb70e899fb27b4f6f0c8f9bfb

    SHA1

    399dacf7dd8d8006032963fcdae203aca6689eed

    SHA256

    596c542632e3c18bfa61d7755b0f58a0cabcdf8e750bd483915057935b2382e7

    SHA512

    0b78605d2a291b6b622f4b9c7ed59716fe20cd14fc1ca6828ba4b93b4c2c7d6354bd0af8d7d29ae31789b27b9c4a330972b4b9bc1d413d9f3f6ec019c26088e1

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    ace9d6088b52a5d47c23e12d8b92ca64

    SHA1

    2cac5214e0dc735df378c7b96073b3e5b43213ee

    SHA256

    5568147c8fc5d0043841671256efddb5bc1da39c0b4c215f93aa9b994dfe8fe3

    SHA512

    cbcb722b32908e52c7ee8fdb33b34db1c89fe7e1a4252638bc56a9ac21c894ba4f8087c382a562d87a7de76dca28983f37cbabb1d2e6d54c84b6c5fa11e22d4b

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    60cf1af26316f60cdf57d42e3850501e

    SHA1

    6827d93ca19bd015b7ccef06ba3d08910077f066

    SHA256

    019f4449c412366da7163f7842abd1fb8dbcf369be345970fd6fa7c35cead881

    SHA512

    06209ce40d0655307dd8557fa6f45b00298318b36d044992144b2db9d44e3b573b81a9dfdbf60fdce212d3c8dfb83e913fa25e79f7835688cb66a424590b0913

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    15KB

    MD5

    563af805589cf693482df021e41c2830

    SHA1

    bbc93d7473beb4e3e277b782d32d449578fca4c6

    SHA256

    8f88f7cc86919a6e87dd2bb5f214f8002a8b980763c17584bd153171145c5714

    SHA512

    bca01f565c8975ee0cdcc7a5c1431d53c4ebd412d8ddc51e3dd7873e062c997829d98e2363ed7cbc81c6be62f6c1858333cdaf00a3dee565884e22a1b635cbe8

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    578B

    MD5

    ddfd256602074f0bdb32fce847df4e44

    SHA1

    6730112ca394ce34d6d9d8cb8b54c69316836628

    SHA256

    b86a1dc05cabc3323b71f43c74fc85adbd4483203930f00052580bea135e513d

    SHA512

    21fd1aa7ea2473e7eb7329cc21eff64d2b352c220ddb86b549abd0bb681813a04579e16cf5550c7f500568b088727851333aed88b75a6b093f4ccf63ececc057

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    578B

    MD5

    fcf296c0030b9146ea5790ca5a5b560f

    SHA1

    3d6689014e9cc2021c76383e94256405f37d8709

    SHA256

    5df8217f3e6703974e34faddc94d00626cda412baae19846d7e4a698bf3045c6

    SHA512

    f6c9d6574fc205c46b9686abff43822a866af617bc251c437bf4518678fd5ae366f791f9483b2576babdc26574dc6a79a1ab854bb2135a42031eaf4a2f99f137

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    baf37ec2f3464f6dc176696c15be4ea0

    SHA1

    1400dd6fc536da9730effcc45a06e10a8a07ccb3

    SHA256

    5155dac065bf64a77615032ebcce5c21449975dd1026d234d21e0f50a401f969

    SHA512

    bffc0423a2c828b2bd4fc23af61e52c237a3656a45ddc8c262508f6750d36b6657d9c5cfb1306478298c34331df9ab9e727683a13aff4daec099d6bdfc12dae6

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    f926a6ad7e20c8d9c337d12df91a4656

    SHA1

    b28917a7e1e537483556249df66b9d6870de77e5

    SHA256

    f04228adc3eacc45aa20e3c94d04cc663ec1310bd5a8b51bd28a9a0321bffb24

    SHA512

    f9d3c9f4ceb88bb374ed2568a34d053fa9a180f9f16edebc706d758593fac35fd81b3d398237d427c68d84de3b942ea3d8d3de825a199e7638ff7671a8238e7c

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    578B

    MD5

    910a29a8fde6f75ff5a615d53a87a9b2

    SHA1

    88eda0d6402c0673c9aeaeb99db935a4c543d2d5

    SHA256

    10319bf4e6865b89ae0964740993e3c61c3645bafbe2cb0269cd5ef1fc3475c0

    SHA512

    992d1841a9db9242c9c005f5e3e62f4a61c4a2992289f09d172924acf9c0e84c836c33e0f446c7baa3e8165aaae076bd2f30c48ceaea53b1be85c68cb6f87055

