r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5985
Expires: Sat, 24 Sep 2022 07:26:42 GMT
Date: Sat, 24 Sep 2022 05:46:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
18.165.201.103200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.103:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 05:05:33 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 ed5bf73eea0876436de4cbcd6f6945e4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: o__MfvQ54wh71vAndfjgQ7qYfZZg4PLmnFr1ZCX2Fx5YDwCRdwv_ow==
Age: 2484
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.39200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.39:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 59970c86d3717db509a968eaad0da4de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 1WAFK5VoLGiPRfi2FSgyTZA5xB2xHCcnZ1r03Dk4XrQ_epQiBAUoTg==
age: 5634
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 05:46:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.103200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.103:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 05:20:46 GMT
Expires: Sat, 24 Sep 2022 05:34:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: ROIJDExs7O5dPbkGv_luOp9kBZBhoLycqGZAgQusIv3FhAoncJ_x3A==
Age: 1571
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1130
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:46:57 GMT
Last-Modified: Sat, 24 Sep 2022 05:28:07 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GfwWQxrsQVyZssAjwJcUoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oGry0heaZVdIBr9izazypnsIHi4=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3076
Expires: Sat, 24 Sep 2022 06:38:15 GMT
Date: Sat, 24 Sep 2022 05:46:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3076
Expires: Sat, 24 Sep 2022 06:38:15 GMT
Date: Sat, 24 Sep 2022 05:46:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3076
Expires: Sat, 24 Sep 2022 06:38:15 GMT
Date: Sat, 24 Sep 2022 05:46:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3076
Expires: Sat, 24 Sep 2022 06:38:15 GMT
Date: Sat, 24 Sep 2022 05:46:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81dd9e4-90be-4864-999a-d4ef740cdc24.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81dd9e4-90be-4864-999a-d4ef740cdc24.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37139ae1fd49662f05b8e3a0925f31b4
d355033b77ce3f76f800f8c90ddd624f1fda9005
0d76bfa4c37391d08e5f354e7a927b9216f06b8d5e90d7a5cfb3e08df00dcf94
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81dd9e4-90be-4864-999a-d4ef740cdc24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8675
x-amzn-requestid: c2c6ccda-cf20-4d53-a4b4-7068fe823495
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tTlGRzoAMFfpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e28e3-1f557a8563267dde615c0610;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:45:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wSQLIWHxcGPx-dNgIo9v9BBNlm6CZZNY228d8gFo6eZ-vNGbCavniA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:32 GMT
age: 28767
etag: "d355033b77ce3f76f800f8c90ddd624f1fda9005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d9363e8-7e74-47d0-b49b-ac648ebf58c9.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d9363e8-7e74-47d0-b49b-ac648ebf58c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d84c4ddafb066f0340a6108644e18e6b
058909341bf245c24fd86fc076acf2a3c246a96c
ca9019fab30635e3548e05e088ff5a5d612ffe7c01f29465c4133710a41c0245
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d9363e8-7e74-47d0-b49b-ac648ebf58c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7829
x-amzn-requestid: 79add9b6-6cde-48a3-9c42-1205931f6114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7t9_FXhoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e29f2-6d0d600139ae5be33989e303;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:49:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: IvhIsub3cPBuVbyQzV1vfgtR71W-m47YCeaeFVduPm-MotECuZhyBg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:08:01 GMT
age: 27538
etag: "058909341bf245c24fd86fc076acf2a3c246a96c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:58:23 GMT
age: 28116
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HfslSWhSAKRjZr-qqajVm6bKf9jGt2pXq8N8GlXgyTwRxWqw0y-CgA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 05:14:28 GMT
age: 1951
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33edd8fdf7032227386d1514f99b2c4a
9fa34e0e3d456ed38d6e94911bf24990ed33ab0c
1d8ebbea41da3fbb5bd6784635f176bce0697a290635808166d269202bd3defa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8557
x-amzn-requestid: 51f41597-b094-47d7-b372-4c4c0236577f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tAXEO3oAMFTWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2868-30ad6e877ee82fcc4d17a7e6;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:43:04 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bdBMNkuaglxOH1MgjC9wBgjWCi-XbYkdmzA22QMnM89SVtY54WeCsw==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:12:49 GMT
age: 27250
etag: "9fa34e0e3d456ed38d6e94911bf24990ed33ab0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N7TwxCLUL8qnvm3YuZ6CGyJquVerc266VvZ1g8j5RxGpQXoUJwhULg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:51:16 GMT
age: 28543
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ytsmx2.com/maid-in-malacanang-2022/
45.134.173.33301 Moved Permanently 0 B URL HTTP/1.1 ytsmx2.com/maid-in-malacanang-2022/
IP 45.134.173.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /maid-in-malacanang-2022/ HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 24 Sep 2022 05:46:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28
Set-Cookie: wordpress_0beeeb76e5334705d1f4e24fb53cd0c8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; HttpOnly
wordpress_0beeeb76e5334705d1f4e24fb53cd0c8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; HttpOnly
wordpress_logged_in_0beeeb76e5334705d1f4e24fb53cd0c8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
X-Pingback: http://ytsmx2.com/xmlrpc.php
Expires: Sat, 24 Sep 2022 06:46:59 GMT
Cache-Control: max-age=3600
Location: https://ytsmx2.com/maid-in-malacanang-2022/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f083e216c5d5ab3addf83b406752e0ff
5f9e9c3f02bb4ab273f0532591658659f604d825
b3a0bedd55ccb08a26a2de707e5f99fa41bef745c4cb0eacee1f19612f9235da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3A0BEDD55CCB08A26A2DE707E5F99FA41BEF745C4CB0EACEE1F19612F9235DA"
Last-Modified: Thu, 22 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Sat, 24 Sep 2022 11:46:54 GMT
Date: Sat, 24 Sep 2022 05:46:59 GMT
Connection: keep-alive
ytsmx2.com/maid-in-malacanang-2022/
45.134.173.33200 OK 40 kB URL HTTP/1.1 ytsmx2.com/maid-in-malacanang-2022/
IP 45.134.173.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51925), with CRLF, LF line terminators
Hash 15c95adae2816f472effc1d18002a2fd
cefc349b5468b16334ea9064209d2d01018daafe
6dd73c134772cbd977543c10b1f45eee72077dfa4ff14295ead959df99038c3f
GET /maid-in-malacanang-2022/ HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 40252
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28
Set-Cookie: wordpress_sec_0beeeb76e5334705d1f4e24fb53cd0c8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; secure; HttpOnly
wordpress_sec_0beeeb76e5334705d1f4e24fb53cd0c8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; secure; HttpOnly
wordpress_logged_in_0beeeb76e5334705d1f4e24fb53cd0c8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
X-Pingback: https://ytsmx2.com/xmlrpc.php
Link: <https://ytsmx2.com/wp-json/>; rel="https://api.w.org/", <https://ytsmx2.com/?p=1428>; rel=shortlink
Content-Encoding: gzip
Cache-Control: max-age=0
Expires: Sat, 24 Sep 2022 05:46:59 GMT
ytsmx2.com/wp-content/themes/movies/assets/css/theme.style.css?ver=1.2.5
45.134.173.33200 OK 27 kB URL HTTP/1.1 ytsmx2.com/wp-content/themes/movies/assets/css/theme.style.css?ver=1.2.5
IP 45.134.173.33:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c8b8642735222ffbee3b2918d5acb44d
1f24e75b370ccfd4a230b6aad45efce159d75069
8114be6d6b043aef983da739504891f1e8aba779326f806d3fae9247184c8d27
GET /wp-content/themes/movies/assets/css/theme.style.css?ver=1.2.5 HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:00 GMT
Content-Type: text/css
Last-Modified: Mon, 18 Apr 2022 07:13:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"625d0fa9-27cd3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116325
date: Sat, 24 Sep 2022 05:47:00 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ytsmx2.com/wp-content/themes/movies/assets/js/jquery.qtip.min.js?ver=1.2.5
45.134.173.33200 OK 16 kB URL HTTP/1.1 ytsmx2.com/wp-content/themes/movies/assets/js/jquery.qtip.min.js?ver=1.2.5
IP 45.134.173.33:0
File type ASCII text, with very long lines (32120), with CRLF line terminators
Hash e712318610d27bdc8c8516f7d04eaea5
163f83bc90b1f1be241ddc86589dc852b42bad71
7e8245cbe9e949e416f5133c6adc0c910c4d35d0f8de342d532d370c985813e5
GET /wp-content/themes/movies/assets/js/jquery.qtip.min.js?ver=1.2.5 HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 18 Apr 2022 07:13:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"625d0fa9-ad0c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3
172.217.21.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3
IP 172.217.21.170:0
File type ASCII text, with very long lines (32180)
Hash f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 15:28:35 GMT
expires: Thu, 21 Sep 2023 15:28:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 224305
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-215301053-14
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-215301053-14
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 5c1e2e041d57d42f2846e68830288e04
9c2326faade11556cbdfe07aef48abe062bc406a
812a3497a0a25eaaa9d3c67b88d1b14a1db3f3de154e3a35377b9b8e5232e1d2
GET /gtag/js?id=UA-215301053-14 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 05:47:00 GMT
expires: Sat, 24 Sep 2022 05:47:00 GMT
cache-control: private, max-age=900
last-modified: Sat, 24 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42182
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ytsmx2.com/wp-content/themes/movies/assets/js/jquery.idTabs.min.js?ver=1.2.5
45.134.173.33200 OK 905 B URL HTTP/1.1 ytsmx2.com/wp-content/themes/movies/assets/js/jquery.idTabs.min.js?ver=1.2.5
IP 45.134.173.33:0
File type ASCII text, with very long lines (1984), with no line terminators
Hash 54d4f7070bcab53e72e0ad25bd954338
5c05ff7dce3b187378861d6c6cbfaef6889d2f32
15d257c0c50190a627a7b226c11fcf6e759cc937b4e37ee2f07ce722259cdcfd
GET /wp-content/themes/movies/assets/js/jquery.idTabs.min.js?ver=1.2.5 HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 18 Apr 2022 07:13:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"625d0fa9-7c0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ytsmx2.com/wp-content/themes/movies/assets/js/theme.script.min.js?ver=1.2.5
45.134.173.33200 OK 1.2 kB URL HTTP/1.1 ytsmx2.com/wp-content/themes/movies/assets/js/theme.script.min.js?ver=1.2.5
IP 45.134.173.33:0
File type ASCII text, with very long lines (598), with CRLF line terminators
Hash 0d92efa2a22efb1a9b2b0dca7d789cd6
3dd5e65537f01c0bc687207f20deb4dfb497effa
2b6233253f9cc2e0492e35739efc8ea97830977b896e7c6daa770cc389aefe49
GET /wp-content/themes/movies/assets/js/theme.script.min.js?ver=1.2.5 HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 18 Apr 2022 07:13:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"625d0fa9-f0f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ytsmx2.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
45.134.173.33200 OK 4.0 kB URL HTTP/1.1 ytsmx2.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 45.134.173.33:0
File type ASCII text, with very long lines (9959)
Hash 6bec1f76b8e1794067a92462be219db2
9b3b02920957594dd64e09fd2cf057413cfd2347
17763f08cd4c81bf9dd2f9d301396df32cede70c9b267a82602af99e342d8680
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 18 Apr 2022 07:13:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"625d0fa8-2748"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ytsmx2.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
45.134.173.33200 OK 34 kB URL HTTP/1.1 ytsmx2.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 45.134.173.33:0
File type ASCII text, with very long lines (31997)
Hash b6f205d21a925ec7d43cd0c9a89e471e
9e9083f718cabd5c3285ce7f45e9a549bfec722a
c01158f9128968b5c30c8da44b7c808231633436a8f5d6e895044e6b5746e3d6
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 18 Apr 2022 07:13:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"625d0fa8-17a6a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ytsmx2.com/wp-content/themes/movies/assets/js/owl.carousel.js?ver=1.2.5
45.134.173.33200 OK 6.5 kB URL HTTP/1.1 ytsmx2.com/wp-content/themes/movies/assets/js/owl.carousel.js?ver=1.2.5
IP 45.134.173.33:0
File type ASCII text, with very long lines (635), with CRLF line terminators
Hash 6793052d66c73bb15901ad3c0caceedc
066084393d3f12fbff4fb92e3c7bce2907ec5b72
acf07bff1bc49caa0924edc6ad05274fa304f9fc2778b6071b4217d9b004cfa1
GET /wp-content/themes/movies/assets/js/owl.carousel.js?ver=1.2.5 HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 18 Apr 2022 07:13:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"625d0fa9-5d80"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ytsmx2.com/wp-content/themes/movies/assets/js/bootstrap.min.js?ver=1.2.5
45.134.173.33200 OK 9.5 kB URL HTTP/1.1 ytsmx2.com/wp-content/themes/movies/assets/js/bootstrap.min.js?ver=1.2.5
IP 45.134.173.33:0
File type ASCII text, with very long lines (32025), with CRLF line terminators
Hash a63f6550e0f149fba3711d9f69bce20e
c06c1e25d6e05375e149116886cc866519208480
9a56a066c92c8584dd67fcbac9c5ee2d993cb1b05c484d94523a03690c49bbc9
GET /wp-content/themes/movies/assets/js/bootstrap.min.js?ver=1.2.5 HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 18 Apr 2022 07:13:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"625d0fa9-8c75"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ytsmx2.com/wp-content/themes/movies/assets/css/theme.main.dark.css?ver=1.2.5
45.134.173.33200 OK 23 kB URL HTTP/1.1 ytsmx2.com/wp-content/themes/movies/assets/css/theme.main.dark.css?ver=1.2.5
IP 45.134.173.33:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1e4f5a9c5bf84feb62f31aac2082c499
ff54708351b69ee8f1f087d7a3c276df7c19e901
d5f6793198f074dfbca72e5f59b3ef788ee33774f47b35c2b32a99fe0232ce7a
GET /wp-content/themes/movies/assets/css/theme.main.dark.css?ver=1.2.5 HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:00 GMT
Content-Type: text/css
Last-Modified: Mon, 18 Apr 2022 07:13:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"625d0fa9-1cae5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ytsmx2.com/wp-includes/js/wp-embed.min.js?ver=4.9.21
45.134.173.33200 OK 739 B URL HTTP/1.1 ytsmx2.com/wp-includes/js/wp-embed.min.js?ver=4.9.21
IP 45.134.173.33:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 6a4207a61d6ddaf4b9c251c17fd4088a
873f882f713e67f38fd6872613e6d2216049e1ca
5abff305c3167c30f15aecb6fe6faf03fb0f45d522ec6628a797a801afc9cd6e
GET /wp-includes/js/wp-embed.min.js?ver=4.9.21 HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 18 Apr 2022 07:13:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"625d0fa8-56f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5747deef2bdbcc1bf3505f300ca9f642
6fc1858730c4510831465b9ea1ccfc32e9652366
945789343559a67d7ce5242d17590eebfce7fe4f6a947a9369e4eeb31da73a89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "945789343559A67D7CE5242D17590EEBFCE7FE4F6A947A9369E4EEB31DA73A89"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15776
Expires: Sat, 24 Sep 2022 10:09:56 GMT
Date: Sat, 24 Sep 2022 05:47:00 GMT
Connection: keep-alive
d1zw85ny9dtn37.cloudfront.net/?ynwzd=958074
108.156.50.109200 OK 116 kB URL HTTP/2 d1zw85ny9dtn37.cloudfront.net/?ynwzd=958074
IP 108.156.50.109:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 116 kB (115585 bytes)
Hash cacfeb53b61769f4b0412598082d8585
126305d20088c51edfbc5628f80bab74ada9591d
59038a33e4d46f8d8291edd66b4412c528830647e7ca2f9bbccb1a041b8b1eae
GET /?ynwzd=958074 HTTP/1.1
Host: d1zw85ny9dtn37.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 115585
date: Sat, 24 Sep 2022 05:47:00 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 ce8f85a4dd9437febbc40094aa7d575a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: We93WzbkdfChALT7NvJUKYhf3k7PLXtJyDoferyTA3cm42LfcsG-mw==
X-Firefox-Spdy: h2
d1zw85ny9dtn37.cloudfront.net/?ynwzd=958078
108.156.50.109200 OK 50 kB URL HTTP/2 d1zw85ny9dtn37.cloudfront.net/?ynwzd=958078
IP 108.156.50.109:0
File type Unicode text, UTF-8 text, with very long lines (15952)
Hash 97759a2b8262c9d8269b1ba726ed1a16
19f291b3b1a287db29c869a6f59d19486aef8051
87d18b1295d98f6984dfe0861d059a8bbf72ecd29aeb9874001cba38422ede8c
GET /?ynwzd=958078 HTTP/1.1
Host: d1zw85ny9dtn37.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 49634
date: Sat, 24 Sep 2022 05:47:00 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 ce8f85a4dd9437febbc40094aa7d575a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: IFGYtNgjn1O2K7WffNUcwdtOdMBKk9Nq-EwgjeNFtNhyGJi83-92sA==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
216.58.211.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
IP 216.58.211.10:0
Hash e27961a5325618a900162842de508a2a
242bab1e2ab3583c32ea61fac883779837d7efd3
88f3b9c132799c596f10bdc82a0e8cccf4ea3c81cbca9119a2fdec94e7e67aec
GET /css?family=Oswald|Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 05:47:00 GMT
date: Sat, 24 Sep 2022 05:47:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
haymishlytta.com/gxF0U5k3jeb6/41729
23.109.87.221200 OK 26 B URL HTTP/1.1 haymishlytta.com/gxF0U5k3jeb6/41729
IP 23.109.87.221:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
Analyzer Verdict Alert quad9 Sinkholed
GET /gxF0U5k3jeb6/41729 HTTP/1.1
Host: haymishlytta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ytsmx2.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
image.tmdb.org/t/p/w185/63N9uy8nd9j7Eog2axPQ8lbr3Wj.jpg
89.187.169.39200 OK 16 kB URL HTTP/2 image.tmdb.org/t/p/w185/63N9uy8nd9j7Eog2axPQ8lbr3Wj.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 18a1cb817d010ee2ebdb75fbb2436160
1cd58913578ff6e573cda88055d9ce717a418ef7
525d2dc530b58aed87136e4a1468da9f3ebd7db23ac88b6c42a285b313afc34c
GET /t/p/w185/63N9uy8nd9j7Eog2axPQ8lbr3Wj.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 15586
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272fae0-3ce2"
last-modified: Wed, 04 May 2022 22:14:56 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 320
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 04:30:33
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 4a555d3a8d30416bacd7e34033fb09b5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/a0qhPkNlxLfsf5B2jFyI1Pp04XV.jpg
89.187.169.39200 OK 10 kB URL HTTP/2 image.tmdb.org/t/p/w185/a0qhPkNlxLfsf5B2jFyI1Pp04XV.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 180a2a5ddab64609753048d25d3ba0d7
363e6b9d35e00c883a4cd83975eb8c0ab00ea475
00ca078ca1bb8409ae4ec9257e7279b5227e39e9f72ee433732b57d94f06e062
GET /t/p/w185/a0qhPkNlxLfsf5B2jFyI1Pp04XV.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 10165
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62731d14-27b5"
last-modified: Thu, 05 May 2022 00:40:52 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 09:15:52
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 68ebeea0ad973009a34d93c2dfb623cd
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/8ukeEdnTaS74CgRiRsV146uZCDA.jpg
89.187.169.39200 OK 12 kB URL HTTP/2 image.tmdb.org/t/p/w185/8ukeEdnTaS74CgRiRsV146uZCDA.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x277, components 3\012- data
Hash 69a590599eb8ac3ba4b8ecf37682a612
766400149f727fbcbc0b170e8d5904f8fcf1fe00
3497bf07639c1483201abc51dee272a1a596c6c97176e9e43fde8168fdc8dece
GET /t/p/w185/8ukeEdnTaS74CgRiRsV146uZCDA.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 11739
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62d263c1-2ddb"
last-modified: Sat, 16 Jul 2022 07:07:45 GMT
cdn-storageserver: DE-168
cdn-requestpullsuccess: True
cdn-fileserver: 376
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 07/16/2022 08:22:07
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: f5cbeb94fd649645ab6834d8411e8014
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/4gyu2DQKeSMAvqckvcQMZs3Ah7O.jpg
89.187.169.39200 OK 8.9 kB URL HTTP/2 image.tmdb.org/t/p/w300/4gyu2DQKeSMAvqckvcQMZs3Ah7O.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x169, components 3\012- data
Hash dc8af142e6576e63c26a65fea6be33a9
27e5691b51db2e7612e144ba26c36acfb249feac
b3c404136f3ac42ef676ce1387e59239965876b1f45bf181c4002de254a9832d
GET /t/p/w300/4gyu2DQKeSMAvqckvcQMZs3Ah7O.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 8944
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62e7e789-22f0"
last-modified: Mon, 01 Aug 2022 14:47:37 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 421
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:54:08
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 197ac9a3221396a848d8c3167d7033c4
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/dhTOda5CLp9tEdDzQZiqBTdv5lR.jpg
89.187.169.39200 OK 9.4 kB URL HTTP/2 image.tmdb.org/t/p/w185/dhTOda5CLp9tEdDzQZiqBTdv5lR.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 16151cb3e078373f4abe193c1720bdf8
4de0223a2ea520786fe62107e5629e0caf71551a
a8b4bc3824447d4ee2e3e4132c83528752b9fafdd33ce22fcefc06171a44f6cb
GET /t/p/w185/dhTOda5CLp9tEdDzQZiqBTdv5lR.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 9389
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272be27-24ad"
last-modified: Wed, 04 May 2022 17:55:51 GMT
cdn-storageserver: DE-51
cdn-requestpullsuccess: True
cdn-fileserver: 330
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 09:44:14
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: bf21249bd510307f2bea7442929b3db7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/9n09IFEj4r2ByBQXOr8FDPvhDI1.jpg
89.187.169.39200 OK 5.6 kB URL HTTP/2 image.tmdb.org/t/p/w300/9n09IFEj4r2ByBQXOr8FDPvhDI1.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x169, components 3\012- data
Hash 178e55f5b42b589ed25c8229b12e0a14
0b7dbbc9e72d1643fd6e5849e4f5f5439780c240
78971414a30187cde077efafaaac448ce7735afb5af56b9b717cded340581f7f
GET /t/p/w300/9n09IFEj4r2ByBQXOr8FDPvhDI1.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 5555
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62d7ce35-15b3"
last-modified: Wed, 20 Jul 2022 09:43:17 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:54:08
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 5005bd83423d468fbc7f2b55aabef952
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/tmIWkYE9h0Ilbbe7xGTHjawa5QQ.jpg
89.187.169.39200 OK 16 kB URL HTTP/2 image.tmdb.org/t/p/w185/tmIWkYE9h0Ilbbe7xGTHjawa5QQ.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 98f08d3324bc4e7c524eb05a3ff86f59
52e7c150670a2920028e7b0da948bd9a390f2ef5
51b4f52e591b9a87e8ebfcafc6310c007582ccf2c2e6d1b2c4705f1211d034ad
GET /t/p/w185/tmIWkYE9h0Ilbbe7xGTHjawa5QQ.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 15973
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bf5e-3e65"
last-modified: Wed, 04 May 2022 18:01:02 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 05:02:43
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: e5dc80aa6fb29d156617d86737e30dc4
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/7IiTTgloJzvGI1TAYymCfbfl3vT.jpg
89.187.169.39200 OK 14 kB URL HTTP/2 image.tmdb.org/t/p/w185/7IiTTgloJzvGI1TAYymCfbfl3vT.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash d76080fab0478ce5030ce1e3b6670e75
1c801af6805496518f142d6cc07fae0ee08418ab
eb001c2706fbf764d2904b94dc93457e8fe35b862f7532d8c6ca2744ba800d4f
GET /t/p/w185/7IiTTgloJzvGI1TAYymCfbfl3vT.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 14172
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bf9a-375c"
last-modified: Wed, 04 May 2022 18:02:02 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 303
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:33:59
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: f929b89548017f351a55b0edce56e4d8
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/y94auaBWq1E7sun3ZpvBmQfGUW.jpg
89.187.169.39200 OK 6.7 kB URL HTTP/2 image.tmdb.org/t/p/w185/y94auaBWq1E7sun3ZpvBmQfGUW.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 51e0365c13d59f0fcba3129738ddc6f7
1ad8247c9119af6884d2135360b1af93adbb0efe
24efc021c47d956270f9228a61446e9c6284a758a41e37c50d3f8c369be2bd26
GET /t/p/w185/y94auaBWq1E7sun3ZpvBmQfGUW.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 6659
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bec6-1a03"
last-modified: Wed, 04 May 2022 17:58:30 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 299
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:33:38
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 6a4eb3da626bf035d35e41a4808b384f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
108.138.212.113200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.138.212.113:0
Hash c8ffd00c7bd05603902dfec53dbe74c6
b7d162ba39348f12c811c33886a40bc665ff550b
cdf189aa0422647b531ab478dc57a19fe0dbfa791e9a65c2b7c93b6742a0a24f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 05:47:01 GMT
Last-Modified: Sat, 24 Sep 2022 04:02:46 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 208aec8d7d6b69028fbed7a7605feea6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: 6LtNqEhgDmn33SDPdXndbWI-Jvw4dlHTg47SXldchlF_6njCC5Ga4Q==
Age: 6255
image.tmdb.org/t/p/w185/cMch3tiexw3FdOEeZxMWVel61Xg.jpg
89.187.169.39200 OK 13 kB URL HTTP/2 image.tmdb.org/t/p/w185/cMch3tiexw3FdOEeZxMWVel61Xg.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 99b4b580eacff51105d61cfafaef355b
546151b19bd0e7844eda690b4bfa8533ab339179
a96037557b4bfddbd2b7bf81e5cd124d60450711eccf99ab9da2c26ce0a46887
GET /t/p/w185/cMch3tiexw3FdOEeZxMWVel61Xg.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 13056
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272be7b-3300"
last-modified: Wed, 04 May 2022 17:57:15 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 172
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:31:20
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: 1cc13b9e032100e7d205fe09c6a7c2d6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/m3vi23Gp5HVUOSyxgcxxCa1oP3M.jpg
89.187.169.39200 OK 8.7 kB URL HTTP/2 image.tmdb.org/t/p/w185/m3vi23Gp5HVUOSyxgcxxCa1oP3M.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 033038526e6c97decbafa09b77a9610e
6a7d6618b1d921d1b8a81e825e4404b2c2611784
36f5e59d96915c9dfc3b4e980318c2a9935253ce3802f074e40d34dc0a216759
GET /t/p/w185/m3vi23Gp5HVUOSyxgcxxCa1oP3M.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 8738
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62e8745a-2222"
last-modified: Tue, 02 Aug 2022 00:48:26 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 412
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 09/07/2022 03:23:37
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: 5a60205f5a4e2f0a462d5848f423d74e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/3eg0kGC2Xh0vhydJHO37Sp4cmMt.jpg
89.187.169.39200 OK 18 kB URL HTTP/2 image.tmdb.org/t/p/w185/3eg0kGC2Xh0vhydJHO37Sp4cmMt.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 64d91a326b1b67f164ac33371d27c2f8
2a9312495057e66cdee8445507e25f9afdc7523c
1b3dbdc062aa527849f1b037ec7228e63391a50f2e802ac928d35ebe492bb3e8
GET /t/p/w185/3eg0kGC2Xh0vhydJHO37Sp4cmMt.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 18498
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62cbe43d-4842"
last-modified: Mon, 11 Jul 2022 08:50:05 GMT
cdn-storageserver: BR-395
cdn-requestpullsuccess: True
cdn-fileserver: 396
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:35:24
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: d6b84ba13acaf7eb50c400e246418085
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/r6Mlnwv0PFL4uWDmyB3XGlHlLJz.jpg
89.187.169.39200 OK 20 kB URL HTTP/2 image.tmdb.org/t/p/w185/r6Mlnwv0PFL4uWDmyB3XGlHlLJz.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x277, components 3\012- data
Hash 66c0928549dbc17c9d1c064e775fcc9a
0163e395a0a80a256c3aff59b87be1bfd71a9e0e
95d3627e58c5bea692926dbeca35f8135069cb3f0176e8c23776030698fdb65a
GET /t/p/w185/r6Mlnwv0PFL4uWDmyB3XGlHlLJz.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 20493
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bfa5-500d"
last-modified: Wed, 04 May 2022 18:02:13 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 133
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 10:08:46
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 4377b77f74f7ee68672526b8d41fc286
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/9Y2i54Etpx7JvCxj6D8P3VAH152.jpg
89.187.169.39200 OK 20 kB URL HTTP/2 image.tmdb.org/t/p/w185/9Y2i54Etpx7JvCxj6D8P3VAH152.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 4f2e36685568e8a8ea049e5fe564e819
dced6ad603cbc6c9499ffef9923d76fae0f49d54
d3c19e85d6457a655d20263e2d5a62d16a7fc927bc80eea68ccbea4dd900444e
GET /t/p/w185/9Y2i54Etpx7JvCxj6D8P3VAH152.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 19881
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bf07-4da9"
last-modified: Wed, 04 May 2022 17:59:35 GMT
cdn-storageserver: DE-51
cdn-requestpullsuccess: True
cdn-fileserver: 269
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 02:44:18
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: 21a3e25765bc67fb90e841c0f97609de
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/3Imx53XV3T02ADlMxYazYXVNysZ.jpg
89.187.169.39200 OK 23 kB URL HTTP/2 image.tmdb.org/t/p/w185/3Imx53XV3T02ADlMxYazYXVNysZ.jpg
IP 89.187.169.39:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 6987d4f7f6ac2c6125b802d1b80d5f7a
c9fe91565355719b770afcf428feaf9d7686b36a
a30b8ca1399cd4deeb4882ab6da3e57298c22dd90eca9152a3d728cee5b31f39
GET /t/p/w185/3Imx53XV3T02ADlMxYazYXVNysZ.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/jpeg
content-length: 22940
server: BunnyCDN-DE-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62730ef3-599c"
last-modified: Wed, 04 May 2022 23:40:35 GMT
cdn-storageserver: DE-168
cdn-requestpullsuccess: True
cdn-fileserver: 313
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/21/2022 09:17:38
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 76086f3567d33e764161a1a4c1f14b2e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.emojidex.com/emoji/seal/YouTube.png
216.137.44.50200 OK 6.2 kB URL HTTP/2 cdn.emojidex.com/emoji/seal/YouTube.png
IP 216.137.44.50:0
File type PNG image data, 320 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash 087b4dc55ac459f86e6d11d402095394
b2faa7c83a7761e0a4dbd5214e136288547fec77
d545e960c7c7f04de73ced9b6aca9347bc735b1d7bb082cedaa14c89e7548b54
GET /emoji/seal/YouTube.png HTTP/1.1
Host: cdn.emojidex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 6220
last-modified: Sun, 10 Dec 2017 17:31:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 01:34:33 GMT
etag: "087b4dc55ac459f86e6d11d402095394"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 de0dad50586f94423362513b4f1660b2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: vi6OKS9c3W1IAebdB6AWuQk6-92HhKEFfgb-u77qwmPhcBHz7e-PxA==
age: 15161
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
104.17.25.14200 OK 57 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ytsmx2.com
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 56780
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-ddcc"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2711743
expires: Thu, 14 Sep 2023 05:47:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJOaXJuqODC5MBbUt3WZD7wgid4R0DH2PF5zXrENcv2HgDiUvIXZ183Hm3Z5TlNWGbFEVRdo7BUGT4xnaJOnOxMh8LyLKVsqHnjKthlgiIItokAJDJm10L0rjHGDUYZ9RMjFAnGP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f93914698fb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
polerenewget.buzz/TlZDeTJhaSAKDx0sGSlQGQB2O1wUNxsxBgkzcglgKwcBQWUIE2UNWyprekwLfGB6X0InMn5IFD0iIg1HPWtyX1sgMCxEFDhrclcBenhxQRx/cDZEA2giMxhVc2dlCUY6On5IBHhlekAKemRzSQV3
172.67.185.236204 No Content 0 B URL HTTP/2 polerenewget.buzz/TlZDeTJhaSAKDx0sGSlQGQB2O1wUNxsxBgkzcglgKwcBQWUIE2UNWyprekwLfGB6X0InMn5IFD0iIg1HPWtyX1sgMCxEFDhrclcBenhxQRx/cDZEA2giMxhVc2dlCUY6On5IBHhlekAKemRzSQV3
IP 172.67.185.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /TlZDeTJhaSAKDx0sGSlQGQB2O1wUNxsxBgkzcglgKwcBQWUIE2UNWyprekwLfGB6X0InMn5IFD0iIg1HPWtyX1sgMCxEFDhrclcBenhxQRx/cDZEA2giMxhVc2dlCUY6On5IBHhlekAKemRzSQV3 HTTP/1.1
Host: polerenewget.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 24 Sep 2022 05:47:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqcfcgrr02J5KPXeapSVkc%2BxtmE1IxzC0F8jo5TRCBcs2tSm5F%2B4reb%2F%2FpD5uowFaWnLNlSaYVMihAfnjbEpxhY2k8UWfkFs7yXLmyL7ykyyvXnQS17vFnHxftH4G334wo4R4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f93913dc84b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
polerenewget.buzz/Q2d4b0dsWBscehozPlwdFjEiLAInNB45JAAzST09FjYiJxIbMl4bLidaQVp/c1BMSTcqA0VeYTATGRsyMFpJSS4tARdSYTVaSUF0d0lKV2lyQQ1SdmUTCA4gflZeHzM3C0VecXVUQVZ/d1VIX3Bx
172.67.185.236204 No Content 0 B URL HTTP/2 polerenewget.buzz/Q2d4b0dsWBscehozPlwdFjEiLAInNB45JAAzST09FjYiJxIbMl4bLidaQVp/c1BMSTcqA0VeYTATGRsyMFpJSS4tARdSYTVaSUF0d0lKV2lyQQ1SdmUTCA4gflZeHzM3C0VecXVUQVZ/d1VIX3Bx
IP 172.67.185.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Q2d4b0dsWBscehozPlwdFjEiLAInNB45JAAzST09FjYiJxIbMl4bLidaQVp/c1BMSTcqA0VeYTATGRsyMFpJSS4tARdSYTVaSUF0d0lKV2lyQQ1SdmUTCA4gflZeHzM3C0VecXVUQVZ/d1VIX3Bx HTTP/1.1
Host: polerenewget.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 24 Sep 2022 05:47:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dE9QJYkM6c3pCfFQWNaYT3%2FvWHduZANLjwBZWO6V8qfctCxUtaJ1KqzgiLKAKY08r0LODWeMMnd%2F7y3YMBhYcGVuM3kgRdIW6PfdofBM1ela7LAKTtBJBsSowQxjZZnf1U2WA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f93913dc82b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
polerenewget.buzz/NHR5M3MbSxpATlUeHWQhcjYadx4BTCBlHHsuF2EbYQNMWRVjOV9HGlBJQAZLBENBFQNdEEQAQRIHDVIHQQdEAUMEQ19aHVIbRAFVQklJHUsaTVcCVUFJSBUHRBUeDkISBA1HHwlFTwVADU1BB0EEREwL
172.67.185.236204 No Content 0 B URL HTTP/2 polerenewget.buzz/NHR5M3MbSxpATlUeHWQhcjYadx4BTCBlHHsuF2EbYQNMWRVjOV9HGlBJQAZLBENBFQNdEEQAQRIHDVIHQQdEAUMEQ19aHVIbRAFVQklJHUsaTVcCVUFJSBUHRBUeDkISBA1HHwlFTwVADU1BB0EEREwL
IP 172.67.185.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NHR5M3MbSxpATlUeHWQhcjYadx4BTCBlHHsuF2EbYQNMWRVjOV9HGlBJQAZLBENBFQNdEEQAQRIHDVIHQQdEAUMEQ19aHVIbRAFVQklJHUsaTVcCVUFJSBUHRBUeDkISBA1HHwlFTwVADU1BB0EEREwL HTTP/1.1
Host: polerenewget.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 24 Sep 2022 05:47:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pv5rAm9Eb2DL2iqeQRGA%2FhGjKO6%2FkiQ1XVaJ2We61JVH%2FlAT0II9LE%2BOFSwiuhhalM6zhoXu1sUVUMYMMHo9gqzBhdbfLEDvUcYFusW%2Bq9nQE2wPDS8Cze6XQ50l0rNQbz27Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f93913ec90b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
polerenewget.buzz/TjZRbUdhCTIeehxzPVkkCQcoDgIMfwklFTllFC8kKG4TIxQYAncZLioLaFh/fgFpSzcnUmxedWhFJQwzO0VsXGEnWDcCemhAbF1pdhhoQ3ZoQ2xcYTpGMAp6fxAhGTMiC2BbcX0PaFVzfAZhWHM
172.67.185.236204 No Content 0 B URL HTTP/2 polerenewget.buzz/TjZRbUdhCTIeehxzPVkkCQcoDgIMfwklFTllFC8kKG4TIxQYAncZLioLaFh/fgFpSzcnUmxedWhFJQwzO0VsXGEnWDcCemhAbF1pdhhoQ3ZoQ2xcYTpGMAp6fxAhGTMiC2BbcX0PaFVzfAZhWHM
IP 172.67.185.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /TjZRbUdhCTIeehxzPVkkCQcoDgIMfwklFTllFC8kKG4TIxQYAncZLioLaFh/fgFpSzcnUmxedWhFJQwzO0VsXGEnWDcCemhAbF1pdhhoQ3ZoQ2xcYTpGMAp6fxAhGTMiC2BbcX0PaFVzfAZhWHM HTTP/1.1
Host: polerenewget.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 24 Sep 2022 05:47:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abSPCfFssL5yyPW%2F5mZH%2BMSeX2D17hqRaMQ7QMkagZh%2BRwAg5s1r7hS8ZaWyGiWeUNFBRL4cU%2FtFO0aiif04doYnsmZH5oi9%2Fv%2FUebyCApgZFFU5mrgdtCI4Vy3wSktzHsyOZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f93913dc80b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
polerenewget.buzz/RENhQllrfAIxZCdxDQs4AAUlGhF1ESMHLRUlUCUeFgUROgEjGkc2MCB+WHdhdHRUZCktJ1xzYWIwFSMtMTBcc38tLQctZGI1XHN3dG1QbGpiNlxzfzAzACVkdWURNi0oflB0b3d6WHptdnNRem0
172.67.185.236204 No Content 0 B URL HTTP/2 polerenewget.buzz/RENhQllrfAIxZCdxDQs4AAUlGhF1ESMHLRUlUCUeFgUROgEjGkc2MCB+WHdhdHRUZCktJ1xzYWIwFSMtMTBcc38tLQctZGI1XHN3dG1QbGpiNlxzfzAzACVkdWURNi0oflB0b3d6WHptdnNRem0
IP 172.67.185.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RENhQllrfAIxZCdxDQs4AAUlGhF1ESMHLRUlUCUeFgUROgEjGkc2MCB+WHdhdHRUZCktJ1xzYWIwFSMtMTBcc38tLQctZGI1XHN3dG1QbGpiNlxzfzAzACVkdWURNi0oflB0b3d6WHptdnNRem0 HTTP/1.1
Host: polerenewget.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 24 Sep 2022 05:47:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6xJCoEsHhUUBdNiYyywXD%2Bv7KrVygaKgKqP2ASndhzuDy5fOqYSnHTy1pc0xmBP5%2BOKp7Mu48bF8mscVumd2%2BbS9YILVPATBSMcsJW4T8GQNQ21C36TbfVkMwU5vb0%2FsX%2B5NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f93913ec94b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ytsmx2.com/wp-content/themes/movies/assets/css/img/mask-title.png
45.134.173.33200 OK 972 B URL HTTP/1.1 ytsmx2.com/wp-content/themes/movies/assets/css/img/mask-title.png
IP 45.134.173.33:0
File type PNG image data, 1 x 151, 8-bit/color RGBA, non-interlaced\012- data
Hash b96969041dd54e00a956cb540b536d22
e8a7c7914cfa11237a8b9b3ec2a33199841e7134
8760363f47c1b5e34f6ad0df1eb905162d0076e4a8d9f834aa951070cd963efc
GET /wp-content/themes/movies/assets/css/img/mask-title.png HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/wp-content/themes/movies/assets/css/theme.main.dark.css?ver=1.2.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:01 GMT
Content-Type: image/png
Content-Length: 972
Last-Modified: Mon, 18 Apr 2022 07:13:45 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "625d0fa9-3cc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.w.org/images/core/emoji/13.0.1/svg/1f4e5.svg
192.0.77.48200 OK 2.9 kB URL HTTP/2 s.w.org/images/core/emoji/13.0.1/svg/1f4e5.svg
IP 192.0.77.48:0
Hash 76a5973b0a2374b077b37185216ea5c9
2d6900cdb099865be22a75c860891a1867f4ad4f
f5a7ec82b5e8ad3eac6bf80581aadc4a694af97214b03ea2416fdfcc25abd1bb
GET /images/core/emoji/13.0.1/svg/1f4e5.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 20 Oct 2020 16:13:31 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ytsmx2.com/wp-content/themes/movies/assets/css/img/btn-overlay.png
45.134.173.33200 OK 3.2 kB URL HTTP/1.1 ytsmx2.com/wp-content/themes/movies/assets/css/img/btn-overlay.png
IP 45.134.173.33:0
File type PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash b8c903eabfdf4d171bc0289a5b2fb480
5883e041dbc6f43069c6bd5297b148f01532516f
b54471d8052e1da42479a4a771fd83ee7231b2c2a9b57a49751cf03c703517b6
GET /wp-content/themes/movies/assets/css/img/btn-overlay.png HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/wp-content/themes/movies/assets/css/theme.main.dark.css?ver=1.2.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:01 GMT
Content-Type: image/png
Content-Length: 3191
Last-Modified: Mon, 18 Apr 2022 07:13:45 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "625d0fa9-c77"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ytsmx2.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 133603
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/abfb84fe/www-player.css
142.250.74.174200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/abfb84fe/www-player.css
IP 142.250.74.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ecb64b067159be151c0c39f352469f8e
4b21a75947495235f6a389dabaec2db5eef0f1be
a5f047981dbccc524d124a02def835945ef10deaa34f47b49f906d3f9dadebbe
GET /s/player/abfb84fe/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/cWeVNyEcQSM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49730
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 14:48:18 GMT
expires: Fri, 22 Sep 2023 14:48:18 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
content-type: text/css
age: 140323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js
142.250.74.174200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (570)
Hash faf7cb6fdef7f573ad65139bd560afed
e01ff9c1ab3e3a94d92db4c8580b18558256c5ba
e0912caa0cba25c0e92c231d528c723f7bf7d7479c53a8505858c79284013e9e
GET /s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/cWeVNyEcQSM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97978
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 14:48:18 GMT
expires: Fri, 22 Sep 2023 14:48:18 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
content-type: text/javascript
age: 140323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.174200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/abfb84fe/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.174:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/abfb84fe/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/cWeVNyEcQSM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 14:48:18 GMT
expires: Fri, 22 Sep 2023 14:48:18 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
content-type: text/javascript
age: 140323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 340026679e26df7932a1effb5cccae93
54f0f3f5537bf6689e7419541e13ea0cbf528553
3b519c850c1994fdf8d8ab7758cb17d66bb3f5af5877fa1afe61684a6fbf9892
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 05:33:04 GMT
expires: Sat, 24 Sep 2022 05:48:04 GMT
cache-control: public, max-age=900
age: 837
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 24 Sep 2022 05:47:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id?slf_rd=1
172.217.21.162200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 172.217.21.162:0
Hash 294a6e4fbb19dd9bbb386e4672edfbb7
20035399c84fdc34abd42274eb07ba8fc0f4f334
7aab1820864387d8507130cf9d9c0eb9d4b2d8f3e3b355a7c441432bf33d7ef0
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Sat, 24 Sep 2022 05:47:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 24 Sep 2022 05:47:01 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 340026679e26df7932a1effb5cccae93
54f0f3f5537bf6689e7419541e13ea0cbf528553
3b519c850c1994fdf8d8ab7758cb17d66bb3f5af5877fa1afe61684a6fbf9892
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 34b4185e3c9a417c1d5d24dddd29f034
7b451f3c199f66627a46d5ac918856255cec0603
fb2de7731f95bdb438eb610680ccf8270be4dc6be712a6dc55aa02d199b44e95
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 24 Sep 2022 05:47:01 GMT
server: ESF
cache-control: private
content-length: 30622
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4de431d1f0b2fb15b71b607b17be7d3d
60f7beb2f1cf28d72cb159ca92a20cfb9105b493
a19c5c057f664ba912b3b7d03f9491cc81336b9e836158b795fd18a1ff1a654f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/A6NiJ4FpWdYb46YkL14Gb7YSsd_Y0OEDYbyMmxwlYE4.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/A6NiJ4FpWdYb46YkL14Gb7YSsd_Y0OEDYbyMmxwlYE4.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35850)
Hash ab3afaf484158fc93e1da1783747090e
1c5ac7d7c955316b8c99ea19edc4882127b129dd
eb40329e86cf9089c8cb6eacf3b144938a316300a0a559c6c599f22ca4f12b07
GET /js/th/A6NiJ4FpWdYb46YkL14Gb7YSsd_Y0OEDYbyMmxwlYE4.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14106
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 15:47:54 GMT
expires: Thu, 21 Sep 2023 15:47:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
age: 223147
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 24 Sep 2022 05:47:02 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
172.217.21.170200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0881002eb7ca5cb4a0bf5c4d7bad60bf
35c01b18a0b3f2176a4161202ac1f09849bc070d
5da6c574afb4cae0ad56cd3865720bf30f890422355f297bd3666a55324e170a
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 939
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 24 Sep 2022 05:47:02 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=41208
date: Sat, 24 Sep 2022 05:47:02 GMT
X-Firefox-Spdy: h2
ytsmx2.com/wp-content/themes/movies/js/live.search.js?ver=DOO_VERSION
45.134.173.33404 Not Found 33 kB URL HTTP/1.1 ytsmx2.com/wp-content/themes/movies/js/live.search.js?ver=DOO_VERSION
IP 45.134.173.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (54764), with CRLF, LF line terminators
Hash d21f316a5b37dd14b86f4235f80386bd
5ce1faf8474a66be8d5f7adedb7b65c196b92709
6595b4dee9d6cdd08808a4dc11782ddbab38e43e9153298e14508754e757cb29
GET /wp-content/themes/movies/js/live.search.js?ver=DOO_VERSION HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 24 Sep 2022 05:47:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 33090
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28
Set-Cookie: wordpress_sec_0beeeb76e5334705d1f4e24fb53cd0c8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; secure; HttpOnly
wordpress_sec_0beeeb76e5334705d1f4e24fb53cd0c8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; secure; HttpOnly
wordpress_logged_in_0beeeb76e5334705d1f4e24fb53cd0c8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://ytsmx2.com/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 593149bcd358a589b546299ed1238523
49b041b55bc05ed34e1128fcd53a7a1f4b347f4d
8c14a724632e43a28d5943033566cf51c633ecda36a60a18d61c3afba828230c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3093
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:02 GMT
Last-Modified: Sat, 24 Sep 2022 04:55:29 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ytsmx2.com/wp-content/uploads/2020/05/apple-touch-icon-180x180.png
45.134.173.33200 OK 7.0 kB URL HTTP/1.1 ytsmx2.com/wp-content/uploads/2020/05/apple-touch-icon-180x180.png
IP 45.134.173.33:0
File type PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced\012- data
Hash f87afcf11d459620ff02da6112365db2
d09e6d4e7db706569474bfb7ec93f31ccbd6ed69
a70913fad67537f16d871e4c456c8f4484106f6d4ef3e12fa3c3b2eceefee508
GET /wp-content/uploads/2020/05/apple-touch-icon-180x180.png HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:02 GMT
Content-Type: image/png
Content-Length: 6973
Last-Modified: Mon, 18 Apr 2022 07:13:45 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "625d0fa9-1b3d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ytsmx2.com/wp-content/uploads/2020/05/favicon-16x16.png
45.134.173.33200 OK 619 B URL HTTP/1.1 ytsmx2.com/wp-content/uploads/2020/05/favicon-16x16.png
IP 45.134.173.33:0
File type PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Hash ea830fdd4f9a6d19aa7455dabdac987a
b0d567d6b4d40959e1bd44032f6bc2331057b319
71148160c085a70d1af7708c1d52cfcf39f8ef6e4ce13f0f20c080b2e19195db
GET /wp-content/uploads/2020/05/favicon-16x16.png HTTP/1.1
Host: ytsmx2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/maid-in-malacanang-2022/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 05:47:02 GMT
Content-Type: image/png
Content-Length: 619
Last-Modified: Mon, 18 Apr 2022 07:13:45 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "625d0fa9-26b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 80851fd884c594e28cadb62d34618620
36f96b55071e7bcb7e1fbd14d9e5a2f17bd46c6e
5b4ae4285258b05163376aa7b87ba628f68639b397b30765c3967a0067c66ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 24 Sep 2022 05:47:02 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-/_ate.track.config_resp
23.38.200.123200 OK 47 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 24c668b115f75423506f2ea21d1b49c2
14f956ddb2d9e8b072cd5f605c3f39526490b391
b542daef470a9730029174f975ce3ce236b3e58bf9183b11956acce994b13a16
GET /live/boost/ra-/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 47
cache-control: public, max-age=20, s-maxage=86400
date: Sat, 24 Sep 2022 05:47:02 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f36b0758555cb1293271b2affda4d24
6022dbed3f280ac0d110d72e11de68b69cbeb247
f72893ff5f621761907d2cb09273db978a2719ad4f7cc6283cbf79cc5fb31b35
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F72893FF5F621761907D2CB09273DB978A2719AD4F7CC6283CBF79CC5FB31B35"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10323
Expires: Sat, 24 Sep 2022 08:39:05 GMT
Date: Sat, 24 Sep 2022 05:47:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f36b0758555cb1293271b2affda4d24
6022dbed3f280ac0d110d72e11de68b69cbeb247
f72893ff5f621761907d2cb09273db978a2719ad4f7cc6283cbf79cc5fb31b35
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F72893FF5F621761907D2CB09273DB978A2719AD4F7CC6283CBF79CC5FB31B35"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10323
Expires: Sat, 24 Sep 2022 08:39:05 GMT
Date: Sat, 24 Sep 2022 05:47:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f36b0758555cb1293271b2affda4d24
6022dbed3f280ac0d110d72e11de68b69cbeb247
f72893ff5f621761907d2cb09273db978a2719ad4f7cc6283cbf79cc5fb31b35
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F72893FF5F621761907D2CB09273DB978A2719AD4F7CC6283CBF79CC5FB31B35"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10323
Expires: Sat, 24 Sep 2022 08:39:05 GMT
Date: Sat, 24 Sep 2022 05:47:02 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 80851fd884c594e28cadb62d34618620
36f96b55071e7bcb7e1fbd14d9e5a2f17bd46c6e
5b4ae4285258b05163376aa7b87ba628f68639b397b30765c3967a0067c66ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f36b0758555cb1293271b2affda4d24
6022dbed3f280ac0d110d72e11de68b69cbeb247
f72893ff5f621761907d2cb09273db978a2719ad4f7cc6283cbf79cc5fb31b35
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F72893FF5F621761907D2CB09273DB978A2719AD4F7CC6283CBF79CC5FB31B35"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10323
Expires: Sat, 24 Sep 2022 08:39:05 GMT
Date: Sat, 24 Sep 2022 05:47:02 GMT
Connection: keep-alive
d1zw85ny9dtn37.cloudfront.net/?ynwzd=958072
108.156.50.109200 OK 68 kB URL HTTP/2 d1zw85ny9dtn37.cloudfront.net/?ynwzd=958072
IP 108.156.50.109:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash 66288a2315302693606219b9fc4306ee
3af9c415aba8142dc58b91b14de4466ab205531c
93cdab47d116c7ec4c63d49b9e42e4ebfc192988d9f29c4cf38ecd6d7ff863de
GET /?ynwzd=958072 HTTP/1.1
Host: d1zw85ny9dtn37.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytsmx2.com/
Origin: https://ytsmx2.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 68412
date: Sat, 24 Sep 2022 05:47:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ytsmx2.com
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 ce8f85a4dd9437febbc40094aa7d575a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: 7j2zSo2gKkvLyzsbZddrc7GS2HeBQFftddmzYDcRj1sYiqCst4CQ_w==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash 5f42083be09dc0def79e68f0d84d472f
0f9a27127ad5a1ac79bba714e1119f58bb10f851
ec07126f104044a085df253c92216e88c60a83accff1be3546ac1929ba851041
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 24 Sep 2022 05:47:02 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S671534676%3A1663998422627492&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWog7qsu1ZHUD-QbJ6RYhGAnog_9CTicxHvxLg6yrmbTzawbQZW2YrjHs_n05QZ-1rMZ_y0lNw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-1f1GFTtZ0VnyN85FU28X6Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:yrvgS1HdAIAdnPUxIaG03RshXo3BHA:FCCO6EuqB4WuaNh8;Path=/;Expires=Mon, 23-Sep-2024 05:47:02 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 28decadcb8dd332e183eb62d7b58eb22
ba2fe6bfdfd3f3fab1e74aa1e33544e233d3cc2e
b265569b3ca012287c2ca9cc01cb9fca3e2a3125c06b45a0b7f049b9f1e4d5a8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B265569B3CA012287C2CA9CC01CB9FCA3E2A3125C06B45A0B7F049B9F1E4D5A8"
Last-Modified: Thu, 22 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9753
Expires: Sat, 24 Sep 2022 08:29:35 GMT
Date: Sat, 24 Sep 2022 05:47:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 28decadcb8dd332e183eb62d7b58eb22
ba2fe6bfdfd3f3fab1e74aa1e33544e233d3cc2e
b265569b3ca012287c2ca9cc01cb9fca3e2a3125c06b45a0b7f049b9f1e4d5a8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B265569B3CA012287C2CA9CC01CB9FCA3E2A3125C06B45A0B7F049B9F1E4D5A8"
Last-Modified: Thu, 22 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9753
Expires: Sat, 24 Sep 2022 08:29:35 GMT
Date: Sat, 24 Sep 2022 05:47:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 28decadcb8dd332e183eb62d7b58eb22
ba2fe6bfdfd3f3fab1e74aa1e33544e233d3cc2e
b265569b3ca012287c2ca9cc01cb9fca3e2a3125c06b45a0b7f049b9f1e4d5a8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B265569B3CA012287C2CA9CC01CB9FCA3E2A3125C06B45A0B7F049B9F1E4D5A8"
Last-Modified: Thu, 22 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9753
Expires: Sat, 24 Sep 2022 08:29:35 GMT
Date: Sat, 24 Sep 2022 05:47:02 GMT
Connection: keep-alive
d1zw85ny9dtn37.cloudfront.net/qSFY2a3UrOVgNSjw/UlZMfW4GXE1uPEUEGzhrZgkvDi9iLD87EQ4iIm4iTA9IeHBaChsvaxAOGytrB00ULDQLW1M8JlkASD04Ug4TIThTD1M9NwsGGjI/WgcUbWRwXlt4cwRbXTBnB05GCnMEWxkhOEMTUHpmTlNDF2ACTkYKcwRbBz5zBSpMfngGQlB6Zl-EOFiM5E1kzemYHW0V5ZgdOR3gwXxkQLjlOTkcObwBFRW4jC1o
108.156.50.109200 OK 337 B URL HTTP/2 d1zw85ny9dtn37.cloudfront.net/qSFY2a3UrOVgNSjw/UlZMfW4GXE1uPEUEGzhrZgkvDi9iLD87EQ4iIm4iTA9IeHBaChsvaxAOGytrB00ULDQLW1M8JlkASD04Ug4TIThTD1M9NwsGGjI/WgcUbWRwXlt4cwRbXTBnB05GCnMEWxkhOEMTUHpmTlNDF2ACTkYKcwRbBz5zBSpMfngGQlB6Zl-EOFiM5E1kzemYHW0V5ZgdOR3gwXxkQLjlOTkcObwBFRW4jC1o
IP 108.156.50.109:0
File type ASCII text, with very long lines (417), with no line terminators
Hash 5f397bfb8a74848626a92c1017733b52
eb166f1b66640ae3248d7f6c537b1ebb28502c13
e0a30f5949a78fad9a0393eb5dd75a65dc90494df0710431b7bafafc4a04a659
GET /qSFY2a3UrOVgNSjw/UlZMfW4GXE1uPEUEGzhrZgkvDi9iLD87EQ4iIm4iTA9IeHBaChsvaxAOGytrB00ULDQLW1M8JlkASD04Ug4TIThTD1M9NwsGGjI/WgcUbWRwXlt4cwRbXTBnB05GCnMEWxkhOEMTUHpmTlNDF2ACTkYKcwRbBz5zBSpMfngGQlB6Zl-EOFiM5E1kzemYHW0V5ZgdOR3gwXxkQLjlOTkcObwBFRW4jC1o HTTP/1.1
Host: d1zw85ny9dtn37.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 337
date: Sat, 24 Sep 2022 05:47:02 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ce8f85a4dd9437febbc40094aa7d575a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: 3pXS9LLAINgaSgrjZCGvpK0ZUp52cNlXWpGvRz2koWJAgTnOEhQ9vg==
X-Firefox-Spdy: h2
d1zw85ny9dtn37.cloudfront.net/ON1VXUW1UOjk3UkM8M2xUAm1nZlgRPyQ+A0doGx4vAwAfJCAFbToUAnNzIysJCmVxPQxZMmp3CFk2amBLVjE1bF0RIDZsAFgvPj0BVnBlF1gZZXJjXR8tZmBIBBdyY11bPDkkFRJnZylVAQphZUgEF3JjXUUjcmIsDmN5YUQSZ2c2CFQ+OHRfcWdnYF0HZG-dgSAVlMTgfUjM4KUgFE25nQwdzImxc
108.156.50.109200 OK 188 B URL HTTP/2 d1zw85ny9dtn37.cloudfront.net/ON1VXUW1UOjk3UkM8M2xUAm1nZlgRPyQ+A0doGx4vAwAfJCAFbToUAnNzIysJCmVxPQxZMmp3CFk2amBLVjE1bF0RIDZsAFgvPj0BVnBlF1gZZXJjXR8tZmBIBBdyY11bPDkkFRJnZylVAQphZUgEF3JjXUUjcmIsDmN5YUQSZ2c2CFQ+OHRfcWdnYF0HZG-dgSAVlMTgfUjM4KUgFE25nQwdzImxc
IP 108.156.50.109:0
File type ASCII text, with no line terminators
Hash a739a3ea96878276946e31cb92715e3b
088b0137495373778ab14a3a9267bca0b6d2ae8a
bc9c762f7975ed26783dfb5fbcbf5b20a9d6e3e374a0fa39b49dc0c8b7e96f1d
GET /ON1VXUW1UOjk3UkM8M2xUAm1nZlgRPyQ+A0doGx4vAwAfJCAFbToUAnNzIysJCmVxPQxZMmp3CFk2amBLVjE1bF0RIDZsAFgvPj0BVnBlF1gZZXJjXR8tZmBIBBdyY11bPDkkFRJnZylVAQphZUgEF3JjXUUjcmIsDmN5YUQSZ2c2CFQ+OHRfcWdnYF0HZG-dgSAVlMTgfUjM4KUgFE25nQwdzImxc HTTP/1.1
Host: d1zw85ny9dtn37.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 188
date: Sat, 24 Sep 2022 05:47:02 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ce8f85a4dd9437febbc40094aa7d575a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: tSPglzYfyswCL139urwVQgN3TbkfUNkuWl5jR3dipw3urqEkd9MRlQ==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 28decadcb8dd332e183eb62d7b58eb22
ba2fe6bfdfd3f3fab1e74aa1e33544e233d3cc2e
b265569b3ca012287c2ca9cc01cb9fca3e2a3125c06b45a0b7f049b9f1e4d5a8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B265569B3CA012287C2CA9CC01CB9FCA3E2A3125C06B45A0B7F049B9F1E4D5A8"
Last-Modified: Thu, 22 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9753
Expires: Sat, 24 Sep 2022 08:29:35 GMT
Date: Sat, 24 Sep 2022 05:47:02 GMT
Connection: keep-alive
d1zw85ny9dtn37.cloudfront.net/mOW5NQXJaASMnTU0HKXxLDFZ9dkYfBD4uHElTHzY9WjgAFDxYBxkKNh8aNyVPCUghIBxeU2skHFpTfGcTXQxwcVRNHiIqT08MPCYIUg85NRgfGyx8H1YUJC0eWEt/B0cXXmhzQhEWfHBXCixoc0JVByM0ChxcfTlKDzF7dVcKLGhzQksYaHIzAFhjcVscXH-0mF1oFImRAf1x9cEIJX31wVwteKygAXAgiOVcLKHR3XAlIOHxD
108.156.50.109200 OK 520 B URL HTTP/2 d1zw85ny9dtn37.cloudfront.net/mOW5NQXJaASMnTU0HKXxLDFZ9dkYfBD4uHElTHzY9WjgAFDxYBxkKNh8aNyVPCUghIBxeU2skHFpTfGcTXQxwcVRNHiIqT08MPCYIUg85NRgfGyx8H1YUJC0eWEt/B0cXXmhzQhEWfHBXCixoc0JVByM0ChxcfTlKDzF7dVcKLGhzQksYaHIzAFhjcVscXH-0mF1oFImRAf1x9cEIJX31wVwteKygAXAgiOVcLKHR3XAlIOHxD
IP 108.156.50.109:0
File type ASCII text, with very long lines (705), with no line terminators
Hash 16c88d7b21b44fed25fc1f04bb9ab56a
2feaf186508317467366957ed758320d905ae63b
65e6af95f19da89419ed6db4e09e6e796b72b9af7ba641d028311c454bc3d199
GET /mOW5NQXJaASMnTU0HKXxLDFZ9dkYfBD4uHElTHzY9WjgAFDxYBxkKNh8aNyVPCUghIBxeU2skHFpTfGcTXQxwcVRNHiIqT08MPCYIUg85NRgfGyx8H1YUJC0eWEt/B0cXXmhzQhEWfHBXCixoc0JVByM0ChxcfTlKDzF7dVcKLGhzQksYaHIzAFhjcVscXH-0mF1oFImRAf1x9cEIJX31wVwteKygAXAgiOVcLKHR3XAlIOHxD HTTP/1.1
Host: d1zw85ny9dtn37.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 520
date: Sat, 24 Sep 2022 05:47:02 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ce8f85a4dd9437febbc40094aa7d575a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: B1HTQLjMJiAfTosY7FUipYO0by4JgrmsKcPY6BooARhlESkIGzWn6g==
X-Firefox-Spdy: h2
d1zw85ny9dtn37.cloudfront.net/aMmpjemJRBQ0cXUYDB0dbB1NRTFsUABAVDEJXJRFQWVIALQNoWSg/REYQB0dSFAYCFAUPTAYUAQ9bRRsGUFdTXBZCBQhHFFAbBAAJUx4XEERHC14XDUgDDxYDF1glT0wCT1FKSkpbUl9RcE9RSg5bBBYCRwBaG0JUbVxXX1FwT1FKEERPUDtbBERTU0cAWg-QfAVkFRkgkAFpSSlIDWlJfUAIMCggHVAUbX1B0U1VUUhQfXks
108.156.50.109200 OK 500 B URL HTTP/2 d1zw85ny9dtn37.cloudfront.net/aMmpjemJRBQ0cXUYDB0dbB1NRTFsUABAVDEJXJRFQWVIALQNoWSg/REYQB0dSFAYCFAUPTAYUAQ9bRRsGUFdTXBZCBQhHFFAbBAAJUx4XEERHC14XDUgDDxYDF1glT0wCT1FKSkpbUl9RcE9RSg5bBBYCRwBaG0JUbVxXX1FwT1FKEERPUDtbBERTU0cAWg-QfAVkFRkgkAFpSSlIDWlJfUAIMCggHVAUbX1B0U1VUUhQfXks
IP 108.156.50.109:0
File type ASCII text, with very long lines (700), with no line terminators
Hash 370f28809993b6b250fde47def4cf4ad
50395ec969a7f384728cf87d5f035f8fc55ff15c
4965b3b7a1957ee35c8717a0c0dd8a6572bba45ffa5211454d313b84c09679ba
GET /aMmpjemJRBQ0cXUYDB0dbB1NRTFsUABAVDEJXJRFQWVIALQNoWSg/REYQB0dSFAYCFAUPTAYUAQ9bRRsGUFdTXBZCBQhHFFAbBAAJUx4XEERHC14XDUgDDxYDF1glT0wCT1FKSkpbUl9RcE9RSg5bBBYCRwBaG0JUbVxXX1FwT1FKEERPUDtbBERTU0cAWg-QfAVkFRkgkAFpSSlIDWlJfUAIMCggHVAUbX1B0U1VUUhQfXks HTTP/1.1
Host: d1zw85ny9dtn37.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 500
date: Sat, 24 Sep 2022 05:47:02 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ce8f85a4dd9437febbc40094aa7d575a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: sg1CHyqLe6UcDT9OwxbsFsXfZWly3kJ4KfYnQhh7GePsBV8DVhXT5w==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash b8672eccc47d1b56f3d0a9fbce607cfc
f13a78de53d0279cdec4da01730973de6176deea
13c1812f2d5d15f3121c71d493aabf3e3b40ef185cfd5ce2e57380fa3c135fe5
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 24 Sep 2022 05:47:02 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-922265932%3A1663998422684924&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrp4iffM_AlNFRk3vSFC5XtWyPRX37opLW4tjNKzFraSYtI1u-2DyLaxqu-AE-IIvd3mFid7Q
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-u6jema-auAx1OQSbIntD9Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:EOAyjUGTPqUN6Rsm1BoCUyI7AXUWyA:Qq0JS_4qe0UxYXa0;Path=/;Expires=Mon, 23-Sep-2024 05:47:02 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=632e99d4f9d5523d&bkl=0&bl=1&pdt=3543&sid=632e99d4f9d5523d&pub=ra-&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=ytsmx2.com&fp=maid-in-malacanang-2022%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663998421540&jsl=1&uvs=632e99d420e6c0e8000&skipb=1&callback=addthis.cbs.jsonp__76732450287405040
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=632e99d4f9d5523d&bkl=0&bl=1&pdt=3543&sid=632e99d4f9d5523d&pub=ra-&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=ytsmx2.com&fp=maid-in-malacanang-2022%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663998421540&jsl=1&uvs=632e99d420e6c0e8000&skipb=1&callback=addthis.cbs.jsonp__76732450287405040
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 4203b3003906379fe7d270e173652f15
c0e9a1e7e5b852ee1012d9dbcae65bcca3d7e241
e1fe2100de5827a8dc4fe5d296e75b7581809a0004f4c063a2b29fa86d8a2be1
GET /live/red_lojson/300lo.json?si=632e99d4f9d5523d&bkl=0&bl=1&pdt=3543&sid=632e99d4f9d5523d&pub=ra-&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=ytsmx2.com&fp=maid-in-malacanang-2022%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663998421540&jsl=1&uvs=632e99d420e6c0e8000&skipb=1&callback=addthis.cbs.jsonp__76732450287405040 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sat, 24 Sep 2022 05:47:02 GMT
X-Firefox-Spdy: h2
andindee.buzz/utx?cb=1DXfadbDN4cE&top=ytsmx2.com&tid=959269
172.64.163.28204 No Content 0 B URL HTTP/2 andindee.buzz/utx?cb=1DXfadbDN4cE&top=ytsmx2.com&tid=959269
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=1DXfadbDN4cE&top=ytsmx2.com&tid=959269 HTTP/1.1
Host: andindee.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytsmx2.com
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 24 Sep 2022 05:47:02 GMT
content-type: text/plain
access-control-allow-credentials: true
access-control-allow-origin: https://ytsmx2.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 24 Sep 2022 05:48:02 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUBiLvUk4ElDMs9ftSpWj%2F7lBz2n%2F7mmv94IkFjeT07rdeZZS0X%2FQ%2BvfTWvHyVJxH5bb5Imz3wrrExH2gC4sQQLVMC2IF5Nb6LsuP7TIqqZ2hJgoF2p7MjcfW8QHXViQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f9391d98614083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
andindee.buzz/utx?cb=QInW3s3k9b7u&top=ytsmx2.com&tid=958074
172.64.163.28204 No Content 0 B URL HTTP/2 andindee.buzz/utx?cb=QInW3s3k9b7u&top=ytsmx2.com&tid=958074
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=QInW3s3k9b7u&top=ytsmx2.com&tid=958074 HTTP/1.1
Host: andindee.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytsmx2.com
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 24 Sep 2022 05:47:02 GMT
content-type: text/plain
access-control-allow-credentials: true
access-control-allow-origin: https://ytsmx2.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 24 Sep 2022 05:48:02 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Em6ws53b8GwDW%2F4YwrCb7Zre%2BcJqvmCBCw%2Ft2suSkwkh4ZlX5NYIQ7hxdKOJydDvQ14ccHNpALpKTtJq4KfeLHEpUYWUfBkbhcHLYANPwmes%2F0UEcY9pyZUbdmP7s5VR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f9391d98654083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
andindee.buzz/utx?cb=d97YLecAIONq&top=ytsmx2.com&tid=958078
172.64.163.28204 No Content 0 B URL HTTP/2 andindee.buzz/utx?cb=d97YLecAIONq&top=ytsmx2.com&tid=958078
IP 172.64.163.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=d97YLecAIONq&top=ytsmx2.com&tid=958078 HTTP/1.1
Host: andindee.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytsmx2.com
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 24 Sep 2022 05:47:02 GMT
content-type: text/plain
access-control-allow-credentials: true
access-control-allow-origin: https://ytsmx2.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 24 Sep 2022 05:48:02 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjNSa5ika6YVGPPLHCXX2Cz1eu96EZ6Do86peVj9w3A%2B%2FosskEe8n3DCWk03aHoMcB7d3QEBi9K1DzNv42Zb%2Bq62F%2BbyErEfRKNUzmcRV96V4rT9BtyqwC%2BKvx2ULES6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f9391db8774083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f36b0758555cb1293271b2affda4d24
6022dbed3f280ac0d110d72e11de68b69cbeb247
f72893ff5f621761907d2cb09273db978a2719ad4f7cc6283cbf79cc5fb31b35
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F72893FF5F621761907D2CB09273DB978A2719AD4F7CC6283CBF79CC5FB31B35"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10323
Expires: Sat, 24 Sep 2022 08:39:05 GMT
Date: Sat, 24 Sep 2022 05:47:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 28decadcb8dd332e183eb62d7b58eb22
ba2fe6bfdfd3f3fab1e74aa1e33544e233d3cc2e
b265569b3ca012287c2ca9cc01cb9fca3e2a3125c06b45a0b7f049b9f1e4d5a8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B265569B3CA012287C2CA9CC01CB9FCA3E2A3125C06B45A0B7F049B9F1E4D5A8"
Last-Modified: Thu, 22 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9753
Expires: Sat, 24 Sep 2022 08:29:35 GMT
Date: Sat, 24 Sep 2022 05:47:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 593149bcd358a589b546299ed1238523
49b041b55bc05ed34e1128fcd53a7a1f4b347f4d
8c14a724632e43a28d5943033566cf51c633ecda36a60a18d61c3afba828230c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3093
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 05:47:02 GMT
Last-Modified: Sat, 24 Sep 2022 04:55:29 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
andindee.buzz/floater?cs=TGozNHd6UwsMRnxTAwRGdVMGDUQ&abt=0&red=1&sm=83&k=1986%20download%20yify%20movie%20torrent%20untold%20story%20last%20hours%20marcoses%20inside%20palace%20before%20fleeing%20hawaii%20during%20people%20power%20revolution%202022&v=0.8.9.1&sts=0&prn=0&emb=0&tid=958078&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fytsmx2.com%2Fmaid-in-malacanang-2022%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td11_oi1_&_OeaI=1663998420227&crc=1
172.64.163.28200 OK 4.1 kB URL HTTP/2 andindee.buzz/floater?cs=TGozNHd6UwsMRnxTAwRGdVMGDUQ&abt=0&red=1&sm=83&k=1986%20download%20yify%20movie%20torrent%20untold%20story%20last%20hours%20marcoses%20inside%20palace%20before%20fleeing%20hawaii%20during%20people%20power%20revolution%202022&v=0.8.9.1&sts=0&prn=0&emb=0&tid=958078&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fytsmx2.com%2Fmaid-in-malacanang-2022%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td11_oi1_&_OeaI=1663998420227&crc=1
IP 172.64.163.28:0
File type ASCII text, with very long lines (6558), with no line terminators
Hash 2642527d7e187c8eb696dea4b65dd6fa
bf5f1769125dc58a882f8170e9341c4bd397543e
ddb7d3b771eafc1b4bd192e1ecd60606c9bcf341e4e9f9d0877311e154ae87c6
GET /floater?cs=TGozNHd6UwsMRnxTAwRGdVMGDUQ&abt=0&red=1&sm=83&k=1986%20download%20yify%20movie%20torrent%20untold%20story%20last%20hours%20marcoses%20inside%20palace%20before%20fleeing%20hawaii%20during%20people%20power%20revolution%202022&v=0.8.9.1&sts=0&prn=0&emb=0&tid=958078&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fytsmx2.com%2Fmaid-in-malacanang-2022%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td11_oi1_&_OeaI=1663998420227&crc=1 HTTP/1.1
Host: andindee.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytsmx2.com
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:03 GMT
content-type: text/plain
content-length: 4056
access-control-allow-credentials: true
access-control-allow-origin: https://ytsmx2.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=3d272b3f-8775-4343-8d4d-49bf4da65826
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=an3%2FMj8ISnTOORGY02RoQWSsCZsJDi%2BD0EnR8x4SfyMwWzsQ4xj%2BteQ%2FqYhXrOkWd1rc4FMU6TLAqOk4XxdZY6NpBlHntjEQ%2B9WrT9T2%2BWJ1DH0Gfr6uYJKE8pWwXEgE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f9391db8784083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 720dbfc5f69bee09a9e4fbf515e54135
32648237092dd5e55553cb3c6817ecb115df4130
7afefe3ce4b76288eee66c31e063c0615f273c95ed8d951d63603e5f6651589b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7AFEFE3CE4B76288EEE66C31E063C0615F273C95ED8D951D63603E5F6651589B"
Last-Modified: Fri, 23 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1289
Expires: Sat, 24 Sep 2022 06:08:33 GMT
Date: Sat, 24 Sep 2022 05:47:04 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
108.138.212.113200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.138.212.113:0
Hash e95a82a66122b57f0588e635fdaea0f0
d30a4e54dfe0627e311752b47f3574e2ab6f2ab4
85190abc91022923f5781f4325be9a49dc9f03fc2e79ed851055b75dee576130
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 05:47:04 GMT
Last-Modified: Sat, 24 Sep 2022 04:51:55 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 208aec8d7d6b69028fbed7a7605feea6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: oQftAZX1L4Cg5OFjyuQZOzO9rAeoFFz4ypf3sVsGTsbHmHK9tNE_6w==
Age: 3309
semidapt.com/winnotice?sid=H4sIAAAAAAAC%2F1RTS2gkRRiu0b0snpT1IOxhvCnIpHsyj25XWYzZSDBull1FT0p1VU3ym%2B6upqp7epJTUJA9iIx48HGqfHmhRtGjB1fprHgICJlbRHP35Av2qswYM%2FpD8z%2B%2B%2F%2FD1%2F3311lZxyjwU%2FGT%2BBb1Bccxn2g2v%2Ftgrvn%2BlvkRpMagPgs5rndaVuuk%2FGXYa3uP155RY0zNNz%2Fc83%2FPrC2RUTw9mxiAoOwj9Rug1Ws2G325hYBxsUYPlNcj%2BKXsIJEcX7tYugUSFNPliXtm1XGdPXEuKmOfaoC%2F3X0rXUl2mSKZlz9TQS%2FfPtqHt8cId6HR3QhG6f74Y0YjVvr%2BDKN0%2FI4aovzPhFsVQKSL5AMp%2BBRVXIF5B6DdB8pgBQuL6MtJk77o2JV%2F%2FB%2BVjdMQu3PsTVI7YhZ8vIU0%2Bn4tpUL%2Bl4yInnVoMeg40qEArFbLiEPkGA5WHEPkbIPkDm7m3hDTZWbaxBkk3%2BXeiCtSrEKshuGUoxh8xFL0aiqyGRJ7Uhe%2F7XU8K7gWhELOyq6KO9Hze7fnc9zoBCjGmN0SeDSHiIYTZRGY2sUZDmOIdkK1QcAfKHDK7F7YDrxtAiaOrv3w4jo%2FA6aTea812OffabSVanTBsdyMR%2Bh2v2xSBUJ2QI6Kjq%2FO%2F%2F%2FX2U199h5gYFD%2F65jc2CdjUIS3cdmrIwagjdhbbRuZHV8%2B3Vh2sZLA5Q186lIqhtAwlZyiJocwZyr7blbFtWrcnY1tE%2FllunuVZt63zFber8xWVsq3slD040eYP8SrW1Em954lm0Atbs82gFYZRIFvd2U7QkcKXgWoFEpb%2BvQDZ%2B8BtDRs0Yg%2F%2F9CuysWvke4j4IWx8CEGPgheXwUsHvuqwkTpIfWBVQpJneUPoBFl%2BEfl6bSs%2BZY9MeHQ%2BuP2%2F0wrjkBmH1%2Bkuw0p8e%2FumLtnOTV1a9uVyllNCG3zsn1s5z9X9nzyv1ktt5OK8HX78jBgD4%2FLgRWXzJZ5KSlcs%2B3SOpFRmQRuh2NeL9mUV3Sjs6lxh0iJbuvHswmKSGWUt6bQCp%2BNr70PQiF1898fJw7j82dMgU8EUDklxLhVIVxDZJmw2nVnNYOJpH2UMZeG2TTOaDsdmiKeag0cO9j99NK237Lew5JBb9jcAAAD%2F%2FwEAAP%2F%2FSUdk4nUEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1663998422&pid=91283&sub2=icon&auid=f437aa055ec469957bc916072c8ce69a&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
213.174.151.100307 Temporary Redirect 0 B URL HTTP/1.1 semidapt.com/winnotice?sid=H4sIAAAAAAAC%2F1RTS2gkRRiu0b0snpT1IOxhvCnIpHsyj25XWYzZSDBull1FT0p1VU3ym%2B6upqp7epJTUJA9iIx48HGqfHmhRtGjB1fprHgICJlbRHP35Av2qswYM%2FpD8z%2B%2B%2F%2FD1%2F3311lZxyjwU%2FGT%2BBb1Bccxn2g2v%2Ftgrvn%2BlvkRpMagPgs5rndaVuuk%2FGXYa3uP155RY0zNNz%2Fc83%2FPrC2RUTw9mxiAoOwj9Rug1Ws2G325hYBxsUYPlNcj%2BKXsIJEcX7tYugUSFNPliXtm1XGdPXEuKmOfaoC%2F3X0rXUl2mSKZlz9TQS%2FfPtqHt8cId6HR3QhG6f74Y0YjVvr%2BDKN0%2FI4aovzPhFsVQKSL5AMp%2BBRVXIF5B6DdB8pgBQuL6MtJk77o2JV%2F%2FB%2BVjdMQu3PsTVI7YhZ8vIU0%2Bn4tpUL%2Bl4yInnVoMeg40qEArFbLiEPkGA5WHEPkbIPkDm7m3hDTZWbaxBkk3%2BXeiCtSrEKshuGUoxh8xFL0aiqyGRJ7Uhe%2F7XU8K7gWhELOyq6KO9Hze7fnc9zoBCjGmN0SeDSHiIYTZRGY2sUZDmOIdkK1QcAfKHDK7F7YDrxtAiaOrv3w4jo%2FA6aTea812OffabSVanTBsdyMR%2Bh2v2xSBUJ2QI6Kjq%2FO%2F%2F%2FX2U199h5gYFD%2F65jc2CdjUIS3cdmrIwagjdhbbRuZHV8%2B3Vh2sZLA5Q186lIqhtAwlZyiJocwZyr7blbFtWrcnY1tE%2FllunuVZt63zFber8xWVsq3slD040eYP8SrW1Em954lm0Atbs82gFYZRIFvd2U7QkcKXgWoFEpb%2BvQDZ%2B8BtDRs0Yg%2F%2F9CuysWvke4j4IWx8CEGPgheXwUsHvuqwkTpIfWBVQpJneUPoBFl%2BEfl6bSs%2BZY9MeHQ%2BuP2%2F0wrjkBmH1%2Bkuw0p8e%2FumLtnOTV1a9uVyllNCG3zsn1s5z9X9nzyv1ktt5OK8HX78jBgD4%2FLgRWXzJZ5KSlcs%2B3SOpFRmQRuh2NeL9mUV3Sjs6lxh0iJbuvHswmKSGWUt6bQCp%2BNr70PQiF1898fJw7j82dMgU8EUDklxLhVIVxDZJmw2nVnNYOJpH2UMZeG2TTOaDsdmiKeag0cO9j99NK237Lew5JBb9jcAAAD%2F%2FwEAAP%2F%2FSUdk4nUEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1663998422&pid=91283&sub2=icon&auid=f437aa055ec469957bc916072c8ce69a&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 213.174.151.100:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTS2gkRRiu0b0snpT1IOxhvCnIpHsyj25XWYzZSDBull1FT0p1VU3ym%2B6upqp7epJTUJA9iIx48HGqfHmhRtGjB1fprHgICJlbRHP35Av2qswYM%2FpD8z%2B%2B%2F%2FD1%2F3311lZxyjwU%2FGT%2BBb1Bccxn2g2v%2Ftgrvn%2BlvkRpMagPgs5rndaVuuk%2FGXYa3uP155RY0zNNz%2Fc83%2FPrC2RUTw9mxiAoOwj9Rug1Ws2G325hYBxsUYPlNcj%2BKXsIJEcX7tYugUSFNPliXtm1XGdPXEuKmOfaoC%2F3X0rXUl2mSKZlz9TQS%2FfPtqHt8cId6HR3QhG6f74Y0YjVvr%2BDKN0%2FI4aovzPhFsVQKSL5AMp%2BBRVXIF5B6DdB8pgBQuL6MtJk77o2JV%2F%2FB%2BVjdMQu3PsTVI7YhZ8vIU0%2Bn4tpUL%2Bl4yInnVoMeg40qEArFbLiEPkGA5WHEPkbIPkDm7m3hDTZWbaxBkk3%2BXeiCtSrEKshuGUoxh8xFL0aiqyGRJ7Uhe%2F7XU8K7gWhELOyq6KO9Hze7fnc9zoBCjGmN0SeDSHiIYTZRGY2sUZDmOIdkK1QcAfKHDK7F7YDrxtAiaOrv3w4jo%2FA6aTea812OffabSVanTBsdyMR%2Bh2v2xSBUJ2QI6Kjq%2FO%2F%2F%2FX2U199h5gYFD%2F65jc2CdjUIS3cdmrIwagjdhbbRuZHV8%2B3Vh2sZLA5Q186lIqhtAwlZyiJocwZyr7blbFtWrcnY1tE%2FllunuVZt63zFber8xWVsq3slD040eYP8SrW1Em954lm0Atbs82gFYZRIFvd2U7QkcKXgWoFEpb%2BvQDZ%2B8BtDRs0Yg%2F%2F9CuysWvke4j4IWx8CEGPgheXwUsHvuqwkTpIfWBVQpJneUPoBFl%2BEfl6bSs%2BZY9MeHQ%2BuP2%2F0wrjkBmH1%2Bkuw0p8e%2FumLtnOTV1a9uVyllNCG3zsn1s5z9X9nzyv1ktt5OK8HX78jBgD4%2FLgRWXzJZ5KSlcs%2B3SOpFRmQRuh2NeL9mUV3Sjs6lxh0iJbuvHswmKSGWUt6bQCp%2BNr70PQiF1898fJw7j82dMgU8EUDklxLhVIVxDZJmw2nVnNYOJpH2UMZeG2TTOaDsdmiKeag0cO9j99NK237Lew5JBb9jcAAAD%2F%2FwEAAP%2F%2FSUdk4nUEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1663998422&pid=91283&sub2=icon&auid=f437aa055ec469957bc916072c8ce69a&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: semidapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Sat, 24 Sep 2022 05:47:04 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4ac3757cf4b433d48fef77b57929d3ce
Strict-Transport-Security: max-age=0; includeSubdomains
webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
52.92.148.106200 OK 9.3 kB URL HTTP/1.1 webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
IP 52.92.148.106:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash e73bda30c82b74c32e5f03e4ed4e4bb1
e2b381468138921e418865ca53fd7b91ab8febb8
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227
GET /getlaid.jpeg HTTP/1.1
Host: webpick-cdn.s3.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: BXW2qE/4MfvQunPAEUc9gvCjdXq6CESujhmmWzTYczP/1Ya0Uq5eqSTYD377CJGeckM8jG3a9Hs=
x-amz-request-id: YYQ9GSCZESWHKVVE
Date: Sat, 24 Sep 2022 05:47:05 GMT
Last-Modified: Thu, 25 Jun 2020 08:18:14 GMT
ETag: "e73bda30c82b74c32e5f03e4ed4e4bb1"
x-amz-meta-s3b-last-modified: 20200625T081632Z
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 9313
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 278111c3c7bd20522fd84097d44186e3
d0748bb5754c07e168a734b7a198ea2cbbd8197b
4d8a7cd202a14451e01acbf38d7e91ff3d55a560604c94c5fe3183365af874eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D8A7CD202A14451E01ACBF38D7E91FF3D55A560604C94C5FE3183365AF874EB"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6978
Expires: Sat, 24 Sep 2022 07:43:22 GMT
Date: Sat, 24 Sep 2022 05:47:04 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
45.133.44.9200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:04 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Mon, 26 Sep 2022 05:47:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9bd06dd-99f2-4872-9842-2602f7de5548.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9bd06dd-99f2-4872-9842-2602f7de5548.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf93335d49a4fa1c363101b9b99cdb7e
d66f34e7d10a5ae7d463c137273001ef589c71cb
971bc3c08bb3f43d9036afdff6c174db66e0517060bbc13c9d6eff2c7d91589e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9bd06dd-99f2-4872-9842-2602f7de5548.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6209
x-amzn-requestid: bbcda7dd-e495-4d4e-927b-14d114f2a4b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHQzoAMFVvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-5a67683017d720ce1d79149d;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cDM8SNnUwaOZr39yWwDVX6HSA1HQXpZQbrfnr0jxX2NCKyyNKbuKQQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:18 GMT
age: 28188
etag: "d66f34e7d10a5ae7d463c137273001ef589c71cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.133.29200 OK 0 B IP 172.64.133.29:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytsmx2.com/
Origin: https://ytsmx2.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:02 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://ytsmx2.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sat, 24 Sep 2022 03:25:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJm4VXjuS6fGUQPyO1azjw6U2qoc%2FvzvA2LsJEisdHoLkkzDJ1Pomd4RKTj8amEtCyfmJbXtmBHKfBNEbyMwb2FAVVM%2FbEOTxUG4qECJmFszdGw4lde32wdEQUFCheNb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f9391dde1472c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.133.29200 OK 0 B IP 172.64.133.29:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytsmx2.com/
Origin: https://ytsmx2.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:02 GMT
content-type: text/plain
set-cookie: csu=1562807527963737@1@1663998422; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://ytsmx2.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yenZRWa%2BRQUVrtxvzy9U6uP5NtPJvWjGIJtCMM7Q0XUC9Bhx9WtxxkRG%2FJtd7eOmvNA%2BYOdTjwPisvZ7YLldlUFgXo5qXGv3eQxkJxL%2F3e0ldZ3i5A%2B6iUrRTivTGKOj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f9391e7e6a72c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.133.29200 OK 0 B IP 172.64.133.29:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytsmx2.com/
Origin: https://ytsmx2.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:02 GMT
content-type: text/plain
set-cookie: csu=529813589793781@1@1663998422; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://ytsmx2.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnBmC4dNNXaJ0X2xGXuobYAZfZs6RTgDiDWJPkKv94tBPAW4md96nu3YazS71OArH53B089az0XVZBjtzbhY7Dloln4myKLbyad%2FIFXYdQjMCBh8ocUybRpcf2LnDup0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f9391dde1772c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/cWeVNyEcQSM
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/cWeVNyEcQSM
IP 142.250.74.174:0
GET /embed/cWeVNyEcQSM HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 24 Sep 2022 05:47:01 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=yEm44foYlZk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=AZoILNm9oNU; Domain=.youtube.com; Expires=Thu, 23-Mar-2023 05:47:01 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+839; expires=Mon, 23-Sep-2024 05:47:01 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S671534676%3A1663998422627492&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWog7qsu1ZHUD-QