Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 11:42 UTC

General

  • Target

    c8c0867c2641ab4a36fe477fec5eb637_JaffaCakes118.html

  • Size

    175KB

  • MD5

    c8c0867c2641ab4a36fe477fec5eb637

  • SHA1

    ad0c9a7ca706ff2d327a29e39d49e944f696a51b

  • SHA256

    6d2202ac2670cbfbb9cba0b13928e1b1c871d6f21f93331c8fa9b49905f33d3e

  • SHA512

    67d6a1edeb6c1e28065907598047f13d8b8602b9f9bbf045ca6240f5bd8f65ce8efe0d415043acf58fc73ba161aae34cbe84ef78c6822e7ddb7ed09a6d57daca

  • SSDEEP

    1536:SqtO8gd8Wu8pI8Cd8hd8dQgbH//WoS3JGNkF6YfBCJiZP+aeTH+WK/Lf1/hpnVSV:SaCT3J/F7BCJi2B

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c8c0867c2641ab4a36fe477fec5eb637_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3048
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3048 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2768

Network

  • flag-us
    DNS
    www.konthaiusa.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.konthaiusa.com
    IN A
    Response
  • flag-gb
    GET
    http://fonts.googleapis.com/css?family=Arial
    IEXPLORE.EXE
    Remote address:
    216.58.204.74:80
    Request
    GET /css?family=Arial HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fonts.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 400 Bad Request
    Content-Type: text/html; charset=utf-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 29 Aug 2024 11:42:52 GMT
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin-allow-popups
    Content-Encoding: gzip
    Transfer-Encoding: chunked
    Server: ESF
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
  • flag-us
    DNS
    www.youtube.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.youtube.com
    IN A
    Response
    www.youtube.com
    IN CNAME
    youtube-ui.l.google.com
    youtube-ui.l.google.com
    IN A
    142.250.200.14
    youtube-ui.l.google.com
    IN A
    216.58.204.78
    youtube-ui.l.google.com
    IN A
    142.250.187.206
    youtube-ui.l.google.com
    IN A
    216.58.212.206
    youtube-ui.l.google.com
    IN A
    142.250.187.238
    youtube-ui.l.google.com
    IN A
    172.217.16.238
    youtube-ui.l.google.com
    IN A
    142.250.179.238
    youtube-ui.l.google.com
    IN A
    216.58.201.110
    youtube-ui.l.google.com
    IN A
    142.250.200.46
    youtube-ui.l.google.com
    IN A
    172.217.169.14
    youtube-ui.l.google.com
    IN A
    142.250.180.14
    youtube-ui.l.google.com
    IN A
    142.250.178.14
    youtube-ui.l.google.com
    IN A
    216.58.212.238
    youtube-ui.l.google.com
    IN A
    172.217.169.46
    youtube-ui.l.google.com
    IN A
    172.217.169.78
  • flag-us
    DNS
    www.facebook.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.facebook.com
    IN A
    Response
    www.facebook.com
    IN CNAME
    star-mini.c10r.facebook.com
    star-mini.c10r.facebook.com
    IN A
    157.240.221.35
  • flag-us
    DNS
    ocsp.digicert.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.digicert.com
    IN A
    Response
    ocsp.digicert.com
    IN CNAME
    ocsp.edge.digicert.com
    ocsp.edge.digicert.com
    IN CNAME
    fp2e7a.wpc.2be4.phicdn.net
    fp2e7a.wpc.2be4.phicdn.net
    IN CNAME
    fp2e7a.wpc.phicdn.net
    fp2e7a.wpc.phicdn.net
    IN A
    192.229.221.95
  • flag-gb
    GET
    http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:80
    Request
    GET /embed/ygK7kej0BPA?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 29 Aug 2024 11:42:52 GMT
    Location: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-gb
    GET
    http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:80
    Request
    GET /embed/ywSeSlVcY4w?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 29 Aug 2024 11:42:52 GMT
    Location: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-gb
    GET
    http://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:80
    Request
    GET /embed/evMR3wn1LGk?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 29 Aug 2024 11:42:52 GMT
    Location: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-gb
    GET
    http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:80
    Request
    GET /embed/QMECDnECjJM?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 29 Aug 2024 11:42:52 GMT
    Location: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-gb
    GET
    http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:80
    Request
    GET /embed/gS2GhpTPLvQ?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 29 Aug 2024 11:42:52 GMT
    Location: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-gb
    GET
    http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    IEXPLORE.EXE
    Remote address:
    157.240.221.35:80
    Request
    GET /plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.facebook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Location: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Content-Type: text/plain
    Server: proxygen-bolt
    Date: Thu, 29 Aug 2024 11:42:52 GMT
    Connection: keep-alive
    Content-Length: 0
  • flag-gb
    GET
    https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    IEXPLORE.EXE
    Remote address:
    157.240.221.35:443
    Request
    GET /plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.facebook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408525554240480449", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
    report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408525554240480449"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    cross-origin-opener-policy: unsafe-none;report-to="coop_report"
    Pragma: no-cache
    Cache-Control: private, no-cache, no-store, must-revalidate
    Expires: Sat, 01 Jan 2000 00:00:00 GMT
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Strict-Transport-Security: max-age=15552000; preload
    Content-Type: text/html; charset="utf-8"
    X-FB-Debug: rWfPVfHMXYnJZWwMopE/rmfthOEAfYGTQoV7bbxQKXJXwsYtI8ZF0ldNuR4YLIs68QYXbAHZ/HLvg+bnBGEW9w==
    x-fb-server-load: 30
    Date: Thu, 29 Aug 2024 11:42:53 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=48, rtx=1, c=10, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=128, ullat=0
    Alt-Svc: h3=":443"; ma=86400
    Transfer-Encoding: chunked
    Connection: keep-alive
  • flag-gb
    GET
    https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /embed/gS2GhpTPLvQ?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 29 Aug 2024 11:42:53 GMT
    Strict-Transport-Security: max-age=31536000
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Cross-Origin-Resource-Policy: cross-origin
    Content-Security-Policy: require-trusted-types-for 'script'
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=oXo_uiGm18U; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_INFO1_LIVE=WaHvQ5GSGAA; Domain=.youtube.com; Expires=Tue, 25-Feb-2025 11:42:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgTA%3D%3D; Domain=.youtube.com; Expires=Tue, 25-Feb-2025 11:42:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /embed/QMECDnECjJM?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 29 Aug 2024 11:42:53 GMT
    Strict-Transport-Security: max-age=31536000
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    Content-Security-Policy: require-trusted-types-for 'script'
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Cross-Origin-Resource-Policy: cross-origin
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=yKF5iiY0Tug; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_INFO1_LIVE=C1rUDy19fV8; Domain=.youtube.com; Expires=Tue, 25-Feb-2025 11:42:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D; Domain=.youtube.com; Expires=Tue, 25-Feb-2025 11:42:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1724931777857
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtqamJYd0pleFJLTSi9vcG2BjIKCgJHQhIEGgAgOg%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240826.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1724931773228&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12402%2C0%2C62%2C1280%2C%2C1280%2C626%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 7555
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1724931780118
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtXYUh2UTVHU0dBQSi9vcG2BjIKCgJHQhIEGgAgTA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240826.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1724931773205&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12794%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 9215
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:43:01 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /embed/evMR3wn1LGk?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 29 Aug 2024 11:42:53 GMT
    Strict-Transport-Security: max-age=31536000
    Content-Security-Policy: require-trusted-types-for 'script'
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Cross-Origin-Resource-Policy: cross-origin
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=_30PiUqfkiM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_INFO1_LIVE=q3-5-1ZwZd0; Domain=.youtube.com; Expires=Tue, 25-Feb-2025 11:42:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgQw%3D%3D; Domain=.youtube.com; Expires=Tue, 25-Feb-2025 11:42:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://www.youtube.com/s/player/3abab6ef/player_ias.vflset/en_US/base.js
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /s/player/3abab6ef/player_ias.vflset/en_US/base.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Encoding: gzip
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 771625
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 02:43:41 GMT
    Expires: Fri, 29 Aug 2025 02:43:41 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 27 Aug 2024 04:16:51 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 32353
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    POST
    https://www.youtube.com/api/stats/qoe?cpn=B5PxACj8KSTnqaQk&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60172%2C67154%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C8253%2C25209%2C2%2C2870%2C14898%2C29151%2C2197%2C9996%2C1103%2C6953%2C11044%2C502%2C1969%2C7546%2C17801%2C12945%2C812%2C10264%2C2%2C2126%2C1336%2C1870%2C2335%2C1823%2C3186%2C2912%2C4794%2C5%2C7%2C3%2C1020%2C1739%2C328%2C14%2C3826%2C5%2C403%2C648%2C934%2C791%2C11629%2C1170%2C134%2C279%2C5088&cl=667805124&seq=1&event=streamingstats&docid=evMR3wn1LGk&qclc=ChBCNVB4QUNqOEtTVG5xYVFrEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240826.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.002:ER&cmt=0.002:0.000,0.002:0.000&error=0.002:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.002:0&bh=0.002:0.000
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    POST /api/stats/qoe?cpn=B5PxACj8KSTnqaQk&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60172%2C67154%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C8253%2C25209%2C2%2C2870%2C14898%2C29151%2C2197%2C9996%2C1103%2C6953%2C11044%2C502%2C1969%2C7546%2C17801%2C12945%2C812%2C10264%2C2%2C2126%2C1336%2C1870%2C2335%2C1823%2C3186%2C2912%2C4794%2C5%2C7%2C3%2C1020%2C1739%2C328%2C14%2C3826%2C5%2C403%2C648%2C934%2C791%2C11629%2C1170%2C134%2C279%2C5088&cl=667805124&seq=1&event=streamingstats&docid=evMR3wn1LGk&qclc=ChBCNVB4QUNqOEtTVG5xYVFrEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240826.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.002:ER&cmt=0.002:0.000,0.002:0.000&error=0.002:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.002:0&bh=0.002:0.000 HTTP/1.1
    Accept: */*
    X-Goog-Visitor-Id: CgtxMy01LTFad1pkMCi9vcG2BjIKCgJHQhIEGgAgQw%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240826.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1724931773929&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C1524%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C590%2C250&vis=1&wgl=true&ca_type=image
    Content-Type: application/x-www-form-urlencoded
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 226
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Type: text/html; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate
    X-Content-Type-Options: nosniff
    Server: Video Stats Server
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /embed/ygK7kej0BPA?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 29 Aug 2024 11:42:53 GMT
    Strict-Transport-Security: max-age=31536000
    Cross-Origin-Resource-Policy: cross-origin
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Content-Security-Policy-Report-Only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'nonce-gAbvVqSfA20vedMx9hoEhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
    Content-Security-Policy: require-trusted-types-for 'script'
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=WJrzRfp6aYc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_INFO1_LIVE=jjbXwJexRKM; Domain=.youtube.com; Expires=Tue, 25-Feb-2025 11:42:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOg%3D%3D; Domain=.youtube.com; Expires=Tue, 25-Feb-2025 11:42:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1724931777846
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtxMy01LTFad1pkMCi9vcG2BjIKCgJHQhIEGgAgQw%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240826.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1724931773191&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C1532%2C0%2C62%2C1280%2C%2C1280%2C626%2C590%2C250&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 7561
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1724931780135
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtDMXJVRHkxOWZWOCi9vcG2BjIKCgJHQhIEGgAgPQ%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240826.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1724931773249&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12594%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 9014
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:43:01 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1724931781028
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtqamJYd0pleFJLTSi9vcG2BjIKCgJHQhIEGgAgOg%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240826.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1724931774363&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12394%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 2563
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:43:02 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /embed/ywSeSlVcY4w?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 29 Aug 2024 11:42:53 GMT
    Strict-Transport-Security: max-age=31536000
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Cross-Origin-Resource-Policy: cross-origin
    Content-Security-Policy: require-trusted-types-for 'script'
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Content-Security-Policy-Report-Only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'nonce-MtdPo2bAVnHzQA5mqLjQNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=zr68iav4F-0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_INFO1_LIVE=qXVrCcZXZAQ; Domain=.youtube.com; Expires=Tue, 25-Feb-2025 11:42:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPA%3D%3D; Domain=.youtube.com; Expires=Tue, 25-Feb-2025 11:42:53 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://www.youtube.com/s/player/3abab6ef/www-player.css
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /s/player/3abab6ef/www-player.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=zr68iav4F-0; VISITOR_INFO1_LIVE=qXVrCcZXZAQ; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 59801
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 28 Aug 2024 20:51:53 GMT
    Expires: Thu, 28 Aug 2025 20:51:53 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 27 Aug 2024 04:16:51 GMT
    Content-Type: text/css
    Vary: Accept-Encoding, Origin
    Age: 53461
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.youtube.com/s/player/3abab6ef/player_ias.vflset/en_US/embed.js
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /s/player/3abab6ef/player_ias.vflset/en_US/embed.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 23561
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 28 Aug 2024 16:03:38 GMT
    Expires: Thu, 28 Aug 2025 16:03:38 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 27 Aug 2024 04:16:51 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 70759
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.youtube.com/s/player/3abab6ef/player_ias.vflset/en_US/remote.js
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /s/player/3abab6ef/player_ias.vflset/en_US/remote.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 39276
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 09:14:16 GMT
    Expires: Fri, 29 Aug 2025 09:14:16 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 27 Aug 2024 04:16:51 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 8922
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    POST
    https://www.youtube.com/api/stats/qoe?cpn=8_OhLPFJ0qhnveEQ&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C8253%2C25209%2C2%2C17768%2C29151%2C2197%2C8639%2C1357%2C1103%2C6953%2C11044%2C502%2C1969%2C7546%2C17801%2C4164%2C8781%2C5698%2C5378%2C2%2C2126%2C1336%2C1517%2C2687%2C1%2C1823%2C3186%2C2912%2C4794%2C5%2C7%2C2%2C1021%2C1740%2C59%2C268%2C13%2C3804%2C23%2C4%2C404%2C648%2C1120%2C605%2C11629%2C1170%2C133%2C280&cl=667805124&seq=1&event=streamingstats&docid=QMECDnECjJM&qclc=ChA4X09oTFBGSjBxaG52ZUVREAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240826.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    POST /api/stats/qoe?cpn=8_OhLPFJ0qhnveEQ&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C8253%2C25209%2C2%2C17768%2C29151%2C2197%2C8639%2C1357%2C1103%2C6953%2C11044%2C502%2C1969%2C7546%2C17801%2C4164%2C8781%2C5698%2C5378%2C2%2C2126%2C1336%2C1517%2C2687%2C1%2C1823%2C3186%2C2912%2C4794%2C5%2C7%2C2%2C1021%2C1740%2C59%2C268%2C13%2C3804%2C23%2C4%2C404%2C648%2C1120%2C605%2C11629%2C1170%2C133%2C280&cl=667805124&seq=1&event=streamingstats&docid=QMECDnECjJM&qclc=ChA4X09oTFBGSjBxaG52ZUVREAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240826.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000 HTTP/1.1
    Accept: */*
    X-Goog-Visitor-Id: CgtDMXJVRHkxOWZWOCi9vcG2BjIKCgJHQhIEGgAgPQ%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240826.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1724931775894&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12602%2C0%2C62%2C1280%2C%2C1280%2C626%2C280%2C200&vis=1&wgl=true&ca_type=image
    Content-Type: application/x-www-form-urlencoded
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 226
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Type: text/html; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate
    X-Content-Type-Options: nosniff
    Server: Video Stats Server
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    http://www.google-analytics.com/ga.js
    IEXPLORE.EXE
    Remote address:
    216.58.201.110:80
    Request
    GET /ga.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google-analytics.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
    X-Content-Type-Options: nosniff
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 17168
    Date: Thu, 29 Aug 2024 11:41:01 GMT
    Expires: Thu, 29 Aug 2024 13:41:01 GMT
    Cache-Control: public, max-age=7200
    Age: 112
    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 11:25:33 GMT
    Expires: Thu, 29 Aug 2024 12:15:33 GMT
    Cache-Control: public, max-age=3000
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
    Age: 1040
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 11:25:33 GMT
    Expires: Thu, 29 Aug 2024 12:15:33 GMT
    Cache-Control: public, max-age=3000
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
    Age: 1040
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 11:25:33 GMT
    Expires: Thu, 29 Aug 2024 12:15:33 GMT
    Cache-Control: public, max-age=3000
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
    Age: 1040
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 11:25:33 GMT
    Expires: Thu, 29 Aug 2024 12:15:33 GMT
    Cache-Control: public, max-age=3000
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
    Age: 1040
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 11:25:33 GMT
    Expires: Thu, 29 Aug 2024 12:15:33 GMT
    Cache-Control: public, max-age=3000
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
    Age: 1040
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:05:34 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2239
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 10:48:25 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3269
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:16:22 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1594
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHM9QmVn2rE0CqmPuQDOLLc%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHM9QmVn2rE0CqmPuQDOLLc%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:31:04 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 713
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:05:34 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2239
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 10:48:25 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3269
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCAK7VcV80VuQoo1MUTK%2FRa
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCAK7VcV80VuQoo1MUTK%2FRa HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:35:19 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 456
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:11:24 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1892
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:05:34 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2239
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHvQOfnMl3BnEBjGqYCOwmQ%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHvQOfnMl3BnEBjGqYCOwmQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:12:50 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1805
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACECwirpsBitH3EpQ2KzZtJ4U%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACECwirpsBitH3EpQ2KzZtJ4U%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:33:34 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 562
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHM9QmVn2rE0CqmPuQDOLLc%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHM9QmVn2rE0CqmPuQDOLLc%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:31:04 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 713
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:05:34 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2239
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCAK7VcV80VuQoo1MUTK%2FRa
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCAK7VcV80VuQoo1MUTK%2FRa HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:35:19 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 456
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACECwirpsBitH3EpQ2KzZtJ4U%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACECwirpsBitH3EpQ2KzZtJ4U%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:33:34 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 562
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:05:34 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2239
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHvQOfnMl3BnEBjGqYCOwmQ%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHvQOfnMl3BnEBjGqYCOwmQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:12:50 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1805
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 29 Aug 2024 11:11:24 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1892
  • flag-gb
    GET
    https://www.youtube.com/s/player/3abab6ef/www-embed-player.vflset/www-embed-player.js
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /s/player/3abab6ef/www-embed-player.vflset/www-embed-player.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 117635
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 02:52:48 GMT
    Expires: Fri, 29 Aug 2025 02:52:48 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 27 Aug 2024 04:16:51 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 31806
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.youtube.com/s/player/3abab6ef/player_ias.vflset/en_US/embed.js
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /s/player/3abab6ef/player_ias.vflset/en_US/embed.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 23561
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 28 Aug 2024 16:03:38 GMT
    Expires: Thu, 28 Aug 2025 16:03:38 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 27 Aug 2024 04:16:51 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 70758
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.youtube.com/s/player/3abab6ef/player_ias.vflset/en_US/remote.js
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /s/player/3abab6ef/player_ias.vflset/en_US/remote.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 39276
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 09:14:16 GMT
    Expires: Fri, 29 Aug 2025 09:14:16 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 27 Aug 2024 04:16:51 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 8920
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    POST
    https://www.youtube.com/api/stats/qoe?cpn=cjJnu0m_cGZetlta&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C2197%2C9996%2C1103%2C6953%2C11044%2C502%2C1969%2C7546%2C12724%2C5077%2C12945%2C5698%2C4319%2C1059%2C2%2C2126%2C1336%2C4205%2C1823%2C3186%2C2912%2C4795%2C3%2C9%2C1%2C1021%2C1739%2C328%2C13%2C142%2C3686%2C4%2C403%2C648%2C8523%2C4831%2C1171%2C132%2C280%2C3855%2C6076&cl=667805124&seq=1&event=streamingstats&docid=ywSeSlVcY4w&qclc=ChBjakpudTBtX2NHWmV0bHRhEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240826.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    POST /api/stats/qoe?cpn=cjJnu0m_cGZetlta&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C2197%2C9996%2C1103%2C6953%2C11044%2C502%2C1969%2C7546%2C12724%2C5077%2C12945%2C5698%2C4319%2C1059%2C2%2C2126%2C1336%2C4205%2C1823%2C3186%2C2912%2C4795%2C3%2C9%2C1%2C1021%2C1739%2C328%2C13%2C142%2C3686%2C4%2C403%2C648%2C8523%2C4831%2C1171%2C132%2C280%2C3855%2C6076&cl=667805124&seq=1&event=streamingstats&docid=ywSeSlVcY4w&qclc=ChBjakpudTBtX2NHWmV0bHRhEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240826.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000 HTTP/1.1
    Accept: */*
    X-Goog-Visitor-Id: CgtxWFZyQ2NaWFpBUSi9vcG2BjIKCgJHQhIEGgAgPA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240826.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1724931773726&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C13002%2C0%2C62%2C1280%2C%2C1280%2C626%2C280%2C200&vis=1&wgl=true&ca_type=image
    Content-Type: application/x-www-form-urlencoded
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 226
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Type: text/html; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate
    X-Content-Type-Options: nosniff
    Server: Video Stats Server
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.youtube.com/generate_204?aKv0oQ
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /generate_204?aKv0oQ HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Length: 0
    Cross-Origin-Resource-Policy: cross-origin
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.youtube.com/generate_204?HugfCw
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /generate_204?HugfCw HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Length: 0
    Cross-Origin-Resource-Policy: cross-origin
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1724931780098
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtxWFZyQ2NaWFpBUSi9vcG2BjIKCgJHQhIEGgAgPA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240826.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1724931773151&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12994%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 9299
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:43:01 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1724931780996
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtxMy01LTFad1pkMCi9vcG2BjIKCgJHQhIEGgAgQw%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240826.01.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1724931773929&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C1524%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C590%2C250&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 2774
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=WJrzRfp6aYc; VISITOR_INFO1_LIVE=jjbXwJexRKM; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgPQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:43:02 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    static.xx.fbcdn.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    static.xx.fbcdn.net
    IN A
    Response
    static.xx.fbcdn.net
    IN CNAME
    scontent.xx.fbcdn.net
    scontent.xx.fbcdn.net
    IN A
    157.240.221.16
  • flag-us
    DNS
    scontent.xx.fbcdn.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    scontent.xx.fbcdn.net
    IN A
    Response
    scontent.xx.fbcdn.net
    IN A
    157.240.221.16
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/Zi20d5DVxmM.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /rsrc.php/v3/y1/r/Zi20d5DVxmM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Thu, 28 Aug 2025 04:05:03 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    x-ua-compatible: IE=edge
    origin-agent-cluster: ?1
    content-md5: 2HuG+Bpzr7yjdxCt3Tr5Hw==
    X-FB-Debug: AZMTvURfdGqH19SUKLw6cv03Dae6GMlrLUmTWUoE8VobwKCnAgOQo1gjUTb6O3h+fQ8zC79L9xoYL/FAYZTpcA==
    x-fb-server-load: 18
    Date: Thu, 29 Aug 2024 11:42:54 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=50, rtx=0, c=14, mss=1357, tbw=3223, tp=-1, tpl=-1, uplat=2, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 118461
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Dpom1HQzAgH.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /rsrc.php/v3/yf/r/Dpom1HQzAgH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Wed, 27 Aug 2025 22:00:26 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: GqRmoa57XS7r4stkN2brSA==
    X-FB-Debug: AqKR6Db250UhYoPCJZVScy52D/CRmvJihQzOsEu6X/GJ9Pv74VhFmvpillWN6HV5F7yFdZnnB7hgOX57copz1Q==
    x-fb-server-load: 23
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=105, mss=1357, tbw=124272, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 69016
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/MEtExguyptz.css?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /rsrc.php/v3/yx/l/0,cross/MEtExguyptz.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: text/css, */*
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/css; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Wed, 20 Aug 2025 18:08:11 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    x-ua-compatible: IE=edge
    origin-agent-cluster: ?1
    content-md5: TrG038E61eomy8gCWsSSrg==
    X-FB-Debug: oo2wndlacy6nO41sdqX5sO/66lPIfcK8KASRZlaQde4bE/ZElKs4H3jthiJZgzL92dlKTreb1cXv2cNjBgiv/A==
    x-fb-server-load: 30
