hxxps://www[.]youtube[.]com/

Analysis

max time kernel
1799s
max time network
1685s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
24/05/2024, 14:58 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133610378331888229"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2539840389-1261165778-1087677076-1000\{5A0AC55E-C84D-43A0-BEB3-4650B38BA145}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
2376	chrome.exe
2376	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: 33	4836	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4836	AUDIODG.EXE
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 700 wrote to memory of 3028	700	chrome.exe	82
PID 700 wrote to memory of 3028	700	chrome.exe	82
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 3092	700	chrome.exe	84
PID 700 wrote to memory of 3092	700	chrome.exe	84
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe8e00ab58,0x7ffe8e00ab68,0x7ffe8e00ab78
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:2
  2⤵
  PID:1460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2176 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:4472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2844 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:1
  2⤵
  PID:116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2852 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:1
  2⤵
  PID:4964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3904 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:1
  2⤵
  PID:2484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4396 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:1
  2⤵
  PID:748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4632 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4772 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4780 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3408 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:3248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:4272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4196 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:3384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1784 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2376

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4112

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x518 0x31c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4836

Network

DNS

www.youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238

youtube-ui.l.google.com

IN A

142.250.200.14

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

216.58.212.238
GET

https://www.youtube.com/

chrome.exe

Remote address:

172.217.169.78:443

Request

GET / HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-model: ""
sec-ch-ua-bitness: "64"
sec-ch-ua-wow64: ?0
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
x-client-data: CK/cygE=
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.youtube.com/s/desktop/fcc2ca55/jsbin/desktop_polymer.vflset/desktop_polymer.js

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/jsbin/desktop_polymer.vflset/desktop_polymer.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/jsbin/webcomponents-sd.vflset/webcomponents-sd.js

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/jsbin/webcomponents-sd.vflset/webcomponents-sd.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/jsbin/intersection-observer.min.vflset/intersection-observer.min.js

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/jsbin/intersection-observer.min.vflset/intersection-observer.min.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/jsbin/scheduler.vflset/scheduler.js

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/jsbin/scheduler.vflset/scheduler.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/jsbin/www-tampering.vflset/www-tampering.js

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/jsbin/www-tampering.vflset/www-tampering.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/jsbin/spf.vflset/spf.js

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/jsbin/spf.vflset/spf.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/jsbin/network.vflset/network.js

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/jsbin/network.vflset/network.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/cssbin/www-main-desktop-home-page-skeleton.css

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/cssbin/www-main-desktop-home-page-skeleton.css HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/cssbin/www-onepick.css

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/cssbin/www-onepick.css HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.oEqXOPHaGuI.L.B1.O/am=AIAALQ/d=0/br=1/rs=AGKMywHpBTGBxaf9JEJld5xWwW16ZZSD1A

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.oEqXOPHaGuI.L.B1.O/am=AIAALQ/d=0/br=1/rs=AGKMywHpBTGBxaf9JEJld5xWwW16ZZSD1A HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
GET

https://www.youtube.com/s/desktop/fcc2ca55/cssbin/www-main-desktop-watch-page-skeleton.css

chrome.exe

Remote address:

172.217.169.78:443

Request

GET /s/desktop/fcc2ca55/cssbin/www-main-desktop-watch-page-skeleton.css HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
x-client-data: CK/cygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=_ugACyrtiAk
cookie: __Secure-YEC=Cgtrc0hJYjB0ZllLYyiD4sKyBjIKCgJHQhIEGgAgaQ%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgaQ%3D%3D
DNS

i.ytimg.com

chrome.exe

Remote address:

8.8.8.8:53

Request

i.ytimg.com

IN A

Response

i.ytimg.com

IN A

142.250.178.22

i.ytimg.com

IN A

172.217.16.246

i.ytimg.com

IN A

142.250.200.22

i.ytimg.com

IN A

142.250.200.54

i.ytimg.com

IN A

216.58.201.118

i.ytimg.com

IN A

216.58.204.86

i.ytimg.com

IN A

216.58.213.22

i.ytimg.com

IN A

216.58.212.246

i.ytimg.com

IN A

142.250.179.246

i.ytimg.com

IN A

142.250.180.22

i.ytimg.com

IN A

142.250.187.214

i.ytimg.com

IN A

142.250.187.246
GET

https://i.ytimg.com/generate_204

chrome.exe

Remote address:

142.250.178.22:443

Request

GET /generate_204 HTTP/2.0
host: i.ytimg.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CK/cygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

97.17.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.17.167.52.in-addr.arpa

IN PTR

Response
DNS

112.211.222.173.in-addr.arpa

Remote address:

8.8.8.8:53

Request

112.211.222.173.in-addr.arpa

IN PTR

Response

112.211.222.173.in-addr.arpa

IN PTR

a173-222-211-112deploystaticakamaitechnologiescom
DNS

78.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

78.169.217.172.in-addr.arpa

IN PTR

Response

78.169.217.172.in-addr.arpa

IN PTR

lhr48s09-in-f141e100net
DNS

74.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.169.217.172.in-addr.arpa

IN PTR

Response

74.169.217.172.in-addr.arpa

IN PTR

lhr48s09-in-f101e100net
DNS

74.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.204.58.216.in-addr.arpa

IN PTR

Response

74.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f741e100net

74.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f10�H

74.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f10�H
DNS

22.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

22.178.250.142.in-addr.arpa

IN PTR

Response

22.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f221e100net
DNS

accounts.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

74.125.206.84
DNS

99.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

99.201.58.216.in-addr.arpa

IN PTR

Response

99.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f31e100net

99.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f99�G

99.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f3�G
DNS

84.206.125.74.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.206.125.74.in-addr.arpa

IN PTR

Response

84.206.125.74.in-addr.arpa

IN PTR

wk-in-f841e100net
DNS

17.160.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

17.160.190.20.in-addr.arpa

IN PTR

Response
DNS

rr3---sn-q4flrnel.googlevideo.com

chrome.exe

Remote address:

8.8.8.8:53

Request

rr3---sn-q4flrnel.googlevideo.com

IN A

Response

rr3---sn-q4flrnel.googlevideo.com

IN CNAME

rr3.sn-q4flrnel.googlevideo.com

rr3.sn-q4flrnel.googlevideo.com

IN A

209.85.165.232
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

142.250.180.10

content-autofill.googleapis.com

IN A

142.250.187.202

content-autofill.googleapis.com

IN A

142.250.187.234

content-autofill.googleapis.com

IN A

142.250.178.10

content-autofill.googleapis.com

IN A

172.217.16.234

content-autofill.googleapis.com

IN A

142.250.200.10

content-autofill.googleapis.com

IN A

142.250.200.42

content-autofill.googleapis.com

IN A

216.58.201.106

content-autofill.googleapis.com

IN A

216.58.204.74

content-autofill.googleapis.com

IN A

216.58.213.10

content-autofill.googleapis.com

IN A

172.217.169.10

content-autofill.googleapis.com

IN A

216.58.212.202

content-autofill.googleapis.com

IN A

172.217.169.74

content-autofill.googleapis.com

IN A

172.217.169.42

content-autofill.googleapis.com

IN A

142.250.179.234
GET

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

chrome.exe

Remote address:

209.85.165.232:443

Request

GET /videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5 HTTP/1.1
Host: rr3---sn-q4flrnel.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.youtube.com
X-Client-Data: CK/cygE=
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 403 Forbidden

Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 24 May 2024 15:23:49 GMT
Server: gvs 1.0
GET

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

chrome.exe

Remote address:

209.85.165.232:443

Request

GET /videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5 HTTP/1.1
Host: rr3---sn-q4flrnel.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.youtube.com
X-Client-Data: CK/cygE=
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 403 Forbidden

Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 24 May 2024 15:23:49 GMT
Server: gvs 1.0
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAk8yq_jFOmFmxIFDfGjW-M=?alt=proto

chrome.exe

Remote address:

142.250.180.10:443

Request

GET /v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAk8yq_jFOmFmxIFDfGjW-M=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CK/cygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: https://www.youtube.com
vary: origin
vary: referer
vary: x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 24 May 2024 15:23:51 GMT
content-type: text/html
vary: x-origin
content-length: 0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
content-type: text/html
OPTIONS

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

chrome.exe

Remote address:

142.250.180.10:443

Request

OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
host: jnn-pa.googleapis.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type,x-goog-api-key,x-user-agent
origin: https://www.youtube.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: https://www.youtube.com
vary: origin
vary: referer
vary: x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 24 May 2024 15:23:51 GMT
content-type: text/html
access-control-allow-credentials: true
content-length: 0
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
content-type: text/html
content-length: 0
POST

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

chrome.exe

Remote address:

142.250.180.10:443

Request

POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
host: jnn-pa.googleapis.com
content-length: 24
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
x-user-agent: grpc-web-javascript/0.1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
content-type: application/json+protobuf
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
x-goog-api-key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.youtube.com
x-client-data: CK/cygE=
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: https://www.youtube.com
vary: origin
vary: referer
vary: x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 24 May 2024 15:23:51 GMT
content-type: text/html
access-control-allow-credentials: true
content-length: 0
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
content-type: text/html
content-length: 0
DNS

chrome.exe

Remote address:

142.250.180.10:443

Response

HTTP/2.0 200

access-control-allow-origin: https://www.youtube.com
vary: origin
vary: referer
vary: x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 24 May 2024 15:23:51 GMT
content-type: text/html
access-control-allow-credentials: true
content-length: 0
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
content-type: text/html
content-length: 0
DNS

chrome.exe

Remote address:

142.250.180.10:443

Response

HTTP/2.0 200

access-control-allow-origin: https://www.youtube.com
vary: origin
vary: referer
vary: x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 24 May 2024 15:23:51 GMT
content-type: text/html
access-control-allow-credentials: true
content-length: 0
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
content-type: text/html
content-length: 0
DNS

chrome.exe

Remote address:

142.250.180.10:443

Response

HTTP/2.0 200

access-control-allow-origin: https://www.youtube.com
vary: origin
vary: referer
vary: x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 24 May 2024 15:23:51 GMT
content-type: text/html
access-control-allow-credentials: true
content-length: 0
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
content-type: text/html
content-length: 0
DNS

chrome.exe

Remote address:

142.250.180.10:443

Response

HTTP/2.0 200

content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
vary: origin
vary: referer
vary: x-origin
date: Fri, 24 May 2024 15:23:51 GMT
access-control-allow-credentials: true
cache-control: private
content-length: 41718
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
content-type: text/html
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-length: 0
GET

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

chrome.exe

Remote address:

209.85.165.232:443

Request

GET /videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5 HTTP/1.1
Host: rr3---sn-q4flrnel.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.youtube.com
X-Client-Data: CK/cygE=
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 403 Forbidden

Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 24 May 2024 15:23:50 GMT
Server: gvs 1.0
GET

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

chrome.exe

Remote address:

209.85.165.232:443

Request

GET /videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5 HTTP/1.1
Host: rr3---sn-q4flrnel.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.youtube.com
X-Client-Data: CK/cygE=
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 403 Forbidden

Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 24 May 2024 15:23:50 GMT
Server: gvs 1.0
DNS

www.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.196
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

10.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.180.250.142.in-addr.arpa

IN PTR

Response

10.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f101e100net
DNS

232.165.85.209.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.165.85.209.in-addr.arpa

IN PTR

Response

232.165.85.209.in-addr.arpa

IN PTR

dfw28s12-in-f81e100net
DNS

195.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.212.58.216.in-addr.arpa

IN PTR

Response

195.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f31e100net

195.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f3�H

195.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f195�H
DNS

104.219.191.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.219.191.52.in-addr.arpa

IN PTR

Response
DNS

196.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.187.250.142.in-addr.arpa

IN PTR

Response

196.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f41e100net
GET

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

chrome.exe

Remote address:

209.85.165.232:443

Request

GET /videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5 HTTP/1.1
Host: rr3---sn-q4flrnel.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.youtube.com
X-Client-Data: CK/cygE=
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 403 Forbidden

Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 24 May 2024 15:23:51 GMT
Server: gvs 1.0
GET

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

chrome.exe

Remote address:

209.85.165.232:443

Request

GET /videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5 HTTP/1.1
Host: rr3---sn-q4flrnel.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
Accept: */*
Origin: https://www.youtube.com
X-Client-Data: CK/cygE=
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 403 Forbidden

Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 24 May 2024 15:23:51 GMT
Server: gvs 1.0
DNS

jnn-pa.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

jnn-pa.googleapis.com

IN A

Response

jnn-pa.googleapis.com

IN A

142.250.187.234

jnn-pa.googleapis.com

IN A

142.250.178.10

jnn-pa.googleapis.com

IN A

172.217.16.234

jnn-pa.googleapis.com

IN A

142.250.200.10

jnn-pa.googleapis.com

IN A

142.250.200.42

jnn-pa.googleapis.com

IN A

216.58.201.106

jnn-pa.googleapis.com

IN A

216.58.204.74

jnn-pa.googleapis.com

IN A

216.58.212.202

jnn-pa.googleapis.com

IN A

142.250.179.234

jnn-pa.googleapis.com

IN A

142.250.180.10

jnn-pa.googleapis.com

IN A

142.250.187.202
DNS

234.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.187.250.142.in-addr.arpa

IN PTR

Response

234.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f101e100net
DNS

youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

youtube.com

IN A

Response

youtube.com

IN A

142.250.200.46
GET

https://youtube.com/

chrome.exe

Remote address:

142.250.200.46:443

Request

GET / HTTP/2.0
host: youtube.com
pragma: no-cache
cache-control: no-cache
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.youtube.com
x-client-data: CK/cygE=
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

46.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.200.250.142.in-addr.arpa

IN PTR

Response

46.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f141e100net
DNS

183.59.114.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.59.114.20.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

play.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

142.250.179.238
DNS

238.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.179.250.142.in-addr.arpa

IN PTR

Response

238.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f141e100net
DNS

195.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.187.250.142.in-addr.arpa

IN PTR

Response

195.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f31e100net
DNS

240.197.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.197.17.2.in-addr.arpa

IN PTR

Response

240.197.17.2.in-addr.arpa

IN PTR

a2-17-197-240deploystaticakamaitechnologiescom
DNS

beacons.gcp.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

beacons.gcp.gvt2.com

IN A

Response

beacons.gcp.gvt2.com

IN CNAME

beacons-handoff.gcp.gvt2.com

beacons-handoff.gcp.gvt2.com

IN A

192.178.49.195
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

192.178.49.195:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 535
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

192.178.49.195:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 268
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

192.178.49.195:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 611
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

clients2.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

clients2.google.com

IN A

Response

clients2.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

142.250.187.206
DNS

e2c22.gcp.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

e2c22.gcp.gvt2.com

IN A

Response

e2c22.gcp.gvt2.com

IN A

34.95.145.254
POST

https://e2c22.gcp.gvt2.com/nel/

chrome.exe

Remote address:

34.95.145.254:443

Request

POST /nel/ HTTP/2.0
host: e2c22.gcp.gvt2.com
content-length: 268
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Fri, 24 May 2024 15:24:53 GMT
DNS

206.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.187.250.142.in-addr.arpa

IN PTR

Response

206.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f141e100net
DNS

195.49.178.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.49.178.192.in-addr.arpa

IN PTR

Response

195.49.178.192.in-addr.arpa

IN PTR

phx19s06-in-f31e100net
DNS

254.145.95.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

254.145.95.34.in-addr.arpa

IN PTR

Response

254.145.95.34.in-addr.arpa

IN PTR

2541459534bcgoogleusercontentcom
DNS

14.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.227.111.52.in-addr.arpa

IN PTR

Response
DNS

google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

google.com

IN A

Response

google.com

IN A

142.250.178.14
DNS

beacons.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

beacons.gvt2.com

IN A

Response

beacons.gvt2.com

IN A

172.217.169.3
POST

https://google.com/domainreliability/upload

chrome.exe

Remote address:

142.250.178.14:443

Request

POST /domainreliability/upload HTTP/2.0
host: google.com
content-length: 269
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://google.com/domainreliability/upload

chrome.exe

Remote address:

142.250.178.14:443

Request

POST /domainreliability/upload HTTP/2.0
host: google.com
content-length: 325
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

172.217.169.3:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gvt2.com
content-length: 269
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
date: Fri, 24 May 2024 15:25:52 GMT
content-type: text/html
content-type: text/html
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-type: text/html
OPTIONS

https://beacons.gvt2.com/domainreliability/upload-nel

chrome.exe

Remote address:

172.217.169.3:443

Request

OPTIONS /domainreliability/upload-nel HTTP/2.0
host: beacons.gvt2.com
origin: https://beacons.gcp.gvt2.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
date: Fri, 24 May 2024 15:25:52 GMT
content-type: text/html
content-type: text/html
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-type: text/html
POST

https://beacons.gvt2.com/domainreliability/upload-nel

chrome.exe

Remote address:

172.217.169.3:443

Request

POST /domainreliability/upload-nel HTTP/2.0
host: beacons.gvt2.com
content-length: 407
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
date: Fri, 24 May 2024 15:25:52 GMT
content-type: text/html
content-type: text/html
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-type: text/html
DNS

chrome.exe

Remote address:

172.217.169.3:443

Response

HTTP/2.0 200

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
date: Fri, 24 May 2024 15:25:52 GMT
content-type: text/html
content-type: text/html
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-type: text/html
DNS

3.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.169.217.172.in-addr.arpa

IN PTR

Response

3.169.217.172.in-addr.arpa

IN PTR

lhr25s26-in-f31e100net
DNS

14.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.178.250.142.in-addr.arpa

IN PTR

Response

14.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f141e100net
DNS

beacons3.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

beacons3.gvt2.com

IN A

Response

beacons3.gvt2.com

IN A

216.58.213.3
OPTIONS

https://beacons3.gvt2.com/domainreliability/upload-nel

chrome.exe

Remote address:

216.58.213.3:443

Request

OPTIONS /domainreliability/upload-nel HTTP/2.0
host: beacons3.gvt2.com
origin: https://google.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons3.gvt2.com/domainreliability/upload-nel

chrome.exe

Remote address:

216.58.213.3:443

Request

POST /domainreliability/upload-nel HTTP/2.0
host: beacons3.gvt2.com
content-length: 396
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

3.213.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.213.58.216.in-addr.arpa

IN PTR

Response

3.213.58.216.in-addr.arpa

IN PTR

lhr25s25-in-f31e100net

3.213.58.216.in-addr.arpa

IN PTR

ber01s14-in-f3�F
DNS

google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

google.com

IN A

Response

google.com

IN A

142.250.178.14
DNS

8.173.189.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.173.189.20.in-addr.arpa