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    578B

    MD5

    584b218b5c97ce20cf7b093d8c2a65b7

    SHA1

    f2a026847cab8f754af5ad816dd177d954290ba7

    SHA256

    afc6f8950e5c7d89de64aa3cf1bd47ee337bb8d265c5ff00e6266b2154f72557

    SHA512

    e296ffe892a5cf4281bc5b7344748fd12838f1a4b466e4430c8b3a3fe5cab35739251c04806240547ebc649b0595c96c8684e8c53a5b4666bd1e34493efe3dd2

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    578B

    MD5

    8cd2ac84440ae47913c9e6b2c5e3a95d

    SHA1

    583ed1ed40e161f321b73e24913998cdbd3fd77d

    SHA256

    8756ca3043fa5039a109804941f20539cbae5f6ac19d77a8886624a34d3f4b0a

    SHA512

    8371c6b8a6a531eb93bf4a55c1ff5a0b98480fb6f340ea489ff6dbdcebca65c640b62c9125eac965d87865bf305b33dec3127f47c870b2f4998766d6113e4b9a

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    578B

    MD5

    33bf71c7e21d0dea099618598b982942

    SHA1

    57a74acf7e08af80e56e3a0029e00fbfcc2d4951

    SHA256

    d347f872d2f5805220719030853e4bdfd6024a150f2d9a4ddd5e0e2edfb13ad5

    SHA512

    586b99ba3b2efa5ae40324225af9208c4524de3d9d5cce3c935a292cfb826b5366efac31801a752617de4354c7eac8ad4990a412357c1182d75cde85d73a0009

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    578B

    MD5

    7b631ca202c5b956acc61c6763c31c8e

    SHA1

    07d402edc25a3ba1cf3de2dee455cf8c40a0b00c

    SHA256

    9c571b1da7d5f8cd4cc6d5efaf5fbb5cde1cd42918e956dc025388a816fe7748

    SHA512

    cb97b362b0cfd4a72a0b11937bd47fc0ee170887122a6488a987f04c68d6717ca3f17fa9107488858d7fdee5c54142b4290e4c8af2381a075ea98546f8a87978

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    ebe0197d938727d05235f574356b588c

    SHA1

    2d6d72b23584a0f3e1aecd1494d659528945076e

    SHA256

    2be3084963d8ec3d4751022b8f14ddec0f5162493767c164ec6c7ac82d76a28f

    SHA512

    406acf5b55eca70bd7b260b7044c9e17ec994937449f9d74ade0feb779f131b8975ae63d0c7c3106b7e7d3b406adf669c23e4c7dce092f5dc308ce40dd3b609a

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    f109f6e1cb486ec77a2572bc5257680a

    SHA1

    479f10933a8de71ed1412aef7ce14d04b30d3f2b

    SHA256

    507ff763b3c6e56e0af60c2ee1e0ac014c6a4c3fbf998079089b864d19e71e1c

    SHA512

    8b2c5379d8a989786a80be6760675aa2fd7e16a872e3cde5b70768b821937e0baf86f56c9b7a17875b378244d6c9c82bdfc78b2ad3bbf99945f3c3bad44d5b22

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    4a4256b188f38ea3a587830270a4c4d8

    SHA1

    d7619baa3fb14139cb9ed02b66c962106e287c62

    SHA256

    a61ac05dcf36f19656472453945472a44e34f9e6736ec128e651f80682aa9313

    SHA512

    692dd2ec54aef42df91fc5bef78455150494acbaf2118bd4c0b11769b9e6245122da2fd8e0ab11a9ee88498f3a0c92ca19e1a94262342e22309e4165a5a0a650

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    12KB

    MD5

    6b6616607a8b8a85102143f1dbc51a1f

    SHA1

    521ed4df98160d8d8db9f8decfccae6aa586c7a0

    SHA256

    ac97b62578d097c9d7ef7faf5e15dbdf6a8fd389c9713221db628cf8b8cff711

    SHA512

    685c036c427deae1bcc9c093ad409ed5f8274fe79c30bf6e0e1fb189e1924f3f57f062cccf1500bbe0f1a24e2b9993302afe5256b274a2db2c153671c9ca2b41

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    05dff1c6978b48c75b0ad251c102b90c

    SHA1

    7c845739da5d1f45ad799938b199f94314607050

    SHA256

    0f674b038e22d98e27d21a2e4e190f8548433977dcb0a5893f60e4c93362591a

    SHA512

    ea5bf9b2e95ff6c95af37cb8ac55a375ed60d11c25a33cbf6fbb0870a414922aef932ce7686af75b7ef5e7ee248656618c8bafd51ced9e517b389bb05228f526

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    a24149a5d32a10553113a6fe7a15e181

    SHA1

    a5ae3025717f0f1f0bea0aa04dbd572721adb4f6

    SHA256

    bede133159d64b9c7db092a1421a8f74716149479122199239de7fb2d562c1a3

    SHA512

    d0be0850798b64c79caed813a79a9d71f03663102a1a9a55f2aec74cad6e4b633cb6fa7ab1467cad37c6d64d2767e6ddf912dd941ebe4794f9715a56cb72d2be

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    4KB

    MD5

    c413e6a04261a54b71073dc245333cd9

    SHA1

    9e86a91bda620089cf7b909d69a942d9aa66c54b

    SHA256

    c2194b5aca4f32fdbfc82c6ca5fc9aa70f25a595eaed29d08002e63ce4ecae80

    SHA512

    a4adb428a70b39ee71cd9602569056807d782f83a5fa09bfdb630e171ae7b040ef49060a9639438b9843d6fd314d549dca29c30c16fe23ec7aa7133d94de4a62

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    a5317b5493aca120f4e456e4f522d2e2

    SHA1

    74ae3bde2ef7d3d019605d901625649f8303ce1a

    SHA256

    e19893ce4df9f6b9ae25230230d49e7338d30741336ecc7ed56a278aa9d2eea5

    SHA512

    dcda71509f634aba12b978821b46570a89f7bffbb2b1209a97700b4933d41226b47232082e9fb082ee1b5c71f9a8598f4eea7ec100a09c7fbb00e77c286f7966

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    ec2b9b876648f4bbf6ba56aa78c4b63a

    SHA1

    808e8ca5586f9e005785472b1f6876c4e6f95a12

    SHA256

    376c02008a1d822d9134df879722ae7e8b4e5eb858b4d4f561242c358a718a5a

    SHA512

    e0a37113065c9e7505c0eef0948f1ff6fef89e49ed54ace3f30b744e99c5e4813df1852fd58fea458a1301771dffc3b04bff8a33b68ad4c6a6b27ec68b8c44cc

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    e895488f23b93a4da74eb6c365e97b5a

    SHA1

    1f811c6cdaf2170743bc51e4f1de4bf4dece7b5f

    SHA256

    447932c88ebcf7f22f752cbf7bd5044df9e17e00005d8b06055cd82fd6a44ab4

    SHA512

    58966b9694cc96a35df5628fcd786f6bcf0c90b6bd070df2cb492c8b703028bdd6577fb10c979ad79ea7f8136d6302d117feb6bca4806192e440b70a693a2e99

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    990B

    MD5

    ff14512fd248d05eeed4df807971393f

    SHA1

    2a8f92bfc796bc4d3e4ed44d01ada0367b60657a

    SHA256

    525ca28269d6be233997e337c5d084a281f02921e8edaacea2144583806783fd

    SHA512

    72c6535e45fe6231727dea5df12ec47e646e8b96819ed6f20780b1a59e9e73201d683d166d2ecc5e052864485aa28371fbe675e7902d084469a049b4f263ed3e

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    16KB

    MD5

    9b2f1650b249e68c1cbac08a7bfec424

    SHA1

    80ec796440554923756f103e28554e51cd9ee095

    SHA256

    575606b9b0742c54a751060bd0b41b196d73285b595816ce13e8debf676f92b8

    SHA512

    7e39a2d2a9eb0293a1d8b6bff305c6c1335b5c362e265ba7b53ef82111252eb0680c9d7678cce54e5558b9a49f6ae1044e3d8fffc58e7c8a40ad5a1d420ff529

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\SN9P1720\www.youtube[1].xml

    Filesize

    28KB

    MD5

    133b08c4cedcab618fd233659fae4f06

    SHA1

    427e8986400b07b1769fd5cb23527836a261d760

    SHA256

    2306aac028ed467f14b87e60c078462d642c3c5c6f919a430fb410651656b627

    SHA512

    285bb7afa74459cb003214c311fc64504ba685e5dad1b1cc744869fc0c3a08b44de410bb86a75d5d503b79a8782137549b0ecb47396709788682300a55edf319

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\528EVS6A\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff

    Filesize

    19KB

    MD5

    de8b7431b74642e830af4d4f4b513ec9

    SHA1

    f549f1fe8a0b86ef3fbdcb8d508440aff84c385c

    SHA256

    3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a

    SHA512

    57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\528EVS6A\KFOmCnqEu92Fr1Mu4mxM[1].woff

    Filesize

    19KB

    MD5

    bafb105baeb22d965c70fe52ba6b49d9

    SHA1

    934014cc9bbe5883542be756b3146c05844b254f

    SHA256

    1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed

    SHA512

    85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\528EVS6A\embed[2].js

    Filesize

    61KB

    MD5

    a10bbcb280cd85678f7fa91f5987a1b4

    SHA1

    d03518f518678e57318f383add3c26eb4c891d96

    SHA256

    dcd6057e903309b4cd9d73dbeb9ebb179dd625facd8d04c5578bec9e44f54e0e

    SHA512

    6ea2764ec8b7b63c48890f15de50c936406a60bd4805abe6a90e4522eaa4aa88f3543c9f2aea7472d80608ddaf4e1444e37618533982bfaf5d168b3ea8fbaac5

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KRMHFE1W\--9dH29IQ9CksBulhkJupx8P-yH9Jquge0_97VfE0Pw[1].js

    Filesize

    52KB

    MD5

    5ee99861cceae8e6c26ffbb96ad11a6f

    SHA1

    58e3ef362205d6cf11e60cf2b031695ad07ffc71

    SHA256

    fbef5d1f6f4843d0a4b01ba586426ea71f0ffb21fd26aba07b4ffded57c4d0fc

    SHA512

    f3c140b611a6d5ee08b910257f85814db868804334810e7d93844417694a3fdda4e6a4e9dab083ab254bcb824c186b50499885168c96ae087e62bcc60dd85ac8

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KRMHFE1W\ad_status[1].js

    Filesize

    29B

    MD5

    1fa71744db23d0f8df9cce6719defcb7

    SHA1

    e4be9b7136697942a036f97cf26ebaf703ad2067

    SHA256

    eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

    SHA512

    17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KRMHFE1W\base[1].js

    Filesize

    2.4MB

    MD5

    ed2c629dc5e405799ef93b97876abc45

    SHA1

    0a2588c1368fe48fb433cad8acc58b1214a77495

    SHA256

    1a552e8ddfd36edc537188b01daf4f0388bb040af577451a8d0f3fe11d538e47

    SHA512

    990b7bb30ce84a94f364e4eaf4bded1ce041ceb3906bc253856dfa2b585e40a92e3fd658d87588b63afe35abf0111fbb616d02f28b2002ddd80e8e0e4c64b795

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KRMHFE1W\www-embed-player[1].js

    Filesize

    319KB

    MD5

    aafc3991a4c65c32f11e3e55af0c0acb

    SHA1

    c77a8d5a8933d5f4189581f6b9671ff6ec91a2b4

    SHA256

    cf3a4809b702abf801ac1d61beea76a0307884338c26c1f970e3cb6bfc0870c6

    SHA512

    c81b05da256b4ee16d58c6a19100200d0fdc908d05d62536d1229d7f2c639faa0afa922d034f5e12ce9164160b0358df60278b937233681602cd48cda6aaf7d6

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KRMHFE1W\www-player[1].css

    Filesize

    367KB

    MD5

    69c6c2a25cfac2a8ab7182b8a91325da

    SHA1

    76d6c2b5a85fd1cedf7ab5022084cc982ef6f11c

    SHA256

    e4ea3085c10ebdcee3f4b16dd370f467847e40aba7fcae77d60eed0024155864

    SHA512

    b96edfe3029c7fe69d7cc2520c07a5f229b0915aa286ad5d263f13e80c67fcb8a72220c6b9b1cb9b7a885fd8512ad8a5a3a08cf54a5956a1b4debec02c8374c3

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PH7CXNA3\remote[1].js

    Filesize

    117KB

    MD5

    5d9fee2f792a3411c469f5c831f69c29

    SHA1

    4ef01de4bdd9fbaf204c53a5d03f1b3d042d4716

    SHA256

    8f3915b4b2a22688c994c9428621f46b2f3051a315708e138f33ac3b1131b61b

    SHA512

    b21d015add55ad00a83cebdbf9ae2c60f74cfba4e1824d248238dfde3f0a164cb410db35e08d27eec48361e9a2013b771182266f1f4df6c6265b23fe153677b4

  • C:\Users\Admin\AppData\Local\Temp\CabC969.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarC9CA.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.