    Date: Thu, 29 Aug 2024 11:42:54 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=50, rtx=0, c=14, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 6024
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Fri, 22 Aug 2025 08:52:58 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: ivkhXUQG4wQzNqI4NjhapA==
    X-FB-Debug: 9xbDLzSKU31RjCTi/QsUjAB4E0AhCKOJJ34+0965mrwIuu0Nh5nV1i+9+1E7JWWAYAEGmX5LjIoedLSRvvwN6Q==
    x-fb-server-load: 32
    Date: Thu, 29 Aug 2024 11:42:54 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=50, rtx=0, c=21, mss=1357, tbw=11388, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 302
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/o1ndYS2og_B.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /rsrc.php/v3/y1/r/o1ndYS2og_B.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Fri, 22 Aug 2025 19:59:14 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: +XuRV7TCFgdTr4rntoaKNw==
    X-FB-Debug: 2XVBc2hYui0uWIIGapZ/W7VdBwB1Ub3gOJwGhrly/AMTF9zsp8kLwXsHSZIVtCbV2UwN7M44dGiWWCq3Q4ioMA==
    x-fb-server-load: 36
    Date: Thu, 29 Aug 2024 11:42:54 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=14, mss=1357, tbw=3223, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 2348
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Sat, 23 Aug 2025 14:26:47 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: PCil07El4hl7RdWxcVlVHw==
    X-FB-Debug: UFq4fkNt/Kk02lDaDaMnSFFp7J8UlNuQXo2pYLzC1LSWNyyPn1PDDqHof9qSXvSbwFSuFpY290w/I3TgXKZCRQ==
    x-fb-server-load: 35
    Date: Thu, 29 Aug 2024 11:42:54 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=19, mss=1357, tbw=7709, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 333
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3issO4/yA/l/en_GB/pLoSlJD7y1F.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /rsrc.php/v3issO4/yA/l/en_GB/pLoSlJD7y1F.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Fri, 29 Aug 2025 09:58:51 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: BXtkWzgo8lyqF1Lj4XfyGg==
    X-FB-Debug: nkjp8S5fcbjC4GeyA/MkPRn7SJngcZc2Bj/Cht7NzoWxSGlOONicqX3fuw0ry9guSqHTJKGIW4etpAV+xlW++w==
    x-fb-server-load: 12
    Date: Thu, 29 Aug 2024 11:42:54 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=50, rtx=0, c=14, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 28907
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/yU/l/en_GB/Mw5y7Z3v-mj.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /rsrc.php/v3ij9m4/yU/l/en_GB/Mw5y7Z3v-mj.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Fri, 29 Aug 2025 10:03:51 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: mfGbPGQiyo1NK3XzFc9zTw==
    X-FB-Debug: 0igUyyLDPiYVFkZYaA0XVerug0xxQUTDMsxfXDof/PsCOw69hOyd/qe0Tm//HgRU4PYxga872eT7LRM3XYIWGw==
    x-fb-server-load: 23
    Date: Thu, 29 Aug 2024 11:42:54 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=14, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 28905
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/Glud--w-qOK.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /rsrc.php/v3/yV/r/Glud--w-qOK.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Sat, 23 Aug 2025 20:54:16 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: amwV/kzpjA3lcdYoUHwzSg==
    X-FB-Debug: N4Zx5687Wb0/kSV9x9S0UXAs6xzLespjyhntc9dsTKXeNv1fuQz8s0/yKStdSBEdI1kHEzeS4qtqfHN9BGZZRg==
    x-fb-server-load: 17
    Date: Thu, 29 Aug 2024 11:42:54 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=52, rtx=0, c=14, mss=1357, tbw=3223, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 11620
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/POPhtNuypTE.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /rsrc.php/v3/yc/r/POPhtNuypTE.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Wed, 27 Aug 2025 17:07:36 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: nM9afkc803Tnh1KGf/zIwA==
    X-FB-Debug: 7TF+vhD7MgFPwpegXYoVVsO8Oxaj4Evg66odSB4CEA7v+rKU8MgHehxTNC9rlpnHnzQcfsSCx6p+7FiDjcTq7g==
    x-fb-server-load: 47
    Date: Thu, 29 Aug 2024 11:42:54 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=50, rtx=0, c=25, mss=1357, tbw=17006, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 1822
  • flag-gb
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /rsrc.php/v3/yw/r/UXtr_j2Fwe-.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
    Expires: Sun, 17 Aug 2025 04:31:20 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    X-FB-Debug: iqEEVnAvAfcJs0yg7OiT9aRFvThp/Noef1v0ABa7p1cGgm797HC7ImJQD+ORXLuW2OpdXH/W1NNrDEnJYGhz4Q==
    x-fb-server-load: 32
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=76, rtx=0, c=30, mss=1357, tbw=20896, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 573
  • flag-gb
    GET
    https://scontent.xx.fbcdn.net/v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_s50x50&_nc_cat=103&ccb=1-7&_nc_sid=6738e8&_nc_ohc=NMwjXrgSoV4Q7kNvgEVyxB_&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AYAlXr2k0wRggJppl6uUs-Ll39h1xnfMbSQH6ujGWtrknA&oe=66D636D3
    IEXPLORE.EXE
    Remote address:
    157.240.221.16:443
    Request
    GET /v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_s50x50&_nc_cat=103&ccb=1-7&_nc_sid=6738e8&_nc_ohc=NMwjXrgSoV4Q7kNvgEVyxB_&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AYAlXr2k0wRggJppl6uUs-Ll39h1xnfMbSQH6ujGWtrknA&oe=66D636D3 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: scontent.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    x-additional-error-detail:
    Last-Modified: Sat, 10 Sep 2022 01:27:37 GMT
    X-Needle-Checksum: 2883854034
    Content-Type: image/jpeg
    content-digest: adler32=740015753
    cross-origin-resource-policy: cross-origin
    timing-allow-origin: *
    Access-Control-Allow-Origin: *
    Cache-Control: max-age=1209600, no-transform
    Accept-Ranges: bytes
    Date: Thu, 29 Aug 2024 11:42:54 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=51, rtx=0, c=14, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 1967
  • flag-us
    DNS
    googleads.g.doubleclick.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    googleads.g.doubleclick.net
    IN A
    Response
    googleads.g.doubleclick.net
    IN A
    142.250.180.2
  • flag-us
    DNS
    static.doubleclick.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    static.doubleclick.net
    IN A
    Response
    static.doubleclick.net
    IN A
    142.250.178.6
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Thu, 29 Aug 2024 11:42:55 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:42:55 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Thu, 29 Aug 2024 11:42:55 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:42:55 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://static.doubleclick.net/instream/ad_status.js
    IEXPLORE.EXE
    Remote address:
    142.250.178.6:443
    Request
    GET /instream/ad_status.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-doubleclick-media"
    Report-To: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
    Timing-Allow-Origin: *
    Content-Length: 29
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 11:32:34 GMT
    Expires: Thu, 29 Aug 2024 11:47:34 GMT
    Cache-Control: public, max-age=900
    Age: 621
    Last-Modified: Thu, 12 Dec 2013 23:40:16 GMT
    Content-Type: text/javascript
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    jnn-pa.googleapis.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    jnn-pa.googleapis.com
    IN A
    Response
    jnn-pa.googleapis.com
    IN A
    142.250.178.10
    jnn-pa.googleapis.com
    IN A
    142.250.179.234
    jnn-pa.googleapis.com
    IN A
    172.217.169.74
    jnn-pa.googleapis.com
    IN A
    142.250.187.234
    jnn-pa.googleapis.com
    IN A
    216.58.201.106
    jnn-pa.googleapis.com
    IN A
    142.250.200.10
    jnn-pa.googleapis.com
    IN A
    142.250.180.10
    jnn-pa.googleapis.com
    IN A
    216.58.204.74
    jnn-pa.googleapis.com
    IN A
    216.58.212.202
    jnn-pa.googleapis.com
    IN A
    142.250.187.202
    jnn-pa.googleapis.com
    IN A
    172.217.16.234
    jnn-pa.googleapis.com
    IN A
    172.217.169.10
    jnn-pa.googleapis.com
    IN A
    216.58.213.10
    jnn-pa.googleapis.com
    IN A
    216.58.212.234
    jnn-pa.googleapis.com
    IN A
    142.250.200.42
    jnn-pa.googleapis.com
    IN A
    172.217.169.42
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.178.10:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.178.10:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 1192
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:43:00 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.178.10:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.178.10:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 1192
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:43:00 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    www.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.google.com
    IN A
    Response
    www.google.com
    IN A
    142.250.179.228
  • flag-us
    DNS
    i.ytimg.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    i.ytimg.com
    IN A
    Response
    i.ytimg.com
    IN A
    216.58.213.22
    i.ytimg.com
    IN A
    142.250.178.22
    i.ytimg.com
    IN A
    142.250.187.214
    i.ytimg.com
    IN A
    142.250.179.246
    i.ytimg.com
    IN A
    142.250.200.54
    i.ytimg.com
    IN A
    216.58.201.118
    i.ytimg.com
    IN A
    216.58.212.214
    i.ytimg.com
    IN A
    172.217.169.86
    i.ytimg.com
    IN A
    172.217.16.246
    i.ytimg.com
    IN A
    142.250.180.22
    i.ytimg.com
    IN A
    142.250.200.22
    i.ytimg.com
    IN A
    216.58.212.246
    i.ytimg.com
    IN A
    216.58.204.86
    i.ytimg.com
    IN A
    172.217.169.22
    i.ytimg.com
    IN A
    172.217.169.54
    i.ytimg.com
    IN A
    142.250.187.246
  • flag-gb
    GET
    https://www.google.com/js/th/4-NlEi-7NY8SQPLCpX1INlyCg7Vzxjxgly2SzKIOrZg.js
    IEXPLORE.EXE
    Remote address:
    142.250.179.228:443
    Request
    GET /js/th/4-NlEi-7NY8SQPLCpX1INlyCg7Vzxjxgly2SzKIOrZg.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
    Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
    Content-Length: 24787
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 28 Aug 2024 10:00:59 GMT
    Expires: Thu, 28 Aug 2025 10:00:59 GMT
    Cache-Control: public, max-age=31536000
    Age: 92518
    Last-Modified: Tue, 13 Aug 2024 10:30:00 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://i.ytimg.com/vi/ygK7kej0BPA/sddefault.jpg
    IEXPLORE.EXE
    Remote address:
    216.58.213.22:443
    Request
    GET /vi/ygK7kej0BPA/sddefault.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: i.ytimg.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Timing-Allow-Origin: *
    Content-Length: 35419
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 10:14:59 GMT
    Expires: Thu, 29 Aug 2024 12:14:59 GMT
    Cache-Control: public, max-age=7200
    Age: 5278
    ETag: "0"
    Content-Type: image/jpeg
    Vary: Origin
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://i.ytimg.com/vi/gS2GhpTPLvQ/sddefault.jpg
    IEXPLORE.EXE
    Remote address:
    216.58.213.22:443
    Request
    GET /vi/gS2GhpTPLvQ/sddefault.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: i.ytimg.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Timing-Allow-Origin: *
    Content-Length: 36415
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 11:42:54 GMT
    Expires: Thu, 29 Aug 2024 13:42:54 GMT
    Cache-Control: public, max-age=7200
    Age: 4
    ETag: "1376813903"
    Content-Type: image/jpeg
    Vary: Origin
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    yt3.ggpht.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    yt3.ggpht.com
    IN A
    Response
    yt3.ggpht.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    142.250.180.1
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Thu, 29 Aug 2024 11:42:57 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Thu, 29 Aug 2024 11:42:57 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:42:57 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://yt3.ggpht.com/ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:443
    Request
    GET /ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: yt3.ggpht.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="unnamed.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 1182
    X-XSS-Protection: 0
    Date: Thu, 29 Aug 2024 11:42:37 GMT
    Expires: Fri, 30 Aug 2024 11:42:37 GMT
    Cache-Control: public, max-age=86400, no-transform
    Age: 20
    ETag: "v0"
    Content-Type: image/jpeg
    Vary: Origin
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Thu, 29 Aug 2024 11:42:57 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:42:57 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:42:57 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.178.10:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.178.10:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 939
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:43:00 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.178.10:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.178.10:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 1068
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:43:00 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.178.10:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:42:59 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.178.10:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 1215
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 29 Aug 2024 11:43:00 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    crl.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    crl.microsoft.com
    IN A
    Response
    crl.microsoft.com
    IN CNAME
    crl.www.ms.akadns.net
    crl.www.ms.akadns.net
    IN CNAME
    a1363.dscg.akamai.net
    a1363.dscg.akamai.net
    IN A
    2.19.252.143
    a1363.dscg.akamai.net
    IN A
    2.19.252.157
  • flag-gb
    GET
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    Remote address:
    2.19.252.143:80
    Request
    GET /pki/crl/products/MicRooCerAut2011_2011_03_22.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Wed, 01 May 2024 09:28:59 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: crl.microsoft.com
    Response
    HTTP/1.1 200 OK
    Content-Length: 1036
    Content-Type: application/octet-stream
    Content-MD5: 5xIscz+eN7ugykyYXOEdbQ==
    Last-Modified: Thu, 11 Jul 2024 01:45:51 GMT
    ETag: 0x8DCA14B323B2CC0
    Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
    x-ms-request-id: 08d1499d-801e-001b-7338-d369e9000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Date: Thu, 29 Aug 2024 11:43:24 GMT
    Connection: keep-alive
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Thu, 29 Aug 2024 11:44:59 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Thu, 29 Aug 2024 11:45:00 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Thu, 29 Aug 2024 11:45:00 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:45:00 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:45:00 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:45:00 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:45:00 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Thu, 29 Aug 2024 11:44:59 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Thu, 29 Aug 2024 11:45:00 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.180.2:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 29 Aug 2024 11:45:00 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • 216.58.204.74:80
    http://fonts.googleapis.com/css?family=Arial
    http
    IEXPLORE.EXE
    523 B
    1.4kB
    6
    4

    HTTP Request

    GET http://fonts.googleapis.com/css?family=Arial

    HTTP Response

    400
  • 216.58.204.74:80
    fonts.googleapis.com
    IEXPLORE.EXE
    190 B
    132 B
    4
    3
  • 142.250.200.14:80
    http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    http
    IEXPLORE.EXE
    556 B
    579 B
    6
    4

    HTTP Request

    GET http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque

    HTTP Response

    301
  • 142.250.200.14:80
    http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    http
    IEXPLORE.EXE
    510 B
    579 B
    5
    4

    HTTP Request

    GET http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque

    HTTP Response

    301
  • 142.250.200.14:80
    http://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    http
    IEXPLORE.EXE
    510 B
    579 B
    5
    4

    HTTP Request

    GET http://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque

    HTTP Response

    301
  • 142.250.200.14:80
    http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    http
    IEXPLORE.EXE
    510 B
    579 B
    5
    4

    HTTP Request

    GET http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque

    HTTP Response

    301
  • 142.250.200.14:80
    http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    http
    IEXPLORE.EXE
    510 B
    579 B
    5
    4

    HTTP Request

    GET http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque

    HTTP Response

    301
  • 157.240.221.35:80
    www.facebook.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 157.240.221.35:80
    http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    http
    IEXPLORE.EXE
    776 B
    1.0kB
    7
    5

    HTTP Request

    GET http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75

    HTTP Response

    301
  • 157.240.221.35:443
    https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    tls, http
    IEXPLORE.EXE
    1.6kB
    22.5kB
    18
    24

    HTTP Request

    GET https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75

    HTTP Response

    200
  • 142.250.200.14:443
    https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    tls, http
    IEXPLORE.EXE
    1.9kB
    52.7kB
    29
    45

    HTTP Request

    GET https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque

    HTTP Response

    200
  • 142.250.200.14:443
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    tls, http
    IEXPLORE.EXE
    21.4kB
    52.8kB
    44
    62

    HTTP Request

    GET https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200
  • 142.250.200.14:443
    https://www.youtube.com/api/stats/qoe?cpn=B5PxACj8KSTnqaQk&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60172%2C67154%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C8253%2C25209%2C2%2C2870%2C14898%2C29151%2C2197%2C9996%2C1103%2C6953%2C11044%2C502%2C1969%2C7546%2C17801%2C12945%2C812%2C10264%2C2%2C2126%2C1336%2C1870%2C2335%2C1823%2C3186%2C2912%2C4794%2C5%2C7%2C3%2C1020%2C1739%2C328%2C14%2C3826%2C5%2C403%2C648%2C934%2C791%2C11629%2C1170%2C134%2C279%2C5088&cl=667805124&seq=1&event=streamingstats&docid=evMR3wn1LGk&qclc=ChBCNVB4QUNqOEtTVG5xYVFrEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240826.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.002:ER&cmt=0.002:0.000,0.002:0.000&error=0.002:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.002:0&bh=0.002:0.000
    tls, http
    IEXPLORE.EXE
    18.3kB
    865.3kB
    332
    636

    HTTP Request

    GET https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/3abab6ef/player_ias.vflset/en_US/base.js

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/api/stats/qoe?cpn=B5PxACj8KSTnqaQk&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60172%2C67154%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C8253%2C25209%2C2%2C2870%2C14898%2C29151%2C2197%2C9996%2C1103%2C6953%2C11044%2C502%2C1969%2C7546%2C17801%2C12945%2C812%2C10264%2C2%2C2126%2C1336%2C1870%2C2335%2C1823%2C3186%2C2912%2C4794%2C5%2C7%2C3%2C1020%2C1739%2C328%2C14%2C3826%2C5%2C403%2C648%2C934%2C791%2C11629%2C1170%2C134%2C279%2C5088&cl=667805124&seq=1&event=streamingstats&docid=evMR3wn1LGk&qclc=ChBCNVB4QUNqOEtTVG5xYVFrEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240826.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.002:ER&cmt=0.002:0.000,0.002:0.000&error=0.002:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.002:0&bh=0.002:0.000

    HTTP Response

    204
  • 142.250.200.14:443
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    tls, http
    IEXPLORE.EXE
    24.9kB
    56.0kB
    48
    67

    HTTP Request

    GET https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200
  • 142.250.200.14:443
    https://www.youtube.com/api/stats/qoe?cpn=8_OhLPFJ0qhnveEQ&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C8253%2C25209%2C2%2C17768%2C29151%2C2197%2C8639%2C1357%2C1103%2C6953%2C11044%2C502%2C1969%2C7546%2C17801%2C4164%2C8781%2C5698%2C5378%2C2%2C2126%2C1336%2C1517%2C2687%2C1%2C1823%2C3186%2C2912%2C4794%2C5%2C7%2C2%2C1021%2C1740%2C59%2C268%2C13%2C3804%2C23%2C4%2C404%2C648%2C1120%2C605%2C11629%2C1170%2C133%2C280&cl=667805124&seq=1&event=streamingstats&docid=QMECDnECjJM&qclc=ChA4X09oTFBGSjBxaG52ZUVREAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240826.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000
    tls, http
    IEXPLORE.EXE
    7.8kB
    184.2kB
    83
    144

    HTTP Request

    GET https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/3abab6ef/www-player.css

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/3abab6ef/player_ias.vflset/en_US/embed.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/3abab6ef/player_ias.vflset/en_US/remote.js

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/api/stats/qoe?cpn=8_OhLPFJ0qhnveEQ&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C8253%2C25209%2C2%2C17768%2C29151%2C2197%2C8639%2C1357%2C1103%2C6953%2C11044%2C502%2C1969%2C7546%2C17801%2C4164%2C8781%2C5698%2C5378%2C2%2C2126%2C1336%2C1517%2C2687%2C1%2C1823%2C3186%2C2912%2C4794%2C5%2C7%2C2%2C1021%2C1740%2C59%2C268%2C13%2C3804%2C23%2C4%2C404%2C648%2C1120%2C605%2C11629%2C1170%2C133%2C280&cl=667805124&seq=1&event=streamingstats&docid=QMECDnECjJM&qclc=ChA4X09oTFBGSjBxaG52ZUVREAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240826.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000

    HTTP Response

    204
  • 216.58.201.110:80
    http://www.google-analytics.com/ga.js
    http
    IEXPLORE.EXE
    858 B
    18.3kB
    13
    16

    HTTP Request

    GET http://www.google-analytics.com/ga.js

    HTTP Response

    200
  • 216.58.201.110:80
    www.google-analytics.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHM9QmVn2rE0CqmPuQDOLLc%3D
    http
    IEXPLORE.EXE
    1.6kB
    6.1kB
    14
    10

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHM9QmVn2rE0CqmPuQDOLLc%3D

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D
    http
    IEXPLORE.EXE
    1.5kB
    4.6kB
    12
    8

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCAK7VcV80VuQoo1MUTK%2FRa

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHM9QmVn2rE0CqmPuQDOLLc%3D
    http
    IEXPLORE.EXE
    1.5kB
    4.6kB
    13
    9

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHvQOfnMl3BnEBjGqYCOwmQ%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACECwirpsBitH3EpQ2KzZtJ4U%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHM9QmVn2rE0CqmPuQDOLLc%3D

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACECwirpsBitH3EpQ2KzZtJ4U%3D
    http
    IEXPLORE.EXE
    1.2kB
    3.9kB
    11
    7

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCAK7VcV80VuQoo1MUTK%2FRa

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACECwirpsBitH3EpQ2KzZtJ4U%3D

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D
    http
    IEXPLORE.EXE
    1.2kB
    4.6kB
    10
    8

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHvQOfnMl3BnEBjGqYCOwmQ%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGSmfK2o2tshCmPh6FdfeUg%3D

    HTTP Response

    200
  • 142.250.200.14:443
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    tls, http
    IEXPLORE.EXE
    23.3kB
    195.7kB
    102
    166

    HTTP Request

    GET https://www.youtube.com/s/player/3abab6ef/www-embed-player.vflset/www-embed-player.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/3abab6ef/player_ias.vflset/en_US/embed.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/3abab6ef/player_ias.vflset/en_US/remote.js

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/api/stats/qoe?cpn=cjJnu0m_cGZetlta&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C2197%2C9996%2C1103%2C6953%2C11044%2C502%2C1969%2C7546%2C12724%2C5077%2C12945%2C5698%2C4319%2C1059%2C2%2C2126%2C1336%2C4205%2C1823%2C3186%2C2912%2C4795%2C3%2C9%2C1%2C1021%2C1739%2C328%2C13%2C142%2C3686%2C4%2C403%2C648%2C8523%2C4831%2C1171%2C132%2C280%2C3855%2C6076&cl=667805124&seq=1&event=streamingstats&docid=ywSeSlVcY4w&qclc=ChBjakpudTBtX2NHWmV0bHRhEAE&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240826.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000

    HTTP Response

    204

    HTTP Request

    GET https://www.youtube.com/generate_204?aKv0oQ

    HTTP Response

    204

    HTTP Request

    GET https://www.youtube.com/generate_204?HugfCw

    HTTP Response

    204

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200
  • 157.240.221.16:443
    https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Dpom1HQzAgH.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    5.3kB
    201.9kB
    84
    154

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/Zi20d5DVxmM.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Dpom1HQzAgH.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.221.16:443
    https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    2.1kB
    14.6kB
    15
    18

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/MEtExguyptz.css?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.221.16:443
    https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    2.1kB
    11.3kB
    15
    17

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/o1ndYS2og_B.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.221.16:443
    https://static.xx.fbcdn.net/rsrc.php/v3issO4/yA/l/en_GB/pLoSlJD7y1F.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    1.9kB
    35.6kB
    22
    33

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3issO4/yA/l/en_GB/pLoSlJD7y1F.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.221.16:443
    https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/yU/l/en_GB/Mw5y7Z3v-mj.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    1.9kB
    35.6kB
    22
    33

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/yU/l/en_GB/Mw5y7Z3v-mj.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.221.16:443
    https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
    tls, http
    IEXPLORE.EXE
    2.9kB
    24.7kB
    21
    28

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/Glud--w-qOK.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/POPhtNuypTE.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

    HTTP Response

    200
  • 157.240.221.16:443
    https://scontent.xx.fbcdn.net/v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_s50x50&_nc_cat=103&ccb=1-7&_nc_sid=6738e8&_nc_ohc=NMwjXrgSoV4Q7kNvgEVyxB_&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AYAlXr2k0wRggJppl6uUs-Ll39h1xnfMbSQH6ujGWtrknA&oe=66D636D3
    tls, http
    IEXPLORE.EXE
    1.6kB
    6.4kB
    11
    12

    HTTP Request

    GET https://scontent.xx.fbcdn.net/v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_s50x50&_nc_cat=103&ccb=1-7&_nc_sid=6738e8&_nc_ohc=NMwjXrgSoV4Q7kNvgEVyxB_&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AYAlXr2k0wRggJppl6uUs-Ll39h1xnfMbSQH6ujGWtrknA&oe=66D636D3

    HTTP Response

    200
  • 157.240.221.16:443
    scontent.xx.fbcdn.net
    tls
    IEXPLORE.EXE
    706 B
    3.6kB
    9
    8
  • 142.250.180.2:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    1.5kB
    6.6kB
    11
    13

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.180.2:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    1.5kB
    6.7kB
    12
    15

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.178.6:443
    static.doubleclick.net
    tls
    IEXPLORE.EXE
    759 B
    4.8kB
    10
    9
  • 142.250.178.6:443
    https://static.doubleclick.net/instream/ad_status.js
    tls, http
    IEXPLORE.EXE
    1.1kB
    5.6kB
    10
    10

    HTTP Request

    GET https://static.doubleclick.net/instream/ad_status.js

    HTTP Response

    200
  • 142.250.178.10:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    4.0kB
    53.2kB
    31
    47

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 142.250.178.10:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    3.9kB
    48.2kB
    29
    44

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 142.250.179.228:443
    www.google.com
    tls
    IEXPLORE.EXE
    935 B
    4.5kB
    14
    8
  • 142.250.179.228:443
    https://www.google.com/js/th/4-NlEi-7NY8SQPLCpX1INlyCg7Vzxjxgly2SzKIOrZg.js
    tls, http
    IEXPLORE.EXE
    2.0kB
    31.5kB
    20
    28

    HTTP Request

    GET https://www.google.com/js/th/4-NlEi-7NY8SQPLCpX1INlyCg7Vzxjxgly2SzKIOrZg.js

    HTTP Response

    200
  • 216.58.213.22:443
    https://i.ytimg.com/vi/gS2GhpTPLvQ/sddefault.jpg
    tls, http
    IEXPLORE.EXE
    2.9kB
    83.2kB
    39
    66

    HTTP Request

    GET https://i.ytimg.com/vi/ygK7kej0BPA/sddefault.jpg

    HTTP Response

    200

    HTTP Request

    GET https://i.ytimg.com/vi/gS2GhpTPLvQ/sddefault.jpg

    HTTP Response

    200
  • 216.58.213.22:443
    i.ytimg.com
    tls
    IEXPLORE.EXE
    726 B
    5.1kB
    9
    9
  • 142.250.180.2:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    1.7kB
    3.0kB
    10
    11

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.180.1:443
    yt3.ggpht.com
    tls
    IEXPLORE.EXE
    796 B
    9.8kB
    11
    12
  • 142.250.180.1:443
    https://yt3.ggpht.com/ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj
    tls, http
    IEXPLORE.EXE
    1.2kB
    11.5kB
    11
    13

    HTTP Request

    GET https://yt3.ggpht.com/ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj

    HTTP Response

    200
  • 142.250.180.2:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    583 B
    355 B
    7
    5
  • 142.250.180.2:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    1.3kB
    2.2kB
    9
    10

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.180.2:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    957 B
    1.6kB
    8
    7

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.178.10:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    3.7kB
    48.1kB
    29
    45

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 142.250.178.10:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    3.8kB
    48.4kB
    29
    44

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 142.250.178.10:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    3.9kB
    48.6kB
    29
    45

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 2.19.252.143:80
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    http
    399 B
    1.7kB
    4
    4

    HTTP Request

    GET http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl

    HTTP Response

    200
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
    7.9kB
    9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
    7.8kB
    9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    831 B
    7.9kB
    10
    13
  • 142.250.180.2:443
    googleads.g.doubleclick.net
    IEXPLORE.EXE
    152 B
    3
  • 142.250.180.2:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    539 B
    311 B
    6
    4
  • 142.250.180.2:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    4.1kB
    8.0kB
    19
    23

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.180.2:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    2.4kB
    3.9kB
    11
    11

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.180.2:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    741 B
    367 B
    6
    5
  • 142.250.180.2:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    539 B
    311 B
    6
    4
  • 142.250.180.2:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    439 B
    315 B
    4
    4
  • 8.8.8.8:53
    www.konthaiusa.com
    dns
    IEXPLORE.EXE
    64 B
    137 B
    1
    1

    DNS Request

    www.konthaiusa.com

  • 8.8.8.8:53
    www.youtube.com
    dns
    IEXPLORE.EXE
    61 B
    335 B
    1
    1

    DNS Request

    www.youtube.com

    DNS Response

    142.250.200.14
    216.58.204.78
    142.250.187.206
    216.58.212.206
    142.250.187.238
    172.217.16.238
    142.250.179.238
    216.58.201.110
    142.250.200.46
    172.217.169.14
    142.250.180.14
    142.250.178.14
    216.58.212.238
    172.217.169.46
    172.217.169.78

  • 8.8.8.8:53
    www.facebook.com
    dns
    IEXPLORE.EXE
    125 B
    275 B
    2
    2

    DNS Request

    www.facebook.com

    DNS Response

    157.240.221.35

    DNS Request

    ocsp.digicert.com

    DNS Response

    192.229.221.95

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    static.xx.fbcdn.net
    dns
    IEXPLORE.EXE
    65 B
    104 B
    1
    1

    DNS Request

    static.xx.fbcdn.net

    DNS Response

    157.240.221.16

  • 8.8.8.8:53
    scontent.xx.fbcdn.net
    dns
    IEXPLORE.EXE
    67 B
    83 B
    1
    1

    DNS Request

    scontent.xx.fbcdn.net

    DNS Response

    157.240.221.16

  • 8.8.8.8:53
    googleads.g.doubleclick.net
    dns
    IEXPLORE.EXE
    73 B
    89 B
    1
    1

    DNS Request

    googleads.g.doubleclick.net

    DNS Response

    142.250.180.2

  • 8.8.8.8:53
    static.doubleclick.net
    dns
    IEXPLORE.EXE
    68 B
    84 B
    1
    1

    DNS Request

    static.doubleclick.net

    DNS Response

    142.250.178.6

  • 8.8.8.8:53
    jnn-pa.googleapis.com
    dns
    IEXPLORE.EXE
    67 B
    323 B
    1
    1

    DNS Request

    jnn-pa.googleapis.com

    DNS Response

    142.250.178.10
    142.250.179.234
    172.217.169.74
    142.250.187.234
    216.58.201.106
    142.250.200.10
    142.250.180.10
    216.58.204.74
    216.58.212.202
    142.250.187.202
    172.217.16.234
    172.217.169.10
    216.58.213.10
    216.58.212.234
    142.250.200.42
    172.217.169.42

  • 8.8.8.8:53
    www.google.com
    dns
    IEXPLORE.EXE
    60 B
    76 B
    1
    1

    DNS Request

    www.google.com

    DNS Response

    142.250.179.228

  • 8.8.8.8:53
    i.ytimg.com
    dns
    IEXPLORE.EXE
    57 B
    313 B
    1
    1

    DNS Request

    i.ytimg.com

    DNS Response

    216.58.213.22
    142.250.178.22
    142.250.187.214
    142.250.179.246
    142.250.200.54
    216.58.201.118
    216.58.212.214
    172.217.169.86
    172.217.16.246
    142.250.180.22
    142.250.200.22
    216.58.212.246
    216.58.204.86
    172.217.169.22
    172.217.169.54
    142.250.187.246

  • 8.8.8.8:53
    yt3.ggpht.com
    dns
    IEXPLORE.EXE
    59 B
    120 B
    1
    1

    DNS Request

    yt3.ggpht.com

    DNS Response

    142.250.180.1

  • 8.8.8.8:53
    crl.microsoft.com
    dns
    63 B
    162 B
    1
    1

    DNS Request

    crl.microsoft.com

    DNS Response

    2.19.252.143
    2.19.252.157

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    a3bdb32709251db49fdfbbbe843d295c

    SHA1

    adbfbf7cf2af52bbc13074c49db627b9969ed2d0

    SHA256

    500646807d620dd3f80559b423d09513fdb1025d5a4b27ef4be7c3096dddf807

    SHA512

    e14f2f84db249857d4dff278a973d7c26272b5d96d8a428c0ad4d74bc89f9be9b73d4cb340b8915fc6d2194f216e52e9c201acc2a319bb6fdd5f767970abedd5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDE8B1B7E253A9758EC380BD648952AF_68D058512F3515153DEB95A1F4E72552

    Filesize

    471B

    MD5

    7a9f33162ea62d51399d84b88fb12968

    SHA1

    4c06bc90f4fd1ae49c86b3c50b319c0b6e14dc64

    SHA256

    6d6db88a354e29339a870a6464e061b12ce3b750141d8e4ffe051eaafbccf00f

    SHA512

    18cc1ca45b5fd3eaa9b96bb03a0e9a26a1adb48463fec5792e6c266ed77b0c0dd681467279529d2b895b2f70ffd66a4eb6b1f287d70e65eee8e5eb78dc16f7bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

    Filesize

    170B

    MD5

    2c232e5528b248f82cf8fe421235aa28

    SHA1

    eb09a08da1a944391c38a7300d958e51913dd710

    SHA256

    bd9154b3d18c2cfd94216e837c15f68b32e2448790774e6504dd393ffda51097

    SHA512

    5c6f3cf3fa13147e163f717f0063e722353cfea369ee8eecf1e478d01e9f11710b100222782a3ad4b8b638656c9e91d90089984d5419b958c7686978cd5a03fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    9da6061437db893113417d2ab712bcc7

    SHA1

    13b8cf0a0c9d4215a61fb2b5cf7bcb703a89c274

    SHA256

    e7848fcec29bf0a9c60623585d693a59a7b8236289a4febefcb53aa3314eee28

    SHA512

    cb210ca1240099679aa5d6b16c98a2d5ebeafa8ae3062ec6268687a4d4205b8e09bcd82dd76992adb670301e73486784224752645c2376f9bee0e043034a611f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    c95ae7e612fc00608f8b6ea04067d950

    SHA1

    032c6d7528067c5b353ef1f98321ea61443a3d33

    SHA256

    4df6fbf64ad52eeb229b236409176b13db299f422cc19a17f8bd7a17dc3bfc36

    SHA512

    6c6efeaf88f1559980497dbb72da209a691022b2494040b7cfc971b09f3ad3e76d3169fe7402266487ce8e0a952425f60602f580bdf30af1d5666ff887837b79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4256a23b86fd82eba75029a08649a326

    SHA1

    872f22bf168fae27c9b70652ca2a2470eb2f92d0

    SHA256

    0a5a5051e565fd462873c87be6fd8e25b54464c5bcf1a602d9faefd44a89ccbc

    SHA512

    9fef7a080478604ba2331fbb35f8b2392d727213ef1127e99ef57156bfcdb0bbfbdd2891c40fa0702cecc7bc2e40d3118bd1111271369fe07b8397327aab8054

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    dd60f51b4dde1ae7ae1b0120591192ba

    SHA1

    f2293262567a533ab91b6d79fd3d7f0419f6316b

    SHA256

    fa12669b9f1cb2d918239ed6dad16aee8fce199df691a8a3afa66a14afa37271

    SHA512

    b2d3d71265783d8a2097fb89accedc42bb518d77ab4647fdc5dcca920d2687278f11df115a2101eb7ac3d46e4c6e057a95476412c9878a92483aa7448d1a5e9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    9dc89f3284243bc54d80eaa2486f3358

    SHA1

    ed983efa3159c1b1826b750bdae065547c940e10

    SHA256

    1114df6c1e817f66257339016d6e60b7e37ff4e893bc7cf86e4663b092c99d64

    SHA512

    98648ac51906e238196ccbeea11f5279901abd87fe6cefcf39b0d8b29dc71aed8c8ee009b54a8f5defbb6a6d943818739ebe115aa7f6731a411d2e863370a749

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e745b01803411277d8de1711027016c9

    SHA1

    4e8e12a9d19e09ee4a0bf028fe483bc9345bfba0

    SHA256

    4dfbbb11c53418191d2e1f79fc8072710002228f9dd9c6911ab4afe9a9767057

    SHA512

    705e1e41a21db7d6be72a0042af871e5778cb7c94a4a7f38fc5459307f474724ff1ea9a2d46209248947be1e081182b434e0c5acc09cd615c75fc732f2b00198

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    54caf628cc19705489b47f78ef4bfdd3

    SHA1

    6a0fe4fdca859f8cd32d63510a0e32e5b145289a

    SHA256

    7034a71f0c40462d56272059bded47283d75685d69ce50b2d19dca516b1317fa

    SHA512

    91052b20062204f9c8d1960e83b2a79589768078df2ff48bda5b4360c44ca95259a844ce340ae33c7f17636f4e716bd75f2ff1f0dc0380b08e223b10c2978e66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8a6e6a6422fd3d5cc347bb494541bb13

    SHA1

    12860ede14ceaf9d5bfcb59fc371e47cf264c5aa

    SHA256

    1fd4b5c36fca5b48459263752d4531231f04c3ea1d8e6140620f289cbc29d83d

    SHA512

    cce35d59bc97524901b82a0e03196d99966a9ce3f2d3f097a7f9aa07bd888bacdad5a732c9c902e15b85c20d78dad2c384095d6190315580a212a054fe7dee84

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    5e47c54df8443e198d53217d618c0f12

    SHA1

    27d2a4eb5e34b954221140fa98657273b86a8c82

    SHA256

    3685b713a6b1f77791a8f3e9bf7bf4910413ca3c97ce43791e6c9ef47b902872

    SHA512

    71ff27fae7498ac9bbfd227607d8f85b7804ede364cc61937a79a5db0ea1d18f3df6068dd3a45e92e3877638bc5f10d79a77da27b14071871ccd8601a58bb105

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4c5d700ea4dbc167bd2ce915cb1f332e

    SHA1

    0ab7873af6013c4eaa8c3607f60c587ba42e3b71

    SHA256

    e1412cd2aac631c1576fb184cdb999eaee89c4a81397e3fb33be374429bc37e7

    SHA512

    b143b52b64733be17bbcade269ba5da24e67c1812ed281bc81cf3ff7446ee9089a39daa4a4254ed7d3d20ebe9c3178be59f0c99ca091fd2d85948a070364d785

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e541a02911e8b78b75f6713d81ca79b6

    SHA1

    9645be5608c41a2c28011328f7485a219c2d5aaa

    SHA256

    a4305a22428af3f695d7f68d76897f93b604b5123ec523fc791a4f10a66d27c7

    SHA512

    5c2cb7ee2d9ef646806de94c8aa05c73828e7b42f4e9a09d7dd44a6ceb790d508d042727e4d45628ce63abf2b40aba09d1ef8b053870b1e8f6f7a8d613a2e27e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7676bcd7ae11a128a49cd82626a69642

    SHA1

    da84978a10fce6a8dc1bf1919d6bdb8b5509300a

    SHA256

    b391c47e8fbb8511119436bb41cbe3601f57a217851af9bf3d4c7978bb414b5e

    SHA512

    29f5f11530b8f3dd0692c4d1a450be56c142ab1a0ac3cf2882e3b1567cb2f4346936fbff7bb00cb0d2f7f7b8d720b1a9414f0b23c8474a236487f7791ac51621

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d0904ead218d8049723ba25fec668293

    SHA1

    ec3d74acba44a7808b119e6732fe07cf6afb5867

    SHA256

    31b28b3ac28f72292001a5b378320806900d081313fdc920fd0507ce8bb1295d

    SHA512

    7aba5f977c9062e80b7a5fc7c350b37681d636c5a661acb96937d3affce78025303688fe5c28f9a3e5ded7ec96c0987b286137db9895de0a3c4faf602da3b346

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    23cf6b6f730afb4786a4c1f7b7c189a5

    SHA1

    3b6f2ef2d2b1218fcde04e203d9a188340caaa20

    SHA256

    46b31550b80475480ab332185be1d1b7e44454bb1b7bbe117369a90904fd1136

    SHA512

    52a74eb3307c3fcbbe391f72f003602d63720cbd1f0b2cadc90fae88d1ca201ce0ecc105c2c2aae09af0dd61a9153101cd60a5ec16794ea1de6b3229438ae94a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7a2dd52e52cebfd9e59d034891543849

    SHA1

    5865c088e0b28d61e23681a0e3eaa2c056a2e377

    SHA256

    fc0962e34749a8279eab7e0a8859930b9b5065880976883ea5f14d2382ae4561

    SHA512

    7d7d87b428dc9563ed018ca71a27128a06252050ce74dfa1e2de5403f7fea739691ca800227d2a0fecd65f850675d236c127de13570651f69f35e7b62aa18cd5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    15a360aacdb34ab208d3c638f1e3c29d

    SHA1

    b7e8e468320aed3e3bb8b11f40f859426e09fea8

    SHA256

    c59d6fded19f5e9ab7860116b414df84f7871a18f51921f057e90f56cd9de3c9

    SHA512

    ac231feac3f7b6ce25d46a4f014a3d65a6ffd923da52220bcb90eb07e645af5d81b8658257c80caf8c788015c73dd59c2ef219bd4ae9179e29d0a5fec82d52d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    da3df239633376fde9bf6e76031167e7

    SHA1

    7620c10c56b5f0089e9b8aa4ddb97290d8ffadef

    SHA256

    5cd9410b60e6b184f92970f07adb570fd9fdd1e4f048f33ccecf6e1173e49d38

    SHA512

    ea65f14c45960ee2ada83e03e237d7afff99ae695adc3c94284969bfab66dc26b173702dddebc08ff237e2fc7dde6ff65fa22949bac1aab906e99c5597a1a9a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    474b9499f2a3f8cfc7021dec653d2532

    SHA1

    48f360ef054f927a884c2956f45e74521731ada6

    SHA256

    2ac5104eed9a0476fdfbb9a65f3a3351eae0b0ecc4fc12da21a97871b7ae426e

    SHA512

    04d35e299c82e4c797bd83f60373d2263cd1117d7b0609418940d1d9fafca1bfcbea838b21bf4c32b6efca29ecfa76cc51f6fa71b66ff21c848db6fd852af881

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    182f702dda9f0067019badd34e345c84

    SHA1

    96cf75257c95386d28be33dea9494e7060f6b9b9

    SHA256

    4606720f6148088348a55f768e3dda1f5cecdc002964e2fc2e55aee7fc3c1453

    SHA512

    51374359727428dffa5e1b2ab2d898035cce9eeacc735e4637856a6e04b344b8226d03b0c35294346f6fe47a781fbf6d8ff0ed1518c0001d64aeeb7347ae579a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8ade8f7880f45e9f846b150e0cf8686a

    SHA1

    00fbacc34d5f1429885f86db849c1bc8428b5211

    SHA256

    5f2e163c8b1f9f1bdfdfb5c1b0bcfa039bf74dbb65a2dce4e07db05c17aa0677

    SHA512

    17ac9f59c149589b7172bf0c3d213c6754e31cb45f19bcd0fc18381efe7aa856a19dffb5fb6dc447f9ea4d784a71b2c921a29057bf2d18f038ff50d1eab8d89e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    a7f193a91c3b8f1cce3606e2f2dc1d1c

    SHA1

    cb4586b7fea172ed6828d3d879027093359e372c

    SHA256

    fb6262415fa86f372fc8fd66177f5c34c185fc38098c0c13586785b7055b0072

    SHA512

    f5f3582ffcdc2fd970ecfed2571395df35d1e9e359d89bd58dc0cf3ef1a38442517384c06a728fa79417c984912a2a3289f1d09e8321c90866ee35327fd19b6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    770b793a66fe7b2321a626cf6c98e087

    SHA1

    461f526cf23b8a94df551e3a6e271cd7e69ef3f6

    SHA256

    89a1a56e31228d624dbb480c532f28e93b756970d94a7829b5db1c5b71882fbd

    SHA512

    24274bc0c1a7d4a7429ec4263fd3430ad98506a8931b97cb1b8fc84b66b8e18d200f22a2049c114dd56a2b6affff800867ae4be5ed4a876302241ded09d51142

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    1e9ebce28fe86a3526f34f1ac2a0179f

    SHA1

    5907bcb6554e2a6761aad925d4320e6ad35cb511

    SHA256

    cf10838b3004b34d79528fce81a4ffe96ebdd44aa0172304616372a0afab6b0a

    SHA512

    8a80d8ef2a4750602d3e1dcc5d142c02d68e7783686cefe9970bfc5105dde2a2f387d4a57619782903a994923249115bcfb6c2b9141056e7f6dd16c99939d5e5

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    af7923a3009912e9328260a98dd73748

    SHA1

    e69b0cee9d9bc89979ab5cf04baf4ab314c51e70

    SHA256

    ede9b295dc7ef7f1ae70ee99d15395f78760cf12efa2228b0a77e5fd7d199b8a

    SHA512

    366e95924d5fc6a7aa0ad8f024abb37805733b75ff6d36f72fb67abff25c67cca237689c26ee0845fbed14c15270f8b138da04face9518fb170ddf71ea86c863

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    f29d4416a22fa604b44a308b87425966

    SHA1

    d04adf43e5f5dafa9fd46d65a95fd29819f328ac

    SHA256

    66d453ce15e96352609d783dc6152d164811032a511f9b226753c7cbd89430b3

    SHA512

    3a7317012bd9876d9d31d5f8333b730fd922e2a954e1e21ba75969116a15e34e3c08f13464025ebb42f50ad3c738beb2fe4fb7a0f8baa224d3ff7bd7b21de6af

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    6a71fda596ab216f5610babaac3f85a5

    SHA1

    68f2828dbfa7e686f9df080ecbe37b513444c4d0

    SHA256

    4170a7c107baa473b8a44e3883af363df0c1bf30779bed4bf65addb3be25f30e

    SHA512

    bd1b5e817710e047715b8d3380018f0635281ad39468661482eec4794ac6136c48b0c19cf44d400f8773ed1b98be0c6e2d9341932e844d68035a2ad7d4b8c46d

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    e15fe2d61759153ac26e08b23490b49f

    SHA1

    b884af28bfb4a1df198f1f5aa45c209bdb853728

    SHA256

    b370e9910d76f588ebb506ade1e112211883749cd0751a478f2f5ab4f71e1f64

    SHA512

    c75a9a12dbf3a152ed553db43149599da4fd05d382c74be7b787e1b052fdd13e68a400d6c7cb54ba420a2754dc7a0f2d11e9a8e3f0beecdda0943c7f8b11bbb2

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    3c9d3d06c1699deebc5e5f1970b326ca

    SHA1

    aa46b44404583304d6ec0c59ee03e674498d6015

    SHA256

    4618bb8f45568151b71e3a52017b15135372ae30467e597e4ba52b65db667f23

    SHA512

    76fc676205b503133e5d55749f5b5c930c2cee080b2f0ed2fc9c37e53d8ee2006494119c1ef33b88d59669f6179dcddb27a83abb9c4fb3b198fc143609435ee0

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    e2e00e674ffd5adf0e33caf67fefc566

    SHA1

    bba3421e1eb999178abf86fe0383b5c65631664a

    SHA256

    57f3bfcc8c79d91a0c7ccc72ffb61daa5345a7c35388233792efbbd5fbd272af

    SHA512

    0143a598da15136d85239974961a060de1cf56846f1200e95267ba5fe185a1ef86a1b18953b51a3c77345cf7bc422cd99932b7646993f1c05beb797cd121a144

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    a024a5d770b06fc20fb5e9f0e2080f9a

    SHA1

    111ec45b183a19129d6c2ef3b9665fb9a736e3b1

    SHA256

    af821bad759d6ba3d1c40d7fc75982c46d504217e7e5c539dbbcb834f67d3287

    SHA512

    d2409d0c3c07e0038c793b3b80b624b40909b94f539d24e37472216257e4167101f5a377019e5f70fa3de599a422473d877b555e3e5751de78f75247f8f8b097

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    8c2b8658befcc3b44d5b452ea4ab7f27

    SHA1

    c02041a3d850cb196116c2dd8cf1cc2a70cce75a

    SHA256

    70a22bfc03120c57cf70ad7b32164701757472f36794ee61bd54abd00b6b767c

    SHA512

    6b67adeccfb295c15a04df2fcf1d44faf7c19aa8c156fcac3fb0e2acfaf88bb9676f96d601fde64bd3a29c592991de08c00e6944a139e90e1eefef3467104bc2

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    f6c6a19457114717c8fd2bac69bcdf56

    SHA1

    2ef7b7b8966d74e6e1ec8ba3a9c6b3d402959876

    SHA256

    6af6ceaad8ae3d8ac2b3fd7f9eb7ba90e4bdca0d3d6dfa4245d0ce09d0ac01da

    SHA512

    371e41d8a76f6bcfc2992fbd35efc938c3d5a118d1cbf47918802fc8789348208a400a5843ff20deca4bed7b476cd87a2e55940e7a5e3a319d7380d42cfc1f0c

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    1696fea3bafcd1ac4d3251ca5a9977e5

    SHA1

    d52fb286612b8dabddf71f2d7831f0b414f9e48f

    SHA256

    4855525ebeb22c6dfb687c2e31279f5603bb01c2a052880df5d0c2974e215238

    SHA512

    b79fa54cff8a4151472133f169b98aa2069301374b0320dc67edff875fba698e15e199bc4e76799ad4b3164716dacb2378277208222a69a39a51c039dc5c7367

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    034d0a22a3eebe465c2e548beb0c91b6

    SHA1

    46821725dbba90f1f2d1564364dd0a97eea45199

    SHA256

    2846615a28e3b40214002a0df77405a91a4e1e4e8932bbf4015e0ad98bbb5e00

    SHA512

    f249b021b80d4a0673b909504f5ee0b39abca33bea11a6722d7f992cbcd9e78e980f8cf41d5b8db7d8dc7bd83f11add013d47cd19d29cf890823d63b3d9ee777

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    229B

    MD5

    fa11e85420954b4cd7eb65f881401246

    SHA1

    fbd9459a71f3391cdde344343c465a01502592dc

    SHA256

    2cb1f8bcd0ee5bae915a0ef6b76ab960929f5f07d43bd897c7130f8c52a85912

    SHA512

    e9d55fc75210d4eca2bc3676b50453f985e613dcebd83339b15a3a8151ef7764a402c348ffec9a225978e48a0770befd4371d0da2a77aa1e05273645c6f41cf4

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    229B

    MD5

    64acd7aeaf8d4288c536b3330ac4f9a3

    SHA1

    d923eb07a49fb63d5dce6d14c9ae137f062dcee2

    SHA256

    5edef2d7ee45b9c20a8b4e4fa19ff4c9da70e91961e42563eb01d2fbdf7d7f0f

    SHA512

    46e4cbafbd7d94d9cc0e93364ae272c06b2d6c2d2d37c721cf76b4e60614d1c4d487e11c13d4453c6e9f4ae20dea8db806efb0af3acf66f60d4c5dc5ed2ca27c

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    229B

    MD5

    a225414fc21dfa3afb73860e68fd07c4

    SHA1

    e6c9c3336978d32d3a038095b94bf571af78890a

    SHA256

    b21402e24b5080270b7a2752be165658b57d7951f51e3fdac4a1f9d95b144606

    SHA512

    f5978f01a2bd4df12d96ce247e7a51d90a960da0c5d7acfa0f815cf37058abe248480369d3c4fb6ce0feed8ab675b206beff512ccd94c63849a374892ae50f10

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    229B

    MD5

    7af51172a40562fc2163d38a15bda6ff

    SHA1

    87c6b463a7232bc837535b6dedb673a818b4b2e7

    SHA256

    bba3a5510cc893c3043bb00440627da9f44bd6b3ccee51c800731dee49436e60

    SHA512

    210106efb4204ef40e55c31511cec41ae5ef48fab7b71f76a5e547874e31d69b62a74b22f992aeb49025326e767bd65a613549cb3fd82333a59383b9245ad117

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    24KB

    MD5

    0797d718653352164b096b592d3ff28b

    SHA1

    182f3b30839579469e2cf2de77ce481db18589f0

    SHA256

    0814e0f963e5a063f4c6dbc73d12c796b87347bd454a15b03f2f5041047aea96

    SHA512

    2b5e9db99d7b20c1a54f31f36e2e974a63efadb86bfc66c3aeeaf1efbf3f59cebe64e805f6aa6dc3142395f2cc3e1340fb59ebac34fa84302479df4fa4832a6b

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    578B

    MD5

    91a572d9e81abd51036f3b7850059f19

    SHA1

    62193a68ef851263839783d95e2caeb8c2df7ad2

    SHA256

    718ff9a96a643514b3d89e5b136325647897b54314f5cc9d89d6a87ee8c7dbd6

    SHA512

    41cc759c8a9c4e4e2a4a64ed3e6fb3283b98411c2ab718034614f54d62454fb21632fef6149e8dfa68a1ef392723463504374eeb303d1ff5fcac11a174148f97

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    43332d9e053db807e731be9fd4c6b961

    SHA1

    8e1b7ed6b13ad28ba8a6491a7bb3f5410664446c

    SHA256

    28e94335bda3677937fee5541d2951653d8b6792914cde8e159a759e3a26b766

    SHA512

    0d777ab30ba11cc769e74617ebd63b1c0b09d6f86a43c5f9b6b070d9977aba364ba1a37348626d898c5e94cbb337a65513be4b113780a79df6090a99303eb14a

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    e0eb00f5cf8b32e5f6bba4e31aedcb97

    SHA1

    162f0ab2dcb146d6f7a702f6e966beaa1830fb3c

    SHA256

    0e1df097bd291a7364049139fc8ccacdac39a1db1b3efc9e2ebd90601c75b52b

    SHA512

    e916914a12022927e146f88db3576fe2ddb93dfa62bed22f2e802eba140065d206cecbb8602c8a69ae5eaeb3ef52941a87cc2b6ba1d4129477b206296c9fea3b

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    814B

    MD5

    070ab3450e093191645fed544e77e5a7

    SHA1

    9eada82d01bd0aa194420a339fa1370261de5140

    SHA256

    60f6d98286c497fadbfcf8489ac47d1fc94d6ea809642ebf8c9538f0087ab92e

    SHA512

    2a59a5b9b52fba6eface744580c857e181670cc438748fef8744273fbbac72595c9d76e86e6d0cc6b2332af97a7b23cdbf85da0c41a7a2376bdc5a5643e203d6

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    02f9fc8f0a2f1eaf7588668713fad1ba

    SHA1

    17b98c4f88ef0b74668e5cb2b887a7c3da58441a

    SHA256

    8d6c5bb20ad954017a556f8b94ee65739d9ab6b6e0d934da2614af1559a469d7

    SHA512

    ea24cb5adbb0ba10a15c52987199fe17a2774ffc52bb108d6435b3721aeab211ffc5c451d76f2b20213885b169432b1ed88cbb89cb0689a9bca7592f0e4c187a

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    990B

    MD5

    cb622ddd05cf6fca0ee2c2707b37d293

    SHA1

    1a4f72b511464f321c70c4ea43cbac4a24490149

    SHA256

    11adc9473949666349525912b98695682f6ee8cfb0cd0b422f147b6f27937352

    SHA512

    6f31ebdc5c3faa37ce0d7dcd1e902da9e3d7f893df9d28e65462366feb701ec1d6109ad6e4673f7604710e8add681cec69ba12a3ed98ee61d6e6eeffe3978bc7

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    814B

    MD5

    37ce990776f10cec42476de79ec70318

    SHA1

    3a13cb3808b097cd85d082ecf04e5154beaa0bf2

    SHA256

    8d6f4f1a9cbc0eec4be2a9bfc47fbf64336dff3b828f780ae3c5e543c219ae73

    SHA512

    e98dc11b2c5334878a4ab242de18bed79ecb08d8311081233d0be5f8f17d4e13fadbf91affa38a5c7ea7e16c7dab25c67c567f46d66c1b71d1833241c2e285bb

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    15KB

    MD5

    d8bd704ecccdae132d2c34120b5fb026

    SHA1

    27ce25f7a4fd62c62ec16419a860379b36ca5103

    SHA256

    b06ed531840d1d39fc3bfba6f13d15057d08c4b40c567d7c34d8417232818c9a

    SHA512

    dfa9e2a58d3c85227cf54e11febbc6368eaee0deccf274fff225f3cee6f0cf40632a294b1c05dc058406256b7451f9df68b54cbd3dbb562b5517fd6f3b5e8a31

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    814B

    MD5

    b3684dd7fa9c69eae4442a55c09b2278

    SHA1

    18ff12c87c2c189e5359f6fd394155bb02186828

    SHA256

    08384e3f60ca2abf67a503e6db4fc8c8c4cf2e6250ad6e8de96a51c2f00b47fe

    SHA512

    85c3c5f01fcfb7fcce5dedec47e384cbdb4832f08d8477385c2793ceb91659e8b265dc9d10bead6119dae51926895f817ad594c770daa7c3b84a3859e6bc7121

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    29KB

    MD5

    bd26d51b3b2cdc96163ad7e957443091

    SHA1

    ec1446611b77b0fff698fda27777900f442134af

    SHA256

    e57eb256aaa8a27f0a6ee6df2ad9494af0f6ed6a081fb9243fcd9c675b8a2325

    SHA512

    c26c50d377b6ab880fd6a34e2cb2c65248faa45e1285bfb60304f052dbbb8273c5d44dc5c579be2c1aa3d8adef03b2a78a41050245894f4903d5d6de704b944e

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    814B

    MD5

    9be21c0bb5bb8050031794fe38bb1851

    SHA1

    22c74faab89c0edf272b0a6ce4df1a3446018bba

    SHA256

    71fcc340737dc2dc4f429f39e03e87ae4eabcc371f291e6b4593813fcbaa29b6

    SHA512

    a0440716e971591bed7dcb1461b7cf690e5366fb9ab5fa01cac72ea7357c62dd6203e2ae851984f3184c254ff243bf024b9e12d4ebb91ac51b8532a822d1567c

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\AYNZRAR6\www.youtube[1].xml

    Filesize

    43KB

    MD5

    d83d4e221ef25cab5788967efe9ae14d

    SHA1

    72c4753dcb97b7412d47a7a96414b91bb9ad88ed

    SHA256

    29a0da811f1a795840fc7be21751e9d47cf7fa9f39caeec44af99c418acc87bf

    SHA512

    477c592852e004ecef5dd201b726fd22ee1a44ac4bee79381f4d6e5683dd1f14eb395ad2419a8b2ba39e09318f9f9e83739e18d1a2f3a36019d008c43aa0a361

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2LF9I1AK\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff

    Filesize

    19KB

    MD5

    de8b7431b74642e830af4d4f4b513ec9

    SHA1

    f549f1fe8a0b86ef3fbdcb8d508440aff84c385c

    SHA256

    3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a

    SHA512

    57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2LF9I1AK\KFOmCnqEu92Fr1Mu4mxM[1].woff

    Filesize

    19KB

    MD5

    bafb105baeb22d965c70fe52ba6b49d9

    SHA1

    934014cc9bbe5883542be756b3146c05844b254f

    SHA256

    1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed

    SHA512

    85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4UQ4J2DQ\base[1].js

    Filesize

    2.3MB

    MD5

    f1609182e6afe46c1021d37bc5ebfdab

    SHA1

    6de10bf9f03b86633e9ee3909881149aa915c423

    SHA256

    480748a2014453d4628fe41a2c81bfd9b3e0bbbdeff8df31c9701138551b4860

    SHA512

    ecabf5496abf104101fd4cdd1fc66cd892ef27b0f697e7ecd04f4f16593785e220d34117a925df0b5e4dca85327f717295c4b5b95993821dfad64af955220511

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4UQ4J2DQ\www-embed-player[1].js

    Filesize

    328KB

    MD5

    eff8a05b54f33d1f32b739067b43bb43

    SHA1

    f1e40e0e4e5226abae4ef85854fc12c850e387e1

    SHA256

    1dfe73858eb7a2290d60ae2f0be3fb0552f656918046f8d4f37147567523f68e

    SHA512

    8fc247a8b47891dd8d6a5c9087108e5632c7c5e3438529be1ad4af4cae6c2abc5424921a1ac843f9b88380a0f47fd7fb17d28b8e466a2813fcca9476b51fd884

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\69P6875H\ad_status[1].js

    Filesize

    29B

    MD5

    1fa71744db23d0f8df9cce6719defcb7

    SHA1

    e4be9b7136697942a036f97cf26ebaf703ad2067

    SHA256

    eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

    SHA512

    17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\69P6875H\embed[2].js

    Filesize

    66KB

    MD5

    b862bf5490b2845b2d04b5cfe00e19bf

    SHA1

    03229098e0e04ae9576060bcd0ef1e567214d2a7

    SHA256

    762a9cc80cb32b80e2621cf18f6887b0f1a460995a8f822af6692f8fb1fc65e7

    SHA512

    5c4652f549b6af9908fbc14020d6ed89c2c5ae8f27e331bed5eb80889f2b466ed68242b17e43e46a9249f674671de1ac580d4b66d66228080498c22ac6a69e63

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\69P6875H\remote[2].js

    Filesize

    118KB

    MD5

    070f2f7d61543a4ee67d6c252075034d

    SHA1

    a2e0d1d08c18736dfc19c16e147ccea13361efc2

    SHA256

    924d0f1f7dec14081ddff34a8799e8ec9ef32963d38fb04e0f1e07ee4e3423da

    SHA512

    5abe05872c423717a8367b9187b0caaf5ecac1179329af2fc3a35256b0f6f8e97c8b7f92be0e440d63f1bb99ed0e4445793179e61896736a74a77d8ec77104c9

  • C:\Users\Admin\AppData\Local\Temp\CabEC06.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarEC28.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.