Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    146s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    07/09/2024, 19:00 UTC

General

  • Target

    d2a195b706c355f22363fe485ed155c8_JaffaCakes118.html

  • Size

    175KB

  • MD5

    d2a195b706c355f22363fe485ed155c8

  • SHA1

    d62d85b0b6dc0f216eef06f1d5c7e167b3b12886

  • SHA256

    5683e262ba0b54b3a91957f6097aa4fe5fa194c288b5f954385d515b00a32982

  • SHA512

    7a52f7f1f037db40c9a1a2824ee030a8a878b566dd8e0f055bc3f04980ab2960dcfb70378bbe971d73c00da24af1302782ed67347e9623573280d52ad202493c

  • SSDEEP

    1536:Sqt58gd8Wu8pI8Cd8hd8dQgbH//WoS3SGNkFRYfBCJiZu+aeTH+WK/Lf1/hpnVSV:SHCT3S/FkBCJiJB

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d2a195b706c355f22363fe485ed155c8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2776
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2776 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2212

Network

  • flag-us
    DNS
    www.konthaiusa.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.konthaiusa.com
    IN A
    Response
  • flag-us
    DNS
    www.konthaiusa.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.konthaiusa.com
    IN A
  • flag-nl
    GET
    http://fonts.googleapis.com/css?family=Arial
    IEXPLORE.EXE
    Remote address:
    142.250.27.95:80
    Request
    GET /css?family=Arial HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fonts.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 400 Bad Request
    Content-Type: text/html; charset=utf-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 07 Sep 2024 19:01:03 GMT
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin-allow-popups
    Content-Encoding: gzip
    Transfer-Encoding: chunked
    Server: ESF
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
  • flag-us
    DNS
    www.youtube.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.youtube.com
    IN A
    Response
    www.youtube.com
    IN CNAME
    youtube-ui.l.google.com
    youtube-ui.l.google.com
    IN A
    142.250.27.190
    youtube-ui.l.google.com
    IN A
    142.250.102.93
    youtube-ui.l.google.com
    IN A
    142.250.27.91
    youtube-ui.l.google.com
    IN A
    142.250.102.91
    youtube-ui.l.google.com
    IN A
    142.250.27.93
    youtube-ui.l.google.com
    IN A
    142.250.102.136
    youtube-ui.l.google.com
    IN A
    142.250.102.190
    youtube-ui.l.google.com
    IN A
    142.250.27.136
  • flag-us
    DNS
    www.facebook.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.facebook.com
    IN A
    Response
    www.facebook.com
    IN CNAME
    star-mini.c10r.facebook.com
    star-mini.c10r.facebook.com
    IN A
    157.240.243.35
  • flag-nl
    GET
    http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:80
    Request
    GET /embed/ygK7kej0BPA?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 07 Sep 2024 19:01:03 GMT
    Location: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-es
    GET
    http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    IEXPLORE.EXE
    Remote address:
    157.240.243.35:80
    Request
    GET /plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.facebook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Location: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Content-Type: text/plain
    Server: proxygen-bolt
    Date: Sat, 07 Sep 2024 19:01:03 GMT
    Connection: keep-alive
    Content-Length: 0
  • flag-nl
    GET
    http://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:80
    Request
    GET /embed/evMR3wn1LGk?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 07 Sep 2024 19:01:03 GMT
    Location: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-nl
    GET
    http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:80
    Request
    GET /embed/QMECDnECjJM?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 07 Sep 2024 19:01:03 GMT
    Location: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-nl
    GET
    http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:80
    Request
    GET /embed/gS2GhpTPLvQ?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 07 Sep 2024 19:01:03 GMT
    Location: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-nl
    GET
    http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:80
    Request
    GET /embed/ywSeSlVcY4w?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: application/binary
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 07 Sep 2024 19:01:03 GMT
    Location: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/remote.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/player_ias.vflset/en_US/remote.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=xB_y6bUFrvs; VISITOR_INFO1_LIVE=iQI4qmj_te0; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 39255
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 18:29:50 GMT
    Expires: Wed, 03 Sep 2025 18:29:50 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 347484
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1725735675744
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtWRU1jTTV1bWNxZyj0xfK2BjIKCgJHQhIEGgAgOQ%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240902.00.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1725735669194&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C1524%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C590%2C250&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 9443
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=xB_y6bUFrvs; VISITOR_INFO1_LIVE=iQI4qmj_te0; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:01:20 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /embed/QMECDnECjJM?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 07 Sep 2024 19:01:08 GMT
    Strict-Transport-Security: max-age=31536000
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Cross-Origin-Resource-Policy: cross-origin
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Content-Security-Policy: require-trusted-types-for 'script'
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=j-Ex3tYTEF8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_INFO1_LIVE=YKqXk1-hcWE; Domain=.youtube.com; Expires=Thu, 06-Mar-2025 19:01:08 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgDA%3D%3D; Domain=.youtube.com; Expires=Thu, 06-Mar-2025 19:01:08 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /embed/ygK7kej0BPA?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 07 Sep 2024 19:01:09 GMT
    Strict-Transport-Security: max-age=31536000
    Cross-Origin-Resource-Policy: cross-origin
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Content-Security-Policy: require-trusted-types-for 'script';report-uri /cspreport
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=gqs77gNA4QQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_INFO1_LIVE=sZJDfkgVuFo; Domain=.youtube.com; Expires=Thu, 06-Mar-2025 19:01:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgDA%3D%3D; Domain=.youtube.com; Expires=Thu, 06-Mar-2025 19:01:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1725735675745
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtZS3FYazEtaGNXRSj0xfK2BjIKCgJHQhIEGgAgDA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240902.00.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1725735669179&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12594%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 8268
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=xB_y6bUFrvs; VISITOR_INFO1_LIVE=iQI4qmj_te0; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIQ%3D%3D
  • flag-nl
    GET
    http://www.google-analytics.com/ga.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.113:80
    Request
    GET /ga.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google-analytics.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
    X-Content-Type-Options: nosniff
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 17168
    Date: Sat, 07 Sep 2024 17:07:20 GMT
    Expires: Sat, 07 Sep 2024 19:07:20 GMT
    Cache-Control: public, max-age=7200
    Age: 6826
    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
  • flag-nl
    GET
    https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /embed/gS2GhpTPLvQ?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 07 Sep 2024 19:01:09 GMT
    Strict-Transport-Security: max-age=31536000
    Content-Security-Policy: require-trusted-types-for 'script'
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Content-Security-Policy-Report-Only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'nonce-5fpee5hZ8nkEfF2TwDVf-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=am8Mk-0dqgw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_INFO1_LIVE=ERy_CGNJVk8; Domain=.youtube.com; Expires=Thu, 06-Mar-2025 19:01:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D; Domain=.youtube.com; Expires=Thu, 06-Mar-2025 19:01:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 117679
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 07:40:58 GMT
    Expires: Wed, 03 Sep 2025 07:40:58 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 386516
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /embed/evMR3wn1LGk?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 07 Sep 2024 19:01:09 GMT
    Strict-Transport-Security: max-age=31536000
    Cross-Origin-Resource-Policy: cross-origin
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Content-Security-Policy: require-trusted-types-for 'script'
    Content-Security-Policy-Report-Only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'nonce-CQlNaVcucijoBYB_Fz3DPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=E-tq1tc5_BE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_INFO1_LIVE=VEMcM5umcqg; Domain=.youtube.com; Expires=Thu, 06-Mar-2025 19:01:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOQ%3D%3D; Domain=.youtube.com; Expires=Thu, 06-Mar-2025 19:01:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /embed/ywSeSlVcY4w?wmode=Opaque HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sat, 07 Sep 2024 19:01:09 GMT
    Strict-Transport-Security: max-age=31536000
    Cross-Origin-Resource-Policy: cross-origin
    Content-Security-Policy: require-trusted-types-for 'script'
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=xB_y6bUFrvs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_INFO1_LIVE=iQI4qmj_te0; Domain=.youtube.com; Expires=Thu, 06-Mar-2025 19:01:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIQ%3D%3D; Domain=.youtube.com; Expires=Thu, 06-Mar-2025 19:01:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 117679
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 07:40:58 GMT
    Expires: Wed, 03 Sep 2025 07:40:58 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 386537
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 23517
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 08:06:37 GMT
    Expires: Wed, 03 Sep 2025 08:06:37 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 385000
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-es
    GET
    https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    IEXPLORE.EXE
    Remote address:
    157.240.243.35:443
    Request
    GET /plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.facebook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7411978243904104195", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
    report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7411978243904104195"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    cross-origin-opener-policy: unsafe-none;report-to="coop_report"
    Pragma: no-cache
    Cache-Control: private, no-cache, no-store, must-revalidate
    Expires: Sat, 01 Jan 2000 00:00:00 GMT
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Strict-Transport-Security: max-age=15552000; preload
    Content-Type: text/html; charset="utf-8"
    X-FB-Debug: OhMfCf6AHvAkpB5HLeJ6XPZnqGR+TTFb+6ECm74i8/frjK3in3Iufeo2hhIppSTQrPLG3vuMb2i9jrGLCKWv5w==
    x-fb-server-load: 29
    Date: Sat, 07 Sep 2024 19:01:05 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=51, rtx=2, c=2, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=133, ullat=0
    Alt-Svc: h3=":443"; ma=86400
    Transfer-Encoding: chunked
    Connection: keep-alive
  • flag-us
    DNS
    static.xx.fbcdn.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    static.xx.fbcdn.net
    IN A
    Response
    static.xx.fbcdn.net
    IN CNAME
    scontent.xx.fbcdn.net
    scontent.xx.fbcdn.net
    IN A
    157.240.243.2
  • flag-es
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/dvL-mSr_f6M.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /rsrc.php/v3/ya/r/dvL-mSr_f6M.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Sat, 06 Sep 2025 22:08:54 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: /vvRGpkPlHsisg6WDqz3Yw==
    X-FB-Debug: kAU/1R45qKnl9IPQGio8sQ9vReTuVnmAi7d11mKZy9dHzevdFR025vtZEhPYQN8ehTLwhkEysbZcpzckOIcNnw==
    x-fb-server-load: 35
    Date: Sat, 07 Sep 2024 19:01:06 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=51, rtx=0, c=14, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 119385
  • flag-es
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/MEtExguyptz.css?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /rsrc.php/v3/yx/l/0,cross/MEtExguyptz.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: text/css, */*
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/css; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Sun, 07 Sep 2025 16:47:59 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: TrG038E61eomy8gCWsSSrg==
    X-FB-Debug: Mdn6miukVQN5PYYYY6tQMLImj8yKoLBiPhUWfCzwoTCqVNaqxwv9ER4+iNsJ9uMFrPn4jbUS50x4ZpurxYrZXQ==
    x-fb-server-load: 49
    Date: Sat, 07 Sep 2024 19:01:06 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=56, rtx=0, c=14, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 6024
  • flag-es
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/yhMLxgtMNUo.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /rsrc.php/v3/yK/r/yhMLxgtMNUo.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Sat, 06 Sep 2025 03:53:13 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: EtTkQSIVUyPfzhwR1EO1DQ==
    X-FB-Debug: m65UVoxoWcTlufpqcqShUJMpKs7qE6Lo9UtbJd15j8omB1igIUqKe0OVTqg23EBSwi1CrYwfmUDPSEDI5+np8Q==
    x-fb-server-load: 30
    Date: Sat, 07 Sep 2024 19:02:18 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=56, rtx=15, c=4, mss=1357, tbw=11297, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: close
    Content-Length: 69188
  • flag-es
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/o1ndYS2og_B.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /rsrc.php/v3/y1/r/o1ndYS2og_B.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Wed, 03 Sep 2025 15:10:00 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: +XuRV7TCFgdTr4rntoaKNw==
    X-FB-Debug: /5IUQgOcrESrDDzspEbGkdTIZEYUXFaeFHgr/6H67PBZOrv9UCITlJibzRu/6drFPPgfxgfyrfH4sqTsCUtUQw==
    x-fb-server-load: 37
    Date: Sat, 07 Sep 2024 19:01:06 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=52, rtx=0, c=14, mss=1357, tbw=3223, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 2348
  • flag-es
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3issO4/yA/l/en_GB/pLoSlJD7y1F.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /rsrc.php/v3issO4/yA/l/en_GB/pLoSlJD7y1F.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Fri, 29 Aug 2025 10:28:23 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: BXtkWzgo8lyqF1Lj4XfyGg==
    X-FB-Debug: Hm/eDC1pzLn1n9Lidu+MExI3hKKaBvHS3lvajhAmDtgDSE8Lg5XHpJU3aMRN9LoF1FdbWEbqvaIfpeZxTwDQIQ==
    x-fb-server-load: 64
    Date: Sat, 07 Sep 2024 19:01:06 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=51, rtx=0, c=14, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 28907
  • flag-es
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Thu, 28 Aug 2025 04:38:36 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    x-ua-compatible: IE=edge
    origin-agent-cluster: ?1
    content-md5: ivkhXUQG4wQzNqI4NjhapA==
    X-FB-Debug: B8DJ1x9uNCFT6/Hyle1ypOXwhZyRuVg/Iul6Nk8prKlMAa223ZZ93R6nt4nY5dDth0grQjGtMzbAqqxo7NHcrw==
    x-fb-server-load: 29
    Date: Sat, 07 Sep 2024 19:01:07 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=107, rtx=8, c=19, mss=1357, tbw=34283, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 302
  • flag-es
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/Glud--w-qOK.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /rsrc.php/v3/yV/r/Glud--w-qOK.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Sat, 06 Sep 2025 20:40:36 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: amwV/kzpjA3lcdYoUHwzSg==
    X-FB-Debug: Twqc3ieCW4UkwZ7COZh0VwD0RPnx9oReXTQYivnUpZEdnaq6hBM/NLF9/kJiQv5O8lzdeZAGtEarn2s1OuExhg==
    x-fb-server-load: 37
    Date: Sat, 07 Sep 2024 19:01:06 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=51, rtx=0, c=14, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 11620
  • flag-es
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/yS/l/en_GB/FsgTKAP125G.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /rsrc.php/v3ij9m4/yS/l/en_GB/FsgTKAP125G.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Sat, 06 Sep 2025 22:44:34 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: mnQpnT09BfD+pmb7WOI7Ng==
    X-FB-Debug: 3oCZUm6pX4s2lMWLYF1ifE0GIVOFxYx1QmxA/5bvTJFiE0c1wXgX9JAcgEj5hZHjFNgnYe6QWkO/JPQ0gcC6Jg==
    x-fb-server-load: 34
    Date: Sat, 07 Sep 2024 19:01:06 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=54, rtx=0, c=14, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 28985
  • flag-us
    DNS
    scontent.xx.fbcdn.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    scontent.xx.fbcdn.net
    IN A
    Response
    scontent.xx.fbcdn.net
    IN A
    157.240.243.2
  • flag-es
    GET
    https://scontent.xx.fbcdn.net/v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_s50x50&_nc_cat=103&ccb=1-7&_nc_sid=6738e8&_nc_ohc=AzK9QtI-96cQ7kNvgEszH3r&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&_nc_gid=A39VDMeKP91wJ99O8U9YKH3&oh=00_AYBwxUm8scKLZ1lH8qXwi4-UXC6aFUe-WViNu0gWd0JgNQ&oe=66E284D3
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_s50x50&_nc_cat=103&ccb=1-7&_nc_sid=6738e8&_nc_ohc=AzK9QtI-96cQ7kNvgEszH3r&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&_nc_gid=A39VDMeKP91wJ99O8U9YKH3&oh=00_AYBwxUm8scKLZ1lH8qXwi4-UXC6aFUe-WViNu0gWd0JgNQ&oe=66E284D3 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: scontent.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    x-additional-error-detail:
    Last-Modified: Sat, 10 Sep 2022 01:27:37 GMT
    X-Needle-Checksum: 2883854034
    Content-Type: image/jpeg
    content-digest: adler32=740015753
    cross-origin-resource-policy: cross-origin
    timing-allow-origin: *
    Access-Control-Allow-Origin: *
    Cache-Control: max-age=1209600, no-transform
    Accept-Ranges: bytes
    Date: Sat, 07 Sep 2024 19:01:14 GMT
    X-FB-Connection-Quality: MODERATE; q=0.3, rtt=238, rtx=7, c=6, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 1967
  • flag-es
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/WvbRbK9sYiL.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /rsrc.php/v3/yG/r/WvbRbK9sYiL.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Sun, 07 Sep 2025 15:30:35 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: w5wNVKIM4DoYG1rk2koWTQ==
    X-FB-Debug: bC3XItto8rJnPPYSzKHZMECU44APc3gdxEgFb0Hov30zk5qOYZyCEEwdYi5+D46yHaIYuiRX5qg/3Kwc+FBSjQ==
    x-fb-server-load: 60
    Date: Sat, 07 Sep 2024 19:01:10 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=52, rtx=0, c=11, mss=1357, tbw=137, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 1830
  • flag-es
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: application/x-javascript; charset=utf-8
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    Expires: Thu, 28 Aug 2025 05:55:55 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    content-md5: PCil07El4hl7RdWxcVlVHw==
    X-FB-Debug: KodlMuUAJ96ijvNi9qgCyHNV99zIp596rdSwRbrwemDMkvickD7gtanJKhx9JQQ54qMrsbcd4rSsoi4CP1RJWA==
    x-fb-server-load: 29
    Date: Sat, 07 Sep 2024 19:01:10 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=51, rtx=0, c=11, mss=1357, tbw=137, tp=-1, tpl=-1, uplat=1, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 333
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.27.94
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.27.94
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.27.94
  • flag-nl
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 07 Sep 2024 18:17:24 GMT
    Expires: Sat, 07 Sep 2024 19:07:24 GMT
    Cache-Control: public, max-age=3000
    Age: 2624
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-nl
    GET
    http://c.pki.goog/wr2/oQ6nyr8F0m0.crl
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/oQ6nyr8F0m0.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 12062
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 07 Sep 2024 18:58:58 GMT
    Expires: Sat, 07 Sep 2024 19:48:58 GMT
    Cache-Control: public, max-age=3000
    Last-Modified: Sat, 07 Sep 2024 18:45:38 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
    Age: 147
  • flag-nl
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 07 Sep 2024 18:17:24 GMT
    Expires: Sat, 07 Sep 2024 19:07:24 GMT
    Cache-Control: public, max-age=3000
    Age: 2624
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-nl
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 07 Sep 2024 18:17:24 GMT
    Expires: Sat, 07 Sep 2024 19:07:24 GMT
    Cache-Control: public, max-age=3000
    Age: 2624
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-nl
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 07 Sep 2024 18:17:24 GMT
    Expires: Sat, 07 Sep 2024 19:07:24 GMT
    Cache-Control: public, max-age=3000
    Age: 2624
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.27.94
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.27.94
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.27.94
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.27.94
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:13:00 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2888
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDBBI61buTJSxBPkvvajAV6
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDBBI61buTJSxBPkvvajAV6 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:53:01 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 490
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGs31zQSL0RFCna%2BsoPon%2Bg%3D
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGs31zQSL0RFCna%2BsoPon%2Bg%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:07:36 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3217
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEAF7KWhM60m3EI1Tk9fdsmI%3D
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEAF7KWhM60m3EI1Tk9fdsmI%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:46:40 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 875
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:13:00 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2888
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC%2BxJ6Dr%2Fai6QonM%2F7HQx1J
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC%2BxJ6Dr%2Fai6QonM%2F7HQx1J HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:28:56 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1936
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC3QjsHQh0OQEJO7ScqSTgQ%3D
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC3QjsHQh0OQEJO7ScqSTgQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:51:55 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 558
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEAF7KWhM60m3EI1Tk9fdsmI%3D
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEAF7KWhM60m3EI1Tk9fdsmI%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:46:40 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 875
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:13:00 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2888
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDBBI61buTJSxBPkvvajAV6
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDBBI61buTJSxBPkvvajAV6 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:53:01 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 490
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC3QjsHQh0OQEJO7ScqSTgQ%3D
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC3QjsHQh0OQEJO7ScqSTgQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:51:55 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 558
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBFwHbrJaxWDCjHK4%2BG0Wcs%3D
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBFwHbrJaxWDCjHK4%2BG0Wcs%3D HTTP/1.1
    Cache-Control: max-age = 14400
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:20:41 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2434
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:13:00 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2890
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC%2BxJ6Dr%2Fai6QonM%2F7HQx1J
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC%2BxJ6Dr%2Fai6QonM%2F7HQx1J HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:28:56 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1936
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBFwHbrJaxWDCjHK4%2BG0Wcs%3D
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBFwHbrJaxWDCjHK4%2BG0Wcs%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:20:41 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2434
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD1kD0PUGhH%2FBI3nnbRqNoX
    IEXPLORE.EXE
    Remote address:
    142.250.27.94:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD1kD0PUGhH%2FBI3nnbRqNoX HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sat, 07 Sep 2024 18:05:26 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3352
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/www-player.css
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/www-player.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=j-Ex3tYTEF8; VISITOR_INFO1_LIVE=YKqXk1-hcWE; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgDA%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 59924
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 07:40:58 GMT
    Expires: Wed, 03 Sep 2025 07:40:58 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/css
    Vary: Accept-Encoding, Origin
    Age: 386411
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=E-tq1tc5_BE; VISITOR_INFO1_LIVE=VEMcM5umcqg; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 117679
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 07:40:58 GMT
    Expires: Wed, 03 Sep 2025 07:40:58 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 386412
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/www-player.css
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/www-player.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=xB_y6bUFrvs; VISITOR_INFO1_LIVE=iQI4qmj_te0; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 59924
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 07:40:58 GMT
    Expires: Wed, 03 Sep 2025 07:40:58 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/css
    Vary: Accept-Encoding, Origin
    Age: 386412
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    POST
    https://www.youtube.com/api/stats/qoe?cpn=ctn1MqEtYazatLm1&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C104308%2C23018%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C12193%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C12725%2C5076%2C22962%2C1059%2C2%2C2126%2C1336%2C4205%2C1823%2C3186%2C2912%2C4794%2C15%2C1020%2C1739%2C328%2C13%2C3827%2C4%2C404%2C648%2C1121%2C603%2C5553%2C5749%2C328%2C1170%2C1453%2C3857%2C74%2C4960%2C3053%2C6064&cl=670364317&seq=1&event=streamingstats&docid=evMR3wn1LGk&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240902.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000&qclc=ChBjdG4xTXFFdFlhemF0TG0xEAE
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    POST /api/stats/qoe?cpn=ctn1MqEtYazatLm1&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C104308%2C23018%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C12193%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C12725%2C5076%2C22962%2C1059%2C2%2C2126%2C1336%2C4205%2C1823%2C3186%2C2912%2C4794%2C15%2C1020%2C1739%2C328%2C13%2C3827%2C4%2C404%2C648%2C1121%2C603%2C5553%2C5749%2C328%2C1170%2C1453%2C3857%2C74%2C4960%2C3053%2C6064&cl=670364317&seq=1&event=streamingstats&docid=evMR3wn1LGk&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240902.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000&qclc=ChBjdG4xTXFFdFlhemF0TG0xEAE HTTP/1.1
    Accept: */*
    X-Goog-Visitor-Id: CgtWRU1jTTV1bWNxZyj0xfK2BjIKCgJHQhIEGgAgOQ%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240902.00.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1725735670665&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C1524%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C590%2C250&vis=1&wgl=true&ca_type=image
    Content-Type: application/x-www-form-urlencoded
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 226
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=xB_y6bUFrvs; VISITOR_INFO1_LIVE=iQI4qmj_te0; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIQ%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Type: text/html; charset=UTF-8
    Date: Sat, 07 Sep 2024 19:01:15 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate
    X-Content-Type-Options: nosniff
    Server: Video Stats Server
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://www.youtube.com/generate_204?-knBKw
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /generate_204?-knBKw HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=xB_y6bUFrvs; VISITOR_INFO1_LIVE=iQI4qmj_te0; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIQ%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Length: 0
    Cross-Origin-Resource-Policy: cross-origin
    Date: Sat, 07 Sep 2024 19:01:16 GMT
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1725735675566
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtzWkpEZmtnVnVGbyj1xfK2BjIKCgJHQhIEGgAgDA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240902.00.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1725735669209&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12394%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 9247
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=xB_y6bUFrvs; VISITOR_INFO1_LIVE=iQI4qmj_te0; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:01:17 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/base.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/player_ias.vflset/en_US/base.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=E-tq1tc5_BE; VISITOR_INFO1_LIVE=VEMcM5umcqg; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Encoding: gzip
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 772448
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 08:06:38 GMT
    Expires: Wed, 03 Sep 2025 08:06:38 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 384872
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=xB_y6bUFrvs; VISITOR_INFO1_LIVE=iQI4qmj_te0; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 23517
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 08:06:37 GMT
    Expires: Wed, 03 Sep 2025 08:06:37 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 384876
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    POST
    https://www.youtube.com/api/stats/qoe?cpn=qBu2ZP7KZA9qaTEH&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C12193%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C17801%2C24021%2C2%2C2126%2C1336%2C4205%2C1823%2C3186%2C2912%2C4794%2C15%2C1020%2C1739%2C328%2C3818%2C22%2C4%2C404%2C649%2C1120%2C7164%2C5069%2C1171%2C5383%2C4960%2C3053&cl=670364317&seq=1&event=streamingstats&docid=QMECDnECjJM&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240902.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000&qclc=ChBxQnUyWlA3S1pBOXFhVEVIEAE
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    POST /api/stats/qoe?cpn=qBu2ZP7KZA9qaTEH&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C12193%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C17801%2C24021%2C2%2C2126%2C1336%2C4205%2C1823%2C3186%2C2912%2C4794%2C15%2C1020%2C1739%2C328%2C3818%2C22%2C4%2C404%2C649%2C1120%2C7164%2C5069%2C1171%2C5383%2C4960%2C3053&cl=670364317&seq=1&event=streamingstats&docid=QMECDnECjJM&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240902.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000&qclc=ChBxQnUyWlA3S1pBOXFhVEVIEAE HTTP/1.1
    Accept: */*
    X-Goog-Visitor-Id: CgtZS3FYazEtaGNXRSj0xfK2BjIKCgJHQhIEGgAgDA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240902.00.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1725735670456&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12594%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Content-Type: application/x-www-form-urlencoded
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 226
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=xB_y6bUFrvs; VISITOR_INFO1_LIVE=iQI4qmj_te0; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIQ%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Type: text/html; charset=UTF-8
    Date: Sat, 07 Sep 2024 19:01:21 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate
    X-Content-Type-Options: nosniff
    Server: Video Stats Server
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1725735681067
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtZS3FYazEtaGNXRSj0xfK2BjIKCgJHQhIEGgAgDA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240902.00.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1725735670456&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12594%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 1973
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=xB_y6bUFrvs; VISITOR_INFO1_LIVE=iQI4qmj_te0; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIQ%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:01:22 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1725735731040
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtzWkpEZmtnVnVGbyj1xfK2BjIKCgJHQhIEGgAgDA%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240902.00.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1725735670964&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12394%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 1248
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:02:12 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/www-player.css
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/www-player.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 59924
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 07:40:58 GMT
    Expires: Wed, 03 Sep 2025 07:40:58 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/css
    Vary: Accept-Encoding, Origin
    Age: 386515
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 23517
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 08:06:37 GMT
    Expires: Wed, 03 Sep 2025 08:06:37 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 384979
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    googleads.g.doubleclick.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    googleads.g.doubleclick.net
    IN A
    Response
    googleads.g.doubleclick.net
    IN A
    142.250.27.155
    googleads.g.doubleclick.net
    IN A
    142.250.27.157
    googleads.g.doubleclick.net
    IN A
    142.250.27.154
    googleads.g.doubleclick.net
    IN A
    142.250.27.156
  • flag-us
    DNS
    static.doubleclick.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    static.doubleclick.net
    IN A
    Response
    static.doubleclick.net
    IN A
    142.250.27.148
    static.doubleclick.net
    IN A
    142.250.27.149
  • flag-us
    DNS
    static.doubleclick.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    static.doubleclick.net
    IN A
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 07 Sep 2024 19:01:12 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 07 Sep 2024 19:01:12 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 07 Sep 2024 19:01:12 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 07 Sep 2024 19:01:12 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 07 Sep 2024 19:01:12 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 07 Sep 2024 19:01:12 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    jnn-pa.googleapis.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    jnn-pa.googleapis.com
    IN A
    Response
    jnn-pa.googleapis.com
    IN A
    142.250.102.95
    jnn-pa.googleapis.com
    IN A
    142.250.27.95
  • flag-nl
    GET
    https://static.doubleclick.net/instream/ad_status.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.148:443
    Request
    GET /instream/ad_status.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-doubleclick-media"
    Report-To: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
    Timing-Allow-Origin: *
    Content-Length: 29
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 07 Sep 2024 18:52:29 GMT
    Expires: Sat, 07 Sep 2024 19:07:29 GMT
    Cache-Control: public, max-age=900
    Age: 524
    Last-Modified: Thu, 12 Dec 2013 23:40:16 GMT
    Content-Type: text/javascript
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.102.95:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:01:14 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.102.95:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 927
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:01:15 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.102.95:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:01:19 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.102.95:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 1336
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:01:20 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.102.95:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:01:15 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.102.95:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 887
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:01:15 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    www.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.google.com
    IN A
    Response
    www.google.com
    IN A
    142.250.27.105
    www.google.com
    IN A
    142.250.27.147
    www.google.com
    IN A
    142.250.27.103
    www.google.com
    IN A
    142.250.27.104
    www.google.com
    IN A
    142.250.27.106
    www.google.com
    IN A
    142.250.27.99
  • flag-us
    DNS
    i.ytimg.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    i.ytimg.com
    IN A
    Response
    i.ytimg.com
    IN A
    142.250.27.119
    i.ytimg.com
    IN A
    142.250.102.119
  • flag-us
    DNS
    yt3.ggpht.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    yt3.ggpht.com
    IN A
    Response
    yt3.ggpht.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    142.250.102.132
  • flag-nl
    GET
    https://www.google.com/js/th/_MtEdLRde-f5_qWpN1PloitzgIfC0LddkeZZHK-tyIk.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.105:443
    Request
    GET /js/th/_MtEdLRde-f5_qWpN1PloitzgIfC0LddkeZZHK-tyIk.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
    Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
    Content-Length: 24686
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Mon, 02 Sep 2024 14:01:30 GMT
    Expires: Tue, 02 Sep 2025 14:01:30 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 26 Aug 2024 15:30:00 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 449985
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://i.ytimg.com/vi/ygK7kej0BPA/sddefault.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.27.119:443
    Request
    GET /vi/ygK7kej0BPA/sddefault.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: i.ytimg.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Timing-Allow-Origin: *
    Content-Length: 35419
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 07 Sep 2024 18:58:17 GMT
    Expires: Sat, 07 Sep 2024 20:58:17 GMT
    Cache-Control: public, max-age=7200
    ETag: "0"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 178
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • flag-gb
    GET
    http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl
    Remote address:
    95.100.245.144:80
    Request
    GET /pkiops/crl/MicCodSigPCA2011_2011-07-08.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Mon, 03 Jun 2024 21:25:24 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: www.microsoft.com
    Response
    HTTP/1.1 200 OK
    Content-Length: 1078
    Content-Type: application/octet-stream
    Content-MD5: cyz+t2uRxNE5eKALjGZu1w==
    Last-Modified: Sun, 18 Aug 2024 00:23:49 GMT
    ETag: 0x8DCBF1C07FCB4BF
    x-ms-request-id: e6150cee-901e-0017-5408-f1fee1000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Date: Sat, 07 Sep 2024 19:01:36 GMT
    Connection: keep-alive
    TLS_version: UNKNOWN
    ms-cv: CASMicrosoftCV55cce3c4.0
    ms-cv-esi: CASMicrosoftCV55cce3c4.0
    X-RTag: RT
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • flag-es
    GET
    https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
    IEXPLORE.EXE
    Remote address:
    157.240.243.2:443
    Request
    GET /rsrc.php/v3/yw/r/UXtr_j2Fwe-.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.xx.fbcdn.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Access-Control-Allow-Origin: *
    Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
    content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
    Expires: Thu, 28 Aug 2025 03:42:23 GMT
    Cache-Control: public,max-age=31536000,immutable
    report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    timing-allow-origin: *
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    X-Content-Type-Options: nosniff
    reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
    origin-agent-cluster: ?1
    X-FB-Debug: xMd6z3Vd6u5BBy8d+nnslVou5DQuEhN1+rBSJNbND5bZFEYP/Kc8lBc+rN0gUo28TxFGAwsEf17c8ogTUs79Hw==
    x-fb-server-load: 57
    Date: Sat, 07 Sep 2024 19:02:18 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=53, rtx=0, c=11, mss=1357, tbw=137, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 573
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/base.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/player_ias.vflset/en_US/base.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Encoding: gzip
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 772448
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 08:06:38 GMT
    Expires: Wed, 03 Sep 2025 08:06:38 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 384976
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/remote.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/player_ias.vflset/en_US/remote.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 39255
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 18:29:50 GMT
    Expires: Wed, 03 Sep 2025 18:29:50 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 347586
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://www.youtube.com/generate_204?b76Y5g
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /generate_204?b76Y5g HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Length: 0
    Cross-Origin-Resource-Policy: cross-origin
    Date: Sat, 07 Sep 2024 19:02:57 GMT
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1725735778985
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtFUnlfQ0dOSlZrOCj1xfK2BjIKCgJHQhIEGgAgNg%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240902.00.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1725735774152&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12794%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 9814
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:03:00 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/base.js
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    GET /s/player/5f8f5b0f/player_ias.vflset/en_US/base.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Encoding: gzip
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 772448
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 03 Sep 2024 08:06:38 GMT
    Expires: Wed, 03 Sep 2025 08:06:38 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 03 Sep 2024 04:14:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 384997
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    POST
    https://www.youtube.com/api/stats/qoe?cpn=3-UxYMuLiDn5KATN&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60172%2C67154%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C12193%2C1103%2C6953%2C10955%2C89%2C501%2C1970%2C7546%2C17801%2C24021%2C2%2C2126%2C1336%2C1518%2C2686%2C1%2C1823%2C3186%2C2912%2C4794%2C14%2C1021%2C1740%2C327%2C13%2C3827%2C4%2C404%2C649%2C1120%2C603%2C2685%2C2816%2C265%2C795%2C5069%2C1170%2C4140%2C1245%2C1180%2C3779%2C3053&cl=670364317&seq=1&event=streamingstats&docid=ywSeSlVcY4w&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240902.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.002:ER&cmt=0.002:0.000,0.002:0.000&error=0.002:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.002:0&bh=0.002:0.000&qclc=ChAzLVV4WU11TGlEbjVLQVROEAE
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    POST /api/stats/qoe?cpn=3-UxYMuLiDn5KATN&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60172%2C67154%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C12193%2C1103%2C6953%2C10955%2C89%2C501%2C1970%2C7546%2C17801%2C24021%2C2%2C2126%2C1336%2C1518%2C2686%2C1%2C1823%2C3186%2C2912%2C4794%2C14%2C1021%2C1740%2C327%2C13%2C3827%2C4%2C404%2C649%2C1120%2C603%2C2685%2C2816%2C265%2C795%2C5069%2C1170%2C4140%2C1245%2C1180%2C3779%2C3053&cl=670364317&seq=1&event=streamingstats&docid=ywSeSlVcY4w&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240902.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.002:ER&cmt=0.002:0.000,0.002:0.000&error=0.002:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.002:0&bh=0.002:0.000&qclc=ChAzLVV4WU11TGlEbjVLQVROEAE HTTP/1.1
    Accept: */*
    X-Goog-Visitor-Id: CgtpUUk0cW1qX3RlMCj1xfK2BjIKCgJHQhIEGgAgIQ%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240902.00.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1725735795061&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12994%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Content-Type: application/x-www-form-urlencoded
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 226
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Type: text/html; charset=UTF-8
    Date: Sat, 07 Sep 2024 19:03:17 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate
    X-Content-Type-Options: nosniff
    Server: Video Stats Server
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1725735797883
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtpUUk0cW1qX3RlMCj1xfK2BjIKCgJHQhIEGgAgIQ%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240902.00.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1725735794948&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12994%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 7460
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:03:20 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    IEXPLORE.EXE
    Remote address:
    142.250.27.190:443
    Request
    POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1725735800959
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtpUUk0cW1qX3RlMCj1xfK2BjIKCgJHQhIEGgAgIQ%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20240902.00.00
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1725735795061&flash=0&frm=2&u_tz&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=8%2C12994%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C280%2C200&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 2797
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=am8Mk-0dqgw; VISITOR_INFO1_LIVE=ERy_CGNJVk8; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgNg%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:03:22 GMT
    Server: scaffolding on HTTPServer2
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 07 Sep 2024 19:02:59 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 07 Sep 2024 19:03:00 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 07 Sep 2024 19:03:14 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 07 Sep 2024 19:03:14 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 07 Sep 2024 19:03:15 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 07 Sep 2024 19:03:16 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 07 Sep 2024 19:03:16 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Sat, 07 Sep 2024 19:03:14 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Sat, 07 Sep 2024 19:03:14 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    142.250.27.155:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
  • flag-nl
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.102.95:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:02:57 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.102.95:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 892
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:02:58 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    142.250.102.95:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:03:19 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    142.250.102.95:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 954
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Sat, 07 Sep 2024 19:03:19 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://i.ytimg.com/vi/gS2GhpTPLvQ/sddefault.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.27.119:443
    Request
    GET /vi/gS2GhpTPLvQ/sddefault.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: i.ytimg.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Timing-Allow-Origin: *
    Content-Length: 36415
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 07 Sep 2024 19:02:57 GMT
    Expires: Sat, 07 Sep 2024 21:02:57 GMT
    Cache-Control: public, max-age=7200
    ETag: "1376813903"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • 142.250.27.95:80
    http://fonts.googleapis.com/css?family=Arial
    http
    IEXPLORE.EXE
    523 B
    1.4kB
    6
    4

    HTTP Request

    GET http://fonts.googleapis.com/css?family=Arial

    HTTP Response

    400
  • 142.250.27.95:80
    fonts.googleapis.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 142.250.27.190:80
    http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    http
    IEXPLORE.EXE
    602 B
    631 B
    7
    5

    HTTP Request

    GET http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque

    HTTP Response

    301
  • 157.240.243.35:80
    http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    http
    IEXPLORE.EXE
    1.2kB
    621 B
    7
    5

    HTTP Request

    GET http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75

    HTTP Response

    301
  • 157.240.243.35:80
    www.facebook.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 142.250.27.190:80
    http://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
    http
    IEXPLORE.EXE
    602 B
    631 B
    7
    5

    HTTP Request

    GET http://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque

    HTTP Response

    301
  • 142.250.27.190:80
    http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
    http
    IEXPLORE.EXE
    602 B
    631 B
    7
    5

    HTTP Request

    GET http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque

    HTTP Response

    301
  • 142.250.27.190:80
    http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
    http
    IEXPLORE.EXE
    556 B
    579 B
    6
    4

    HTTP Request

    GET http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque

    HTTP Response

    301
  • 142.250.27.190:80
    http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
    http
    IEXPLORE.EXE
    602 B
    631 B
    7
    5

    HTTP Request

    GET http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque

    HTTP Response

    301
  • 142.250.27.190:443
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    tls, http
    IEXPLORE.EXE
    16.4kB
    50.3kB
    44
    53

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/remote.js

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200
  • 142.250.27.190:443
    https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
    tls, http
    IEXPLORE.EXE
    3.6kB
    97.3kB
    50
    81

    HTTP Request

    GET https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque

    HTTP Response

    200
  • 142.250.27.190:443
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    tls, http
    IEXPLORE.EXE
    10.2kB
    7.9kB
    37
    32

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
  • 142.250.27.113:80
    www.google-analytics.com
    IEXPLORE.EXE
    290 B
    92 B
    6
    2
  • 142.250.27.113:80
    http://www.google-analytics.com/ga.js
    http
    IEXPLORE.EXE
    864 B
    18.3kB
    13
    16

    HTTP Request

    GET http://www.google-analytics.com/ga.js

    HTTP Response

    200
  • 142.250.27.190:443
    https://www.youtube.com/s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js
    tls, http
    IEXPLORE.EXE
    5.2kB
    177.8kB
    84
    135

    HTTP Request

    GET https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js

    HTTP Response

    200
  • 142.250.27.190:443
    https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js
    tls, http
    IEXPLORE.EXE
    7.9kB
    247.1kB
    115
    189

    HTTP Request

    GET https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js

    HTTP Response

    200
  • 157.240.243.35:443
    https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
    tls, http
    IEXPLORE.EXE
    2.2kB
    25.4kB
    21
    24

    HTTP Request

    GET https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75

    HTTP Response

    200
  • 157.240.243.2:443
    https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/dvL-mSr_f6M.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    5.7kB
    129.2kB
    82
    100

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/dvL-mSr_f6M.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.243.2:443
    https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/yhMLxgtMNUo.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    5.5kB
    85.9kB
    61
    74

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/MEtExguyptz.css?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/yhMLxgtMNUo.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.243.2:443
    https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/o1ndYS2og_B.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    2.6kB
    8.2kB
    14
    13

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/o1ndYS2og_B.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.243.2:443
    https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    3.6kB
    38.2kB
    34
    37

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3issO4/yA/l/en_GB/pLoSlJD7y1F.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/dXk5exdOVhk.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.243.2:443
    https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/Glud--w-qOK.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    2.7kB
    17.8kB
    17
    20

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/Glud--w-qOK.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.243.2:443
    https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/yS/l/en_GB/FsgTKAP125G.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    3.6kB
    35.7kB
    32
    33

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/yS/l/en_GB/FsgTKAP125G.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.243.2:443
    scontent.xx.fbcdn.net
    tls
    IEXPLORE.EXE
    671 B
    420 B
    9
    6
  • 157.240.243.2:443
    https://scontent.xx.fbcdn.net/v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_s50x50&_nc_cat=103&ccb=1-7&_nc_sid=6738e8&_nc_ohc=AzK9QtI-96cQ7kNvgEszH3r&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&_nc_gid=A39VDMeKP91wJ99O8U9YKH3&oh=00_AYBwxUm8scKLZ1lH8qXwi4-UXC6aFUe-WViNu0gWd0JgNQ&oe=66E284D3
    tls, http
    IEXPLORE.EXE
    1.7kB
    6.4kB
    13
    12

    HTTP Request

    GET https://scontent.xx.fbcdn.net/v/t39.30808-1/302682950_408081388117661_761848427710662801_n.jpg?stp=cp0_dst-jpg_s50x50&_nc_cat=103&ccb=1-7&_nc_sid=6738e8&_nc_ohc=AzK9QtI-96cQ7kNvgEszH3r&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&_nc_gid=A39VDMeKP91wJ99O8U9YKH3&oh=00_AYBwxUm8scKLZ1lH8qXwi4-UXC6aFUe-WViNu0gWd0JgNQ&oe=66E284D3

    HTTP Response

    200
  • 157.240.243.2:443
    https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/WvbRbK9sYiL.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    1.4kB
    4.5kB
    12
    11

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/WvbRbK9sYiL.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 157.240.243.2:443
    https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
    tls, http
    IEXPLORE.EXE
    1.3kB
    3.0kB
    11
    10

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

    HTTP Response

    200
  • 142.250.27.94:80
    http://c.pki.goog/wr2/oQ6nyr8F0m0.crl
    http
    IEXPLORE.EXE
    747 B
    14.9kB
    11
    14

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200

    HTTP Request

    GET http://c.pki.goog/wr2/oQ6nyr8F0m0.crl

    HTTP Response

    200
  • 142.250.27.94:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.27.94:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.27.94:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.27.94:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEAF7KWhM60m3EI1Tk9fdsmI%3D
    http
    IEXPLORE.EXE
    2.5kB
    3.2kB
    15
    9

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDBBI61buTJSxBPkvvajAV6

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGs31zQSL0RFCna%2BsoPon%2Bg%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEAF7KWhM60m3EI1Tk9fdsmI%3D

    HTTP Response

    200
  • 142.250.27.94:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEAF7KWhM60m3EI1Tk9fdsmI%3D
    http
    IEXPLORE.EXE
    2.0kB
    3.2kB
    13
    8

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC%2BxJ6Dr%2Fai6QonM%2F7HQx1J

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC3QjsHQh0OQEJO7ScqSTgQ%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEAF7KWhM60m3EI1Tk9fdsmI%3D

    HTTP Response

    200
  • 142.250.27.94:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBFwHbrJaxWDCjHK4%2BG0Wcs%3D
    http
    IEXPLORE.EXE
    2.0kB
    3.2kB
    13
    8

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDBBI61buTJSxBPkvvajAV6

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC3QjsHQh0OQEJO7ScqSTgQ%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBFwHbrJaxWDCjHK4%2BG0Wcs%3D

    HTTP Response

    200
  • 142.250.27.94:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD1kD0PUGhH%2FBI3nnbRqNoX
    http
    IEXPLORE.EXE
    1.8kB
    3.9kB
    13
    7

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEY%2BBbWicZDJCutGRyts3so%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC%2BxJ6Dr%2Fai6QonM%2F7HQx1J

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBFwHbrJaxWDCjHK4%2BG0Wcs%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD1kD0PUGhH%2FBI3nnbRqNoX

    HTTP Response

    200
  • 142.250.27.190:443
    https://www.youtube.com/s/player/5f8f5b0f/www-player.css
    tls, http
    IEXPLORE.EXE
    2.4kB
    70.8kB
    33
    55

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/www-player.css

    HTTP Response

    200
  • 142.250.27.190:443
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    tls, http
    IEXPLORE.EXE
    18.5kB
    197.3kB
    95
    159

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/www-player.css

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/api/stats/qoe?cpn=ctn1MqEtYazatLm1&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C104308%2C23018%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C12193%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C12725%2C5076%2C22962%2C1059%2C2%2C2126%2C1336%2C4205%2C1823%2C3186%2C2912%2C4794%2C15%2C1020%2C1739%2C328%2C13%2C3827%2C4%2C404%2C648%2C1121%2C603%2C5553%2C5749%2C328%2C1170%2C1453%2C3857%2C74%2C4960%2C3053%2C6064&cl=670364317&seq=1&event=streamingstats&docid=evMR3wn1LGk&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240902.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000&qclc=ChBjdG4xTXFFdFlhemF0TG0xEAE

    HTTP Response

    204

    HTTP Request

    GET https://www.youtube.com/generate_204?-knBKw

    HTTP Response

    204

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200
  • 142.250.27.190:443
    https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js
    tls, http
    IEXPLORE.EXE
    31.0kB
    937.6kB
    426
    689

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/base.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/api/stats/qoe?cpn=qBu2ZP7KZA9qaTEH&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C12193%2C1103%2C6953%2C11044%2C501%2C1970%2C7546%2C17801%2C24021%2C2%2C2126%2C1336%2C4205%2C1823%2C3186%2C2912%2C4794%2C15%2C1020%2C1739%2C328%2C3818%2C22%2C4%2C404%2C649%2C1120%2C7164%2C5069%2C1171%2C5383%2C4960%2C3053&cl=670364317&seq=1&event=streamingstats&docid=QMECDnECjJM&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240902.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.001:0&bh=0.001:0.000&qclc=ChBxQnUyWlA3S1pBOXFhVEVIEAE

    HTTP Response

    204

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/www-player.css

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js

    HTTP Response

    200
  • 142.250.27.155:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    1.5kB
    6.7kB
    11
    12

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.27.155:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    1.8kB
    7.2kB
    12
    12

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.27.155:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    1.5kB
    5.8kB
    11
    11

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.27.155:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    878 B
    4.7kB
    10
    9
  • 142.250.27.155:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    982 B
    4.9kB
    11
    11
  • 142.250.27.155:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    994 B
    4.8kB
    10
    9
  • 142.250.27.148:443
    https://static.doubleclick.net/instream/ad_status.js
    tls, http
    IEXPLORE.EXE
    1.1kB
    5.5kB
    10
    9

    HTTP Request

    GET https://static.doubleclick.net/instream/ad_status.js

    HTTP Response

    200
  • 142.250.27.148:443
    static.doubleclick.net
    tls
    IEXPLORE.EXE
    759 B
    4.8kB
    10
    9
  • 142.250.102.95:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    5.2kB
    55.8kB
    33
    48

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 142.250.102.95:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    5.3kB
    67.0kB
    44
    58

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 142.250.102.95:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    3.9kB
    53.4kB
    32
    49

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 142.250.27.105:443
    https://www.google.com/js/th/_MtEdLRde-f5_qWpN1PloitzgIfC0LddkeZZHK-tyIk.js
    tls, http
    IEXPLORE.EXE
    1.6kB
    34.1kB
    20
    29

    HTTP Request

    GET https://www.google.com/js/th/_MtEdLRde-f5_qWpN1PloitzgIfC0LddkeZZHK-tyIk.js

    HTTP Response

    200
  • 142.250.27.105:443
    www.google.com
    tls
    IEXPLORE.EXE
    929 B
    4.4kB
    14
    7
  • 142.250.27.119:443
    i.ytimg.com
    tls
    IEXPLORE.EXE
    772 B
    5.0kB
    10
    9
  • 142.250.27.119:443
    https://i.ytimg.com/vi/ygK7kej0BPA/sddefault.jpg
    tls, http
    IEXPLORE.EXE
    1.9kB
    44.4kB
    25
    37

    HTTP Request

    GET https://i.ytimg.com/vi/ygK7kej0BPA/sddefault.jpg

    HTTP Response

    200
  • 142.250.102.132:443
    yt3.ggpht.com
    tls
    IEXPLORE.EXE
    1.3kB
    11.5kB
    13
    13
  • 142.250.102.132:443
    yt3.ggpht.com
    tls
    IEXPLORE.EXE
    1.1kB
    9.8kB
    15
    14
  • 95.100.245.144:80
    http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl
    http
    393 B
    1.7kB
    4
    4

    HTTP Request

    GET http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl

    HTTP Response

    200
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
    7.9kB
    9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
    7.8kB
    9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
    7.8kB
    9
    12
  • 157.240.243.2:443
    https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
    tls, http
    IEXPLORE.EXE
    1.1kB
    3.0kB
    7
    8

    HTTP Request

    GET https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

    HTTP Response

    200
  • 142.250.27.190:443
    https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
    tls, http
    IEXPLORE.EXE
    91.8kB
    1.7MB
    983
    1237

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/base.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/remote.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/generate_204?b76Y5g

    HTTP Response

    204

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/base.js

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/api/stats/qoe?cpn=3-UxYMuLiDn5KATN&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C60172%2C67154%2C26443548%2C7111%2C24166%2C12177%2C9954%2C1192%2C33462%2C2%2C17768%2C29151%2C12193%2C1103%2C6953%2C10955%2C89%2C501%2C1970%2C7546%2C17801%2C24021%2C2%2C2126%2C1336%2C1518%2C2686%2C1%2C1823%2C3186%2C2912%2C4794%2C14%2C1021%2C1740%2C327%2C13%2C3827%2C4%2C404%2C649%2C1120%2C603%2C2685%2C2816%2C265%2C795%2C5069%2C1170%2C4140%2C1245%2C1180%2C3779%2C3053&cl=670364317&seq=1&event=streamingstats&docid=ywSeSlVcY4w&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240902.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.002:ER&cmt=0.002:0.000,0.002:0.000&error=0.002:auth::0.000:0;a6s.0;r.Video_unavailable&vis=0.002:0&bh=0.002:0.000&qclc=ChAzLVV4WU11TGlEbjVLQVROEAE

    HTTP Response

    204

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

    HTTP Response

    200
  • 142.250.27.155:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    3.7kB
    11.2kB
    18
    17

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.27.155:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    2.2kB
    6.5kB
    14
    11

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
  • 142.250.102.95:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    8.0kB
    101.9kB
    62
    86

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 142.250.27.119:443
    https://i.ytimg.com/vi/gS2GhpTPLvQ/sddefault.jpg
    tls, http
    IEXPLORE.EXE
    2.1kB
    44.6kB
    28
    37

    HTTP Request

    GET https://i.ytimg.com/vi/gS2GhpTPLvQ/sddefault.jpg

    HTTP Response

    200
  • 142.250.27.119:443
    i.ytimg.com
    tls
    IEXPLORE.EXE
    660 B
    4.9kB
    7
    7
  • 142.250.27.155:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    756 B
    4.8kB
    9
    9
  • 142.250.27.155:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    724 B
    4.8kB
    9
    9
  • 142.250.27.155:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    724 B
    4.8kB
    9
    9
  • 8.8.8.8:53
    www.konthaiusa.com
    dns
    IEXPLORE.EXE
    128 B
    137 B
    2
    1

    DNS Request

    www.konthaiusa.com

    DNS Request

    www.konthaiusa.com

  • 8.8.8.8:53
    www.youtube.com
    dns
    IEXPLORE.EXE
    61 B
    223 B
    1
    1

    DNS Request

    www.youtube.com

    DNS Response

    142.250.27.190
    142.250.102.93
    142.250.27.91
    142.250.102.91
    142.250.27.93
    142.250.102.136
    142.250.102.190
    142.250.27.136

  • 8.8.8.8:53
    www.facebook.com
    dns
    IEXPLORE.EXE
    62 B
    107 B
    1
    1

    DNS Request

    www.facebook.com

    DNS Response

    157.240.243.35

  • 8.8.8.8:53
    static.xx.fbcdn.net
    dns
    IEXPLORE.EXE
    65 B
    104 B
    1
    1

    DNS Request

    static.xx.fbcdn.net

    DNS Response

    157.240.243.2

  • 8.8.8.8:53
    scontent.xx.fbcdn.net
    dns
    IEXPLORE.EXE
    67 B
    83 B
    1
    1

    DNS Request

    scontent.xx.fbcdn.net

    DNS Response

    157.240.243.2

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.27.94

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.27.94

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.27.94

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.27.94

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.27.94

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.27.94

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.27.94

  • 8.8.8.8:53
    googleads.g.doubleclick.net
    dns
    IEXPLORE.EXE
    73 B
    137 B
    1
    1

    DNS Request

    googleads.g.doubleclick.net

    DNS Response

    142.250.27.155
    142.250.27.157
    142.250.27.154
    142.250.27.156

  • 8.8.8.8:53
    static.doubleclick.net
    dns
    IEXPLORE.EXE
    136 B
    100 B
    2
    1

    DNS Request

    static.doubleclick.net

    DNS Request

    static.doubleclick.net

    DNS Response

    142.250.27.148
    142.250.27.149

  • 8.8.8.8:53
    jnn-pa.googleapis.com
    dns
    IEXPLORE.EXE
    67 B
    99 B
    1
    1

    DNS Request

    jnn-pa.googleapis.com

    DNS Response

    142.250.102.95
    142.250.27.95

  • 8.8.8.8:53
    www.google.com
    dns
    IEXPLORE.EXE
    60 B
    156 B
    1
    1

    DNS Request

    www.google.com

    DNS Response

    142.250.27.105
    142.250.27.147
    142.250.27.103
    142.250.27.104
    142.250.27.106
    142.250.27.99

  • 8.8.8.8:53
    i.ytimg.com
    dns
    IEXPLORE.EXE
    57 B
    89 B
    1
    1

    DNS Request

    i.ytimg.com

    DNS Response

    142.250.27.119
    142.250.102.119

  • 8.8.8.8:53
    yt3.ggpht.com
    dns
    IEXPLORE.EXE
    59 B
    120 B
    1
    1

    DNS Request

    yt3.ggpht.com

    DNS Response

    142.250.102.132

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    01f23bd962db38ef939178cf799db083

    SHA1

    b82994318e4c04aa6ef8ff5ffc0b15689a1fa352

    SHA256

    d37002e6bb828a050fb36daf011d08987a2f7b223b16607b364a98921908de0b

    SHA512

    b0db8fb296f458fc81ba78b160f84ba16ea32fff00a6738cbe75614102297901122f739a0650383641ea5c3fd4fe0ba7ce80252e424748c1de47c8f7fca14d9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6db60457bedef9cc76244f33897c3c41

    SHA1

    1fa324623b4359e63b09cb905e9d15d9b1c060d7

    SHA256

    44e3e6ab6fd457fc9b1f73b598f4c2f203ba4adad23960e4894fea75126a9c78

    SHA512

    9b08451d9370ffda3175a1faeeea9206636b28cb3652b1e0ceae4254cf5ce1dae9b509d1356350bc19fb6210ac1c683b519a323b079f9e7ab95cd99324435303

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae58ed8215905755a6a54ce1031291d8

    SHA1

    ff2cb986c87f25188c26871bf4091a24a4b661fa

    SHA256

    a5ad1a2280a3c4a46514e99aeeeebdfecd260bbe6ea8effecb20f1566f580652

    SHA512

    5b3d13707b3c01e5121ce5cdc7e306613446ec170b022a16137e7d541f780f5327ccbcc366ed367211fc77afb1fb475404dbb21f0e7b099c8f5ef4d4a8a992c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3bc73fc7204a3de6629cc38a9932e982

    SHA1

    b26d0091081ed19bcf0a23518eff0ad974dd9ed0

    SHA256

    0fcec1435da8ac47d35b92c1aec6b95d4ab465cd4d0419d28a1e9497ce8dde07

    SHA512

    50e61a328501c360dd4c3f9e22b15c85bcbbd615757370630f2edbbbd4b34b71314bb6bac6d9e242c7da78bea97477c9154a63454f289fd3996d3e49f21929ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c922677e1884ad1d9ee269c41bec65d

    SHA1

    73d1f840038240a23a930fd5c368abdccfc8cede

    SHA256

    6254ef8f798e30cf16a97524c8d8dde5ca81fc04aa335737681387b98ca915a3

    SHA512

    413c5fa7f6b6d46846b76e165b9a99cb0dd83573bedbbda8c16a43c50a8f1b9784837e61a10ea678ed35c6af76f2a578b0f5979f0b3ce74a46cd1238ed5792c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7b0e593c4775c56eaf40082be775576

    SHA1

    84763791cfd67b5050fd3395b70bed97a435f279

    SHA256

    8f66107e6260625fecc5536964aa30425733bae57d113fdd61343d9b96235edd

    SHA512

    cd1c1138dc6936a0cc60962c444b6a9e478b095cc3a90ded75e217d95101dc16bd8999232c2104daa3226a603bb71f2c8e7d8c05e76cf958503277cf0dca3e41

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    097921d7328c4127637eda0579a7fc20

    SHA1

    04d8efbf22e5078325733c724cc14abe617e0881

    SHA256

    fdecd220ffd24423c721428485aee9b1752c02dbda8d85e46f8624fdec6733e0

    SHA512

    58bcbf418360a2aec90fafd78ce82e546297eb8fb8928eb086e561ad8c7655838f2c41f9cb1aa957a477bf2c41a7768037218b76b1e7680478a06f8635587221

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8f6f601cf520c7f2e1e2760b949d186

    SHA1

    5b01f38a857a973dd3825ca196add5795cb894f1

    SHA256

    4c369477f57bf8e054bffb21ae3cafa6a87aaf5e538c8609ae6a5991c8ffd29c

    SHA512

    aa38460bc9479129f3601c295012df65cce33e2b91b88cbeca03dc386967225d2bfcaa9bc8a0125079c194962c28623b5d3a5ef47402af738b0409763b8e955c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b4e80b459e14203e4928cb50e6dcd52f

    SHA1

    d936373b92327d76140f9bc220974bb3f288ca46

    SHA256

    2ee14f638c1bc0d04df123e60ed6a8aa796d1eb99f31f763b6f7305b04ede122

    SHA512

    5f7b1b3940800219a51a9164ca9517e3833f3079f078458d49d5c2ef940958ea18bbf2d48fb7deb2f4d2de538fa1d94c969df19ed337469c04bf35fbba82949c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b996f2556335ed34850b1ff3e24790e7

    SHA1

    eb5881a4a72ef9c638a55eb2a29cc262f446efe9

    SHA256

    39fd6899a42d8585cc187aa394cdb0fa7822e3900afae2bfb830bd29ca68ffd9

    SHA512

    533df4950ca32aee8fe72d0edea1b682b138cf95bfcb93ca6fadfbe836bca2f1f5d879633e0cba6d92b46f70204ce71a3ad3e7a51bc3c6fb6276c4f22b95fc62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac41e7de094bf747cccf89767426a8a6

    SHA1

    224d9f1c163a3352aa269146c747f3e2ccc82a80

    SHA256

    52c1045896f341bf82e6db9287c8a8359a5e10458a92de3b117c381c6a6d55eb

    SHA512

    0f6031c8250fccec8df14935477788330891ee4a50b64c06875dd8cf63d8c124799e6f48b0d1766c642d175c346319a13f2945c125b0f0044437d752ab25de76

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    88223cf8a9c720ae4b2b998f0bfe1fd0

    SHA1

    345095c04a41ac20397df24a32bc9139d02e2577

    SHA256

    92f678732ac2cfb42b932f80c6a02db3fe65cf296623627c91372d7bad3e109b

    SHA512

    d7646635ff0e5537eb29ea0c0e714252616eeb1196e6df92b8aa263151040223f370df2f7e36f53402bafafc511f511c80ee1fc889070294d33d7c610c0d6810

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    c4d99203e246c2ee4a54bac4f5847dd7

    SHA1

    67c1505d440200f7130712d6db656a3be8bc121a

    SHA256

    32663f2dc325ad6f8a7d3741340619894781bc58c95bec4d4b54e16fc870ba91

    SHA512

    a0a1f182066d3d27b53f37aa96a9aaab0860cb32e9057a05edd1614796cec9a303c2b26544c989aa21f0b2a15cd7b69b78a0633185d5fa3395d21e6be17f7eb6

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    13KB

    MD5

    95095179819e29a5c8c36fb0da9fae6a

    SHA1

    752e1f96704b2c3806c94a94322934f6b14af37b

    SHA256

    c62239f89c9b3e3fa9808da0c1c09457f508680e3b3558ac2a027c7ae23ed94f

    SHA512

    39ee399a8ee5af5dac78d347f510176f3f3b3cf66846794e00924ef04c3f2b592208f16cd6b4d4152e0132fefe91ea5997445d29be3c900ca1f4eab87342bec0

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    13KB

    MD5

    3cf056af85e10befc8fb7c265b3eb409

    SHA1

    40601ae7b3c8577a336128c73cdb37418a767418

    SHA256

    91189b6f88f9a7b14ad8f85251c926555a46dfeffe94bac6cc2794c085198d20

    SHA512

    2c77347433058ce026d2ac340ca1468881a59a456a60a09600b97eb0d9fb7457b3a664a55766a617e3cb7f1db4fe5b0c02a3999033ae45818596a4f39cee55c7

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    13KB

    MD5

    068bb82e7aa6453e3305512ac5c21c89

    SHA1

    905ffb74bfb9c467d0192967cca86dbca6eabba7

    SHA256

    824ef8fc2e2c83dd544c7ed5bcf11034198702aec947eb80e238b14171f6b672

    SHA512

    9cdfbfbd736d2abaf27eca6080c8809ba4417db9d1d48e8a879797a2922f81bfb6268dd27d4da1e67d123d2207c9e08a649d12ef6834e4642484fe1e5fa91c28

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    990B

    MD5

    f7c2c4b94dc9f9f0fd380bc65cf51f69

    SHA1

    e12f87e23798f3816ba32938622b3673b7139726

    SHA256

    fa7a0f8af1dfd52d5939e31a6bc47fe8e09267b2482e6d7ab1afa0e1b6db218d

    SHA512

    13a24aa73e82c208076b9399552d4023c190c532085287274d5d2f3bd00916b1ba5f002e56eeaafd74d71eeda9a6f3eca88be4d5831761cb8bcde668b09a3cf8

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    990B

    MD5

    71222e2390d311f4f81ad86c3457a1c8

    SHA1

    a2d9a620a02e6efda739161b57ef0fcb2af10f64

    SHA256

    3b0444ea4f93bee79f01c033e01f735780c6b0422c3ed2725422bd2e3ec88c05

    SHA512

    cdd3f3bbeed68147943ab892acc15e0fbd455b3b79a89aada5165ab3bb7b8795bf4a8f155fa2a06ce0e4fd3f6b4bcb3a4de1ad471ee55725778f6406373013b1

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    990B

    MD5

    11dab707b1a5907c5dd7f5ae639b95f3

    SHA1

    fb5675f02944876d47989aa8f8ccd25a4323d52d

    SHA256

    4ecfe2e86fa4e6ccd7858e44a75f1b11b8db76c9c9c5d89349c51c25c93b4531

    SHA512

    9ca4ec6a61d80fd6c097cee7a3b6f4eac3af90fa91d4f0633e4795baf774b21bd966c753d9abef1a46fb0a96c3cf2542b5530c45f5e644d212b7b583fdb8bfe3

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    12KB

    MD5

    6cb755f4e787836e3b2946a3d338ee1d

    SHA1

    e4e8bf1bc1a9922d574d3393a32bf07a75422442

    SHA256

    67c72b978f9c81b99b564a535f0ad960ee5fdae2ce4cf9cf3db900c49fcdf056

    SHA512

    221f298d9aebdb681b206eef99b0f6ae7ef3f3039590f28765acec7eba5314a8555941069a590bec7ed673a7e188df0fba564bf06f301e7a09cf1bf6203cef27

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    990B

    MD5

    0178258b4c0f6e8a83eed6684a09df52

    SHA1

    a148926ca0fd37774d4ecf7a11e1705d3cff11fa

    SHA256

    0a498ba2b4e286b436185e99eebe56fb6801dd1f27115c78743ab07b6af2fa98

    SHA512

    616edd0ae14ea770fd36fb2594430dec6b10fe45c0b2dc0cb1624fc309fd877438d32cc1f8b248e870a28079f130a780cc7299bbb89ea63f6265261c981bf6a3

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    990B

    MD5

    258f0d66e1aba5f83fcc42132a34241f

    SHA1

    0fe1ee0baa8735dc6e5dfb122f7bdccce190f67c

    SHA256

    9b37b4947b91ba9994e95d8c2251b25a001c523db990e89b9509f2864e10badb

    SHA512

    b16d0281c981e38eec3bb8786d3e74b90c7924cf2bbeed26b51d98d4b2bdc5a8b7600850b0c68d08443cc5b91b2a45f11dd855c90eb9ee721faa1e0df721dccc

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    229B

    MD5

    0662460246740a190f7b64bbc66fa008

    SHA1

    5776937b0dc660cc8eab9ed949c95ed0a77ed2c2

    SHA256

    f82a015fdbe32d48529a3dcdff5ef16dce9c7d23f1636411a08499ca94b062d3

    SHA512

    cda06befad09626c46de045887934e813d76b6ca463df8b0c50f1fb863215cb0eeb0d57debabebd8068e7018f720ffb0a1fb37d7324f85f6772ba1be472c9537

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    229B

    MD5

    6308b9d7f6cc4036a50af3e3443ce7b6

    SHA1

    397579f3cb0111bf5158747fd05b8755e2ce60a9

    SHA256

    16b65126d5346a09db4fb39cb0c52c72e0ecfbd6b88d7147fba85640e996ecbd

    SHA512

    147956f78a2867c9ca614d9c6cc89f39438aff3c7e6bd0c7a5179a5c5b3e9270e8905448512b55b5d05431d3aa310732b5bff9e15aa6f989e6a3789a741f0282

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    229B

    MD5

    d837671b74f241a066e496291fb6c591

    SHA1

    ba62be048c9661835b841f2dd9668aecbd5e42ac

    SHA256

    e8601f9a05e94457e57a407636c2eab3c2c3e00b896a6371574e07b18329979a

    SHA512

    85827848792cbf3578df3b6332d9de97e43640015d9ff16a3406cf4a7e1e68da278cd0f7d6ce5487ce0305ccf556901c273a3c3c18951f3702fa8410581dc8bd

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    641B

    MD5

    d0f67d2335d13e25001a05fb0d60d4fb

    SHA1

    425db0e6cb995f7718238770aa17f3452dcb2dc1

    SHA256

    2bb06f69f2a213bf9086b530e39eaa3199e2f725afff678b9c94d2fc552f314e

    SHA512

    c0222906037fe70005967be0eff215f956d02e3ff62da9b453c1c2cacc596dc5f434bb3ac27552859571fac5207c66690fe3bea25e106fdf53a09ad482d300fe

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    15KB

    MD5

    35ba1fc6409b7d57b2de60956cb933d8

    SHA1

    9f922d90c4f8949e034f6263a6428907b27f7eff

    SHA256

    afa959eb31b91cfefe4c7ad54dd99c4d68b89886b738d8399175fc4c8a16a6a1

    SHA512

    e638d1f4e427d81cce276b6119f1103affaffdc11069d03ac2e8413dab680333119fd6d0927a7a34fdd4148b7d5243a1744f2c2be58341502fe87c6d58397e95

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    34KB

    MD5

    44a6ed29fdcc12f82c4dcea1ff6fdb6d

    SHA1

    6d617d2aed4d2caa0301cc1115a9c0cf5ddcc240

    SHA256

    5edfc3add2e10809db4b3fc0a0207f99b1031971197998d79a2478d56d68c6fa

    SHA512

    86f783e1d312815d743dafdae0428fc2886aa7ade0ed9f525e0e3320bd117ff8c6d61639fab571cd9f535a6b6f3bde79287d93d1493644cf2807cd9e367e3eb1

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    28KB

    MD5

    d8fe078e03d33feb948c0154e6a581e2

    SHA1

    c2bc5f7a6f041f0eaffc22e55b1c978db71206c1

    SHA256

    81a78db2e2d419b18a81db481f7bf2c4aa4f72ae0fee98fe88c3d9a8ad005ac8

    SHA512

    54f32c65c8e43c143cb6f6e08a7c2cda6b663d26de1a846d5d2846477ce4e66e48b505d6391e25df0d3271552a1a44be99b27d71023c6fbceff28215beaa5b4c

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    814B

    MD5

    7bbcd1fb1cd5f725a6d6b13ebfb0f9ed

    SHA1

    d42f16f15c9f44aafbca804c196947c8024ef9d8

    SHA256

    fe8f49884457c589703977294afc5bd4997662529c504a0d846110e46e449b0a

    SHA512

    eaffb33c9eb8d91864ba41a180345223875210772ff307bf5b085dc2ab56581fb88537498aca492e9bbce3bb3656514844af936e426bddd4fb1d8d830e0fc480

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    13KB

    MD5

    13b74bc8054ff13bb8e64cd376b532f6

    SHA1

    8f28341b92557022c3a8eea5b940252c836ee2f4

    SHA256

    5d1d1fb0d9bd07c0532fbb02f969f01b1c9062ac9f6c5c9597f7c1980ef55387

    SHA512

    bfb04fd45144c7c4399959f24225bbe1eb89db673dc33158e2f2c314f43ac8496bd902b7b45942275997953bee23d9dd0b468f65ea7916aa8180aac4e512d43a

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3V6GMKJ0\www.youtube[1].xml

    Filesize

    13KB

    MD5

    5d48a3ebc3e7aebd1379a701b4375709

    SHA1

    45138ac210d8d833042ad3f3c8cc51363d045d8b

    SHA256

    4401aaf6f9fc6d373f45470af9731c712051e34c651754bc8fafdd933529cc9a

    SHA512

    5f5d192d73cea79a8f185aa9557ee9e607d8797e862ab6bd8739f97237f282640fdbd6cd5a7c5e3eff3f21e75e2aae077ff1675903d1dc05318016d1dbe860e9

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8B420DKQ\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff

    Filesize

    19KB

    MD5

    de8b7431b74642e830af4d4f4b513ec9

    SHA1

    f549f1fe8a0b86ef3fbdcb8d508440aff84c385c

    SHA256

    3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a

    SHA512

    57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8B420DKQ\KFOmCnqEu92Fr1Mu4mxM[1].woff

    Filesize

    19KB

    MD5

    bafb105baeb22d965c70fe52ba6b49d9

    SHA1

    934014cc9bbe5883542be756b3146c05844b254f

    SHA256

    1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed

    SHA512

    85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8B420DKQ\base[1].js

    Filesize

    2.3MB

    MD5

    17a10142895c6a363ba136ac006a4820

    SHA1

    de51c34792249b9eaa8528607dfbcf8be4c9d420

    SHA256

    8e35664ab4258ee9241565c530d5643ceda21a4d378eea70d3d55e40abeac376

    SHA512

    1670197191c76954dfb19386beea94399dd3cf5cb50a7beb23c0b5ab35aaa33c02d9fcd320b03e6e54578dd921e82ab4d3774a0af3f6cff702e6afbc87cfa270

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8B420DKQ\www-embed-player[1].js

    Filesize

    328KB

    MD5

    f1bba28df89db5ae5aeb200874be7960

    SHA1

    693cb2caa3149a71891a71e8ee4661b7e0b7c953

    SHA256

    5986f6d4c2f53e79f5b0fb625f68dc573370755cfbaafa7426a4378b8f0478b5

    SHA512

    069af34d9649eb5e81bfc66613b761f97b3cdb3e13a79189ee83f0e18ed935b16794a57ec18340b6400c5611f27fe43bc6770411bf62294ff9896d5a99ceb5ee

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8B420DKQ\www-player[1].css

    Filesize

    378KB

    MD5

    b5728d6046b8b1e06fcd4516d9538013

    SHA1

    11c4ba6fabf067699c3466bf7067aa6c26bf8c34

    SHA256

    85b09e486828aaeee2aa44babe113e29db15009297959e9105342a762186646c

    SHA512

    fd6653bf535b651152d353d655bb9cfd4fadf7bd95815eab9314e966306583e0f7f1f3559088c89d24b31a8aaf3a95af74ad1f5e8eb553892fd690ac81e8aff8

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDDDRHWK\ad_status[1].js

    Filesize

    29B

    MD5

    1fa71744db23d0f8df9cce6719defcb7

    SHA1

    e4be9b7136697942a036f97cf26ebaf703ad2067

    SHA256

    eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

    SHA512

    17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDDDRHWK\embed[1].js

    Filesize

    66KB

    MD5

    a58451d3e6fbe9efc9e07683f45e6ddc

    SHA1

    eb8975653e30dd0e72620268780ad0ee8c69fb7f

    SHA256

    ed6638894dea99b332480b83eaa3fe1a4a4cf51d1985cf44ab9baeb28685ef54

    SHA512

    b6a43b84d3efe8b3c84ea6cf529fe995cd20730fecc96516ec416e77f69d1244c38a0ff272bec72bb2e7020125c64f65320ac61065f6e2d5c4d875d5c87df349

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDDDRHWK\remote[1].js

    Filesize

    118KB

    MD5

    1f3261531691ba9e991472f8185af864

    SHA1

    f31c7f6bb080f561e38680d8a394eaf27bc9e3db

    SHA256

    d4d3fe54a276a54efa2148db8fc9985d04e8b2d258bbc6fa4f25977a95f2de0d

    SHA512

    4e8cef53a9d499f91e9004303423d7c91c8c961e6c3dfc75a9ff3b907348d25b536a625d7e9ca7e88a711b98e46f85c57ff2c14acac1cc57e75b707313e537be

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LW44N8OS\_MtEdLRde-f5_qWpN1PloitzgIfC0LddkeZZHK-tyIk[1].js

    Filesize

    54KB

    MD5

    5f22be8264380007ce1ee2b46a0fc3b4

    SHA1

    bff3b56f1c261beb78c691557040c53750821266

    SHA256

    fccb4474b45d7be7f9fea5a93753e5a22b738087c2d0b75d91e6591cafadc889

    SHA512

    c07328c5254351fae5b79ab9c41ebdf01ebd5b219f7a622c5b3b4c6bbcc468c845620e41f97d414595a7ea1d2b4cc144f27ad09b055a7921f1c1107e92497278

  • C:\Users\Admin\AppData\Local\Temp\CabC370.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarC392.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.