IN PTR

Response
DNS

www.youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238

youtube-ui.l.google.com

IN A

142.250.200.14

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

216.58.212.238
DNS

play.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

142.250.179.238
DNS

68.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.32.126.40.in-addr.arpa

IN PTR

Response
DNS

48.251.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

48.251.17.2.in-addr.arpa

IN PTR

Response

48.251.17.2.in-addr.arpa

IN PTR

a2-17-251-48deploystaticakamaitechnologiescom
DNS

55.36.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

55.36.223.20.in-addr.arpa

IN PTR

Response
GET

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

Remote address:

23.62.61.129:443

Request

GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
host: www.bing.com
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1107
date: Fri, 24 May 2024 15:47:26 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.7d3d3e17.1716565646.228a4775
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
GET

https://tse1.mm.bing.net/th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 415458
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 33FEDE307C5E4DA8A88B11C2B713502E Ref B: LON04EDGE0716 Ref C: 2024-05-24T15:47:26Z
date: Fri, 24 May 2024 15:47:25 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 638730
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0B215AB38AA548028261DE9C68C42228 Ref B: LON04EDGE0716 Ref C: 2024-05-24T15:47:26Z
date: Fri, 24 May 2024 15:47:25 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 555746
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 434AB0B6E1374BC99335ECEFE5771F8F Ref B: LON04EDGE0716 Ref C: 2024-05-24T15:47:26Z
date: Fri, 24 May 2024 15:47:25 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 430689
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 93C611F4042E40FD9010A82355EB13FA Ref B: LON04EDGE0716 Ref C: 2024-05-24T15:47:26Z
date: Fri, 24 May 2024 15:47:25 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360313429_1X5GXWWD8KTODKAD6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360313429_1X5GXWWD8KTODKAD6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 442324
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 43CCF7C971734A73AC461E11EDB3C7A6 Ref B: LON04EDGE0716 Ref C: 2024-05-24T15:47:26Z
date: Fri, 24 May 2024 15:47:25 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360313430_12K7UVO7ZVIINTRIE&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360313430_12K7UVO7ZVIINTRIE&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 394521
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 217B67474C8E43A8A5FE98C27B1A5563 Ref B: LON04EDGE0716 Ref C: 2024-05-24T15:47:26Z
date: Fri, 24 May 2024 15:47:26 GMT
DNS

129.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

129.61.62.23.in-addr.arpa

IN PTR

Response

129.61.62.23.in-addr.arpa

IN PTR

a23-62-61-129deploystaticakamaitechnologiescom
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
DNS

www.youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238

youtube-ui.l.google.com

IN A

142.250.200.14

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

216.58.212.238

172.217.169.78:443

https://www.youtube.com/s/desktop/fcc2ca55/cssbin/www-main-desktop-watch-page-skeleton.css

tls, http2

chrome.exe

58.4kB
2.1MB
1123
1493

HTTP Request

GET https://www.youtube.com/

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/jsbin/desktop_polymer.vflset/desktop_polymer.js

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/jsbin/webcomponents-sd.vflset/webcomponents-sd.js

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/jsbin/intersection-observer.min.vflset/intersection-observer.min.js

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/jsbin/scheduler.vflset/scheduler.js

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/jsbin/www-tampering.vflset/www-tampering.js

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/jsbin/spf.vflset/spf.js

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/jsbin/network.vflset/network.js

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/cssbin/www-main-desktop-home-page-skeleton.css

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/cssbin/www-onepick.css

HTTP Request

GET https://www.youtube.com/s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.oEqXOPHaGuI.L.B1.O/am=AIAALQ/d=0/br=1/rs=AGKMywHpBTGBxaf9JEJld5xWwW16ZZSD1A

HTTP Request

GET https://www.youtube.com/s/desktop/fcc2ca55/cssbin/www-main-desktop-watch-page-skeleton.css
142.250.178.22:443

https://i.ytimg.com/generate_204

tls, http2

chrome.exe

2.2kB
6.8kB
19
16

HTTP Request

GET https://i.ytimg.com/generate_204
209.85.165.232:443

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

tls, http

chrome.exe

2.8kB
6.4kB
10
10

HTTP Request

GET https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

HTTP Response

403
209.85.165.232:443

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

tls, http

chrome.exe

2.9kB
6.4kB
10
9

HTTP Request

GET https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

HTTP Response

403
142.250.180.10:443

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

tls, http2

chrome.exe

3.9kB
52.5kB
41
62

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAk8yq_jFOmFmxIFDfGjW-M=?alt=proto

HTTP Request

OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

HTTP Request

POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
209.85.165.232:443

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

tls, http

chrome.exe

2.8kB
6.4kB
9
9

HTTP Request

GET https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

HTTP Response

403
209.85.165.232:443

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

tls, http

chrome.exe

2.8kB
6.4kB
9
9

HTTP Request

GET https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

HTTP Response

403
209.85.165.232:443

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

tls, http

chrome.exe

2.8kB
6.4kB
9
10

HTTP Request

GET https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

HTTP Response

403
209.85.165.232:443

https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

tls, http

chrome.exe

2.8kB
6.5kB
9
11

HTTP Request

GET https://rr3---sn-q4flrnel.googlevideo.com/videoplayback?expire=0044259569&ei=lqs-crZjRRqhi6oHuI8-sJ6&ip=57.3.49.95&id=o-AFqAOsPOGsCaF0J2y56miLCTO2WHGiDKX1wAcIffjf08E&itag=18&source=youtube&requiressl=yes&mh=X6&mm=105%2C08602%2C18697&mn=cE4TO%2CX2nYS%2CUhULW&ms=cE4TO%2CX2nYS%2CUhULW&mv=J&mvi=5&pl=06&ctier=L&initcwndbps=3435028&siu=5&spc=LSFsu7J04ZJVOTnHQxT1VBr1x0iUUUUmOGUkglPvufbs&vprv=5&svpuc=5&mime=video%2Fmp4&ns=aifa1LMRKq40PushiNoWywBJ&cnr=06&ratebypass=yes&dur=70288703&lmt=9047964872435714&mt=0044259569&fvip=3&c=WEB&txp=3435028&n=R4-mGQ99pEdPy-yT&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=pb4VvLy6bE-H_9N93eOiWnaXG67kTHq5V-Rm_JV6aqbAQ55e5qOdkFvyjpFR5FHCup_5yKqJE59JLPxqiBGj2TeqVsQfnNkbK1JUo4fKPFq5

HTTP Response

403
142.250.200.46:443

https://youtube.com/

tls, http2

chrome.exe

2.1kB
10.3kB
17
23

HTTP Request

GET https://youtube.com/
142.250.179.238:443

play.google.com

tls, http2

chrome.exe

1.1kB
7.9kB
11
11
142.250.179.238:443

play.google.com

tls, http2

chrome.exe

1.1kB
7.9kB
11
11
192.178.49.195:443

https://beacons.gcp.gvt2.com/domainreliability/upload

tls, http2

chrome.exe

4.2kB
8.1kB
33
35

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload
192.178.49.195:443

beacons.gcp.gvt2.com

tls, http2

chrome.exe

999 B
5.6kB
9
8
74.125.206.84:443

accounts.google.com

tls, http2

chrome.exe

1.0kB
5.8kB
10
9
34.95.145.254:443

https://e2c22.gcp.gvt2.com/nel/

tls, http2

chrome.exe

1.9kB
5.6kB
15
15

HTTP Request

POST https://e2c22.gcp.gvt2.com/nel/

HTTP Response

204
142.250.187.206:443

clients2.google.com

tls, http2

chrome.exe

1.4kB
8.9kB
17
18
52.111.243.29:443

322 B
7
142.250.178.14:443

https://google.com/domainreliability/upload

tls, http2

chrome.exe

3.1kB
10.6kB
30
34

HTTP Request

POST https://google.com/domainreliability/upload

HTTP Request

POST https://google.com/domainreliability/upload
172.217.169.3:443

https://beacons.gvt2.com/domainreliability/upload-nel

tls, http2

chrome.exe

3.4kB
8.2kB
30
31

HTTP Request

POST https://beacons.gvt2.com/domainreliability/upload

HTTP Request

OPTIONS https://beacons.gvt2.com/domainreliability/upload-nel

HTTP Request

POST https://beacons.gvt2.com/domainreliability/upload-nel

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
216.58.213.3:443

https://beacons3.gvt2.com/domainreliability/upload-nel

tls, http2

chrome.exe

2.8kB
7.9kB
25
27

HTTP Request

OPTIONS https://beacons3.gvt2.com/domainreliability/upload-nel

HTTP Request

POST https://beacons3.gvt2.com/domainreliability/upload-nel
23.62.61.129:443

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

tls, http2

1.4kB
6.3kB
16
11

HTTP Request

GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

HTTP Response

200
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
204.79.197.200:443

https://tse1.mm.bing.net/th?id=OADD2.10239360313430_12K7UVO7ZVIINTRIE&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

tls, http2

103.6kB
3.0MB
2173
2168

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360931609_1JAA48IJSET6WWQHH&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360931610_110BPTPDN41GIXK2B&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360313429_1X5GXWWD8KTODKAD6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360313430_12K7UVO7ZVIINTRIE&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Response

200

HTTP Response

200
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14

8.8.8.8:53

www.youtube.com

dns

chrome.exe

61 B
335 B
1
1

DNS Request

www.youtube.com

DNS Response

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238

142.250.200.14

142.250.200.46

216.58.201.110

216.58.204.78

216.58.213.14

172.217.169.14

216.58.212.206

216.58.212.238
8.8.8.8:53

i.ytimg.com

dns

chrome.exe

57 B
249 B
1
1

DNS Request

i.ytimg.com

DNS Response

142.250.178.22

172.217.16.246

142.250.200.22

142.250.200.54

216.58.201.118

216.58.204.86

216.58.213.22

216.58.212.246

142.250.179.246

142.250.180.22

142.250.187.214

142.250.187.246
172.217.169.78:443

www.youtube.com

https

chrome.exe

30.4kB
1.1MB
185
894
8.8.8.8:53

97.17.167.52.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

97.17.167.52.in-addr.arpa
8.8.8.8:53

112.211.222.173.in-addr.arpa

dns

74 B
141 B
1
1

DNS Request

112.211.222.173.in-addr.arpa
8.8.8.8:53

78.169.217.172.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

78.169.217.172.in-addr.arpa
8.8.8.8:53

74.169.217.172.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

74.169.217.172.in-addr.arpa
8.8.8.8:53

74.204.58.216.in-addr.arpa

dns

72 B
171 B
1
1

DNS Request

74.204.58.216.in-addr.arpa
8.8.8.8:53

22.178.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

22.178.250.142.in-addr.arpa
8.8.8.8:53

accounts.google.com

dns

chrome.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

74.125.206.84
74.125.206.84:443

accounts.google.com

https

chrome.exe

4.0kB
12.5kB
20
24
8.8.8.8:53

99.201.58.216.in-addr.arpa

dns

72 B
169 B
1
1

DNS Request

99.201.58.216.in-addr.arpa
8.8.8.8:53

84.206.125.74.in-addr.arpa

dns

72 B
105 B
1
1

DNS Request

84.206.125.74.in-addr.arpa
8.8.8.8:53

17.160.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

17.160.190.20.in-addr.arpa
8.8.8.8:53

rr3---sn-q4flrnel.googlevideo.com

dns

chrome.exe

79 B
125 B
1
1

DNS Request

rr3---sn-q4flrnel.googlevideo.com

DNS Response

209.85.165.232
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
317 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

142.250.180.10

142.250.187.202

142.250.187.234

142.250.178.10

172.217.16.234

142.250.200.10

142.250.200.42

216.58.201.106

216.58.204.74

216.58.213.10

172.217.169.10

216.58.212.202

172.217.169.74

172.217.169.42

142.250.179.234
8.8.8.8:53

www.google.com

dns

chrome.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.187.196
142.250.187.196:443

www.google.com

https

chrome.exe

4.2kB
28.8kB
17
26
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

10.180.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

10.180.250.142.in-addr.arpa
8.8.8.8:53

232.165.85.209.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

232.165.85.209.in-addr.arpa
8.8.8.8:53

195.212.58.216.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

195.212.58.216.in-addr.arpa
8.8.8.8:53

104.219.191.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

104.219.191.52.in-addr.arpa
8.8.8.8:53

196.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.187.250.142.in-addr.arpa
8.8.8.8:53

jnn-pa.googleapis.com

dns

chrome.exe

67 B
243 B
1
1

DNS Request

jnn-pa.googleapis.com

DNS Response

142.250.187.234

142.250.178.10

172.217.16.234

142.250.200.10

142.250.200.42

216.58.201.106

216.58.204.74

216.58.212.202

142.250.179.234

142.250.180.10

142.250.187.202
142.250.187.234:443

jnn-pa.googleapis.com

https

chrome.exe

5.9kB
8.2kB
18
18
8.8.8.8:53

234.187.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

234.187.250.142.in-addr.arpa
224.0.0.251:5353

chrome.exe

204 B
3
8.8.8.8:53

youtube.com

dns

chrome.exe

57 B
73 B
1
1

DNS Request

youtube.com

DNS Response

142.250.200.46
8.8.8.8:53

46.200.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

46.200.250.142.in-addr.arpa
8.8.8.8:53

183.59.114.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

183.59.114.20.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

play.google.com

dns

chrome.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

142.250.179.238
142.250.179.238:443

play.google.com

https

chrome.exe

3.4kB
7.1kB
9
10
142.250.179.238:443

play.google.com

https

chrome.exe

7.3kB
8.7kB
16
21
8.8.8.8:53

238.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

238.179.250.142.in-addr.arpa
8.8.8.8:53

195.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

195.187.250.142.in-addr.arpa
8.8.8.8:53

240.197.17.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

240.197.17.2.in-addr.arpa
172.217.169.78:443

www.youtube.com

https

chrome.exe

7.6kB
3.2kB
12
12
8.8.8.8:53

beacons.gcp.gvt2.com

dns

chrome.exe

66 B
112 B
1
1

DNS Request

beacons.gcp.gvt2.com

DNS Response

192.178.49.195
74.125.206.84:443

accounts.google.com

https

chrome.exe

2.7kB
8.2kB
7
11
8.8.8.8:53

clients2.google.com

dns

chrome.exe

65 B
105 B
1
1

DNS Request

clients2.google.com

DNS Response

142.250.187.206
8.8.8.8:53

e2c22.gcp.gvt2.com

dns

chrome.exe

64 B
80 B
1
1

DNS Request

e2c22.gcp.gvt2.com

DNS Response

34.95.145.254
142.250.187.206:443

clients2.google.com

https

chrome.exe

3.4kB
9.1kB
11
11
8.8.8.8:53

206.187.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

206.187.250.142.in-addr.arpa
8.8.8.8:53

195.49.178.192.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

195.49.178.192.in-addr.arpa
8.8.8.8:53

254.145.95.34.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

254.145.95.34.in-addr.arpa
8.8.8.8:53

14.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

14.227.111.52.in-addr.arpa
8.8.8.8:53

google.com

dns

chrome.exe

56 B
72 B
1
1

DNS Request

google.com

DNS Response

142.250.178.14
8.8.8.8:53

beacons.gvt2.com

dns

chrome.exe

62 B
78 B
1
1

DNS Request

beacons.gvt2.com

DNS Response

172.217.169.3
8.8.8.8:53

3.169.217.172.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

3.169.217.172.in-addr.arpa
8.8.8.8:53

14.178.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

14.178.250.142.in-addr.arpa
172.217.169.3:443

beacons.gvt2.com

https

chrome.exe

3.0kB
6.3kB
7
8
8.8.8.8:53

beacons3.gvt2.com

dns

chrome.exe

63 B
79 B
1
1

DNS Request

beacons3.gvt2.com

DNS Response

216.58.213.3
74.125.206.84:443

accounts.google.com

https

chrome.exe

2.3kB
3.6kB
8
9
192.178.49.195:443

beacons.gcp.gvt2.com

https

chrome.exe

2.9kB
6.3kB
5
7
216.58.213.3:443

beacons3.gvt2.com

https

chrome.exe

2.9kB
6.4kB
6
8
8.8.8.8:53

3.213.58.216.in-addr.arpa

dns

71 B
138 B
1
1

DNS Request

3.213.58.216.in-addr.arpa
172.217.169.78:443

www.youtube.com

https

chrome.exe

5.9kB
3.0kB
11
11
192.178.49.195:443

beacons.gcp.gvt2.com

https

chrome.exe

4.8kB
4.2kB
20
19
172.217.169.3:443

beacons.gvt2.com

https

chrome.exe

3.8kB
3.8kB
11
13
142.250.187.206:443

clients2.google.com

https

chrome.exe

2.1kB
4.5kB
9
10
8.8.8.8:53

google.com

dns

chrome.exe

56 B
72 B
1
1

DNS Request

google.com

DNS Response

142.250.178.14
142.250.178.14:443

google.com

https

chrome.exe

2.9kB
7.2kB
5
8
216.58.213.3:443

beacons3.gvt2.com

https

chrome.exe

4.0kB
3.9kB
13
14
8.8.8.8:53

8.173.189.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

8.173.189.20.in-addr.arpa
172.217.169.3:443

beacons.gvt2.com

https

chrome.exe

2.6kB
3.8kB
11
13
8.8.8.8:53

www.youtube.com

dns

chrome.exe

61 B
335 B
1
1

DNS Request

www.youtube.com

DNS Response

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238

142.250.200.14

142.250.200.46

216.58.201.110

216.58.204.78

216.58.213.14

172.217.169.14

216.58.212.206

216.58.212.238
172.217.169.78:443

www.youtube.com

https

chrome.exe

5.8kB
4.9kB
11
9
8.8.8.8:53

play.google.com

dns

chrome.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

142.250.179.238
142.250.179.238:443

play.google.com

https

chrome.exe

3.2kB
2.7kB
9
8
8.8.8.8:53

68.32.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

68.32.126.40.in-addr.arpa
8.8.8.8:53

48.251.17.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

48.251.17.2.in-addr.arpa
8.8.8.8:53

55.36.223.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

55.36.223.20.in-addr.arpa
8.8.8.8:53

tse1.mm.bing.net

dns

62 B
173 B
1
1

DNS Request

tse1.mm.bing.net

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

129.61.62.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

129.61.62.23.in-addr.arpa
8.8.8.8:53

200.197.79.204.in-addr.arpa

dns

73 B
106 B
1
1

DNS Request

200.197.79.204.in-addr.arpa
8.8.8.8:53

www.youtube.com

dns

chrome.exe

61 B
335 B
1
1

DNS Request

www.youtube.com

DNS Response

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238

142.250.200.14

142.250.200.46

216.58.201.110

216.58.204.78

216.58.213.14

172.217.169.14

216.58.212.206

216.58.212.238
172.217.169.78:443

www.youtube.com

https

chrome.exe

4.7kB
3.1kB
10
10

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
d945022154bd4b1c8b5c9e2dbe5340d6

SHA1
cacf529fce327ca4c6662aca46a949c381f3e800

SHA256
6cc0564fcbf9b34ebb2645d7bf10164cdae32e0f71d78021fe7fc1c7857d0c24

SHA512
f8918922157d6394cfe8a1077a0a6f0bb700ff2cbea10ea83d558a0ce52bdf23d19816f96b87676ebc97a7d0d3575d7519f89afd60eb6c0ff4cee33d6c520088

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
ac9537eee69969d1e0dfc44fb9f9c123

SHA1
b350052f6bc4f50a0d8de9aa07dfcf16ba92e126

SHA256
58f6450be9ebadd13390b317e47174b5366510a9524d3a9ed9e7e4cfb4f513ad

SHA512
0605d207d56017ee8aec6e3e6d251e99d2b72d344d7e5726f1f62dadad379dd53597954bb47a2f18eaeabf0599a25ebbe09dbadc4800fdb677d74c9b859ff471

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
f4edb5fd070aab8c35f58acfc96be11d

SHA1
7d74e8cfd1a5eff5ea36d6635c543dac1af5039b

SHA256
4105d6b8595ff6c0b6de8154ea80474128ae1914d7f78b74dad9b69fd3bb4223

SHA512
b3e15b930411779ec10ad59610a695c9a5785e543668178529d8aec4528a628490a3562352f6f509144d7f4062fcd72f465a504316b6fc9772e051685c62401c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
5d9ed799c2d2865419235475ed28b15e

SHA1
879a9bfb0cc52010cd0131957d51d301665e026f

SHA256
4ec2484dfba85b8f50f2eb4304dccf58ce7964da3e543a69c5ef0afcf6cf1d15

SHA512
2d0b2f68e49b43dec8438fe12197217cde2cdc1d013ddaa2fab7492b401c2a5260e97f5a35cc3314c92852184f8fb515ca03f5f187bf286e85e3ec9e04f9e55f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
33d6850d00b86b652c92cf3e3d6783d0

SHA1
ae7c2e08a8cd62fe82f59faf9be152fbbcf2ab1f

SHA256
29ffc3d86fed87657e392c3c3c872c3238c3c7d778726c9bcc3246bedefac087

SHA512
3fcb9ffaeb8e38b4706c033ac9c144419dc2728c30c1789666ba44e8947a45453ee939d5779f4d6dc6692fef68393e62f23b16605b453419660e5742acf271c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
56579d6707dfecf89098c8f413f42811

SHA1
8fe9226f7420e191f8d3d23d752fd5d48f3ebce7

SHA256
e96a05ba21bfdc9af80abf0e5561928b6c704d60721f47fe2f85187eccbbc2f0

SHA512
05bc6eee0a380673c9327edf1e4e254242fde8a74f3138e386fc51d83a96b274a629c4cc01df309245d5f7bfa5b81d273531c9fa826dcc340e5d599f78398577

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
b1dbb69cb756f2541b9f519c87b14aa2

SHA1
ae5bbff09b468664ff276493698f6cc8ca6ecf1b

SHA256
a422ff84efc7e26c5d60405cade053155b865f6582c64fdc5f18c05198181a73

SHA512
e969ca56d2ebf18ec154aa19f50e876917d13d1c2a173ce8b432052180843d9887a8596779c2e52755d96c2eea57de5f5bb6ab1b4ddb0578a592320351246c69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
2773e9bbc62c225c91dbc06cd1bac7e4

SHA1
3028ed3836d0625768941082400cf411f250addb

SHA256
e3d7d2ff04ba8614c291bf4e98519e1f51b9a85fd2c0c28fb5a10ed4a2e1e5da

SHA512
75044ab8ccfdde6b2f5c82f24e9972fbf7d42e1b04cdf220f9daad73ea41a3a8a08e15068c342394242db7368a47c17af58cdce4b3beb552aaa36f9cc2d52743

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
25692291c104a63e8de3acfd8ee90f5a

SHA1
0a618e0724962e71bce4b93ff0cd6cbb7fccd8c3

SHA256
9d735d4e172fd0479a85f5e93f2d2597d7e0a853ff5316732b26f34cf22a2d54

SHA512
7549f7ce43216456c769ec95d9f821a7da9b30a76f8c659e7d2ad67ab9a288dedcd48b688dc0887d9c2aca2d2a05fd07f49cf6091aa289906aeee498fe6d7d6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c8c7289c3c79fd862664f7486deed115

SHA1
c89853f87208986d9e55729fefa3fb48e040ca01

SHA256
3baa9a61fa816221dd79edab6fbe8fbc32f2a1e29f6b7e986a820d9502fb01de

SHA512
9d499689652ade24294c044601062ddc29c161ce56cd9e19bf376da3c083ca524d01a053c117da435652c52fff850f5503f125bf1a7add185cd71551cc3cac74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ec04881c-a32a-4c27-9e0e-3e6c3cd99d27\index-dir\the-real-index

Filesize
2KB

MD5
9fcc71f7245917784ba4117ac8182b3d

SHA1
7b0050f022f347f7c568aab44294b649245ab4d8

SHA256
1d013599d05e2b3df6db14d68758197b3fdd1a796be65f2555ffe8d2ef8e6aa7

SHA512
adc46c3adcc741eed2c9c9826b573998fe9556afb9fb1ffe584d663d9c966a3c3b1ec19e0555701a5845d4b0ab14d61060fcd0136d19c1cd676ce8da102a8dee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ec04881c-a32a-4c27-9e0e-3e6c3cd99d27\index-dir\the-real-index~RFe579981.TMP

Filesize
48B

MD5
e6f756ba9e44a9af82270f9b1f59c635

SHA1
ac87488827b56d67d04943bc1604d37d12d434fd

SHA256
5c0a27b875214eb13c3c81bbf9a6deded18f7556ccca0c1efc7889695905c2a5

SHA512
ad6bae118259cd236019ccee0f98604082f06fab58cde18456d853fe24081f7e172f753f56614ca87cddb10bc693cf0c502b3ef83436fd416ce00a5270ae3301

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
24648762e1bd5402231756bd090c7b41

SHA1
7ab9a522101397a0928d7d650deae89a39b9fcca

SHA256
c35cc88bdc98c32890e584cf4b156c4fd6a39c63891d5cbd7c17e2c330c55735

SHA512
e563ba0ecf6c22c51d2dede5dba4dcf2d9597e3fe10953b60e2191db9efcebbb6882d84c4beacf699ceb4735f5620705908ad561c10055aed14d2af81d2b285c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
8965ab9c139c3d8a42d32c052ab3e2da

SHA1
0341d4effa63bc9b2a5c55f2c1a1bafb7feeff10

SHA256
c4658bb2b3b28f4eb55caf66ad30c91bc848855061663407ac68d3fcde12ccca

SHA512
11ca99083582badc435544e588221e2562cc009179af2039d9ef34260e5630d0853fa35745a994bbb4366c049c0215f027062a71d2515b3878a3b2f4b884b8b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
3572043439f83cfc21c2872882a4083c

SHA1
5d9e30ebd6bc766d733522987f80a5e61a4119cb

SHA256
d1800a01b7c6503c3d7db23b568d5c5f3ec12205e79ea78560d30853a73a48c8

SHA512
12ac0334238086daf0028668075afa18c7977482ca0894c5c7a096d7424717a9bbb59a3ad98c42b8693719c2cb2687bda422b1d5b3d5bce2ad9526cd58da93e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5743c0.TMP

Filesize
119B

MD5
fbd505190df351f939653fad541e0fb4

SHA1
01ed73cb8cf9a0d7ff54754775847ae30cde8844

SHA256
ca9adc6d6c99b0fb9fec2fa03eec376ca2d5616e5928e566f539f0d0d09cd2e7

SHA512
d92861a5a3a4f0227bb479a3ac7d0a5bf2ac441a18be23b1bd4e10c6b0db62d1cf8f723f3b00fb65bc7bd5a50014a2c9cff3be64985d4946cbd37ad2ff09b33d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
bf0a24a536517e16b3a6fb613aedb313

SHA1
373381ff4fbcbb075e1057f3d8e013eb44368127

SHA256
1ae33220c070d81d9bb64adf3702b8149e4c8a77ca34a313c63e2892723dc208

SHA512
87e41470772ace026331ba3791e77a74375e8420b6be6081b51a6be60c0b2329d15764ed2e7eb796848908c6542ef908db758aec76201bba7e7cf7096f2cd79f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57929b.TMP

Filesize
48B

MD5
192df186585da3bae52ebc9450d90edf

SHA1
cd652081329aceb7c1ccf2ba524cf9efec8b12a9

SHA256
b061bbf1addb0cd2d6257a8743897c1341e081e8f35f75a835cdf99cd4c71292

SHA512
8e8c8a1e4b8a2c312de4a99f95a09bdf8b34177a5977bfef3985f14c5a6c126e7ca00329d2c6708dd5b977000f731f3583c29c79f5927678715ad897cd776d56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\32.png

Filesize
673B

MD5
88dfa96f9642297ff88909ca4e0f7330

SHA1
ed8655bf13e6cc49395da4c760168c4148454b7c

SHA256
5e5eb084cf1a650b2e122f53d36f85b67ce6e39069e399a46a25dbd34f7be286

SHA512
cc2deedfeacf9f26e48cbb26e222a219905888b95634c7d91d6393b84248305ce8940816bdb3bff0f5384b9dad90f4e3905b229e06ce4b1023a1439293b240dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir700_164525786\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir700_698085044\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir700_698085044\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
ee781064a0e02e8d298956a03ab51ce5

SHA1
f8e055e41e7a5a96117d8de2107398519d9124f0

SHA256
ab36c909658a39b794f699995524892f97a503ee7cd967a4436709e1e44c672a

SHA512
8335cf984cd430169bc7f7d5d6976e5335e4f2dd56dcde1947d56f0981c9b19932bd42afa5ac72239a12b69f48a004a29bdf1003e50667528533fe05488724bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
b640fb29031da2cc98a4985e75c59473

SHA1
175b516019f9c4a9e9459e28d1e92b5aebb6680d

SHA256
48983f7c3c678c5f8ccc2114a464c7044cb5d4588c1d75f84493c8169dfe3249

SHA512
ac2bda1017d4e660faf60f50f9fd136ac7184f3cfa7a6d3d52af82d558ec4bffcaee36b221e16daee144ccc1ec1db80337863ef7e1938321f21c6b42fbc155e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
277KB

MD5
f27c5d6635cfcdf13cd2eedc4b6b4885

SHA1
1323ed4c2d54ad5d1251b9c7742223110e597fc8

SHA256
4fd1b97472abbbcf52bed5723d5f003a6c36365a05d6abd249d476410679da6f

SHA512
41b8a9bf6e8d91612e637f9054b7bdc23810d2456edca88b33400586d43904b88d46f2393f4ec1f8e905ce9aeb1b4c16ffc25e060277c37b680f6039f8a97131

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
fde4277df82eb2b303237fe8afb236dd

SHA1
d3f3f818056e434ad86138fc9c5b8d1098493e52

SHA256
5cb9f4b733566259b64abea2b9ffa8c1fad4c76b47e027c04f1ee09de7506750

SHA512
364a441fd011ef6c34f5cfe267338812a02b1df60f0bd3ec3a031c7a4416e1d460d2b464b0ade07ae4e9a3d45e8603efbe0dcbc785221255dd1ee0057eab6ea3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
91KB

MD5
007eba559c52e8986dc54f1ce70e251f

SHA1
aa31741e67cfd58a0d8be66487f08f62008781ae

SHA256
6dca04160aef76ac303a581a50a81e58e223553362f8738c0e1b6fbdfd3d2e22

SHA512
47d1c2e632721175eacd42d86d6725307a7005dd8195d6a9420bbe699569e8d66e8c65718719799242727a733716f8fe98712f992d00ffb4449f2bc1b9b13c16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57d7e1.TMP

Filesize
88KB

MD5
ce2ee76060347310c12b08d39754a36b

SHA1
dc8bba4d19c6ba9b189227a6c062d049b97a9b61

SHA256
a884ac6f8cf710ad2bf0d93584b92d3d82d68d3e6f277245e33d33315c00772d

SHA512
b50378d65999440a5223ec2550b86d0e67c2a4bb142246fbb72c18836c5aee97622f8fcc559a0c886445295da5abb85e392c95eb0cfb9a7616fe86bbcaf104b5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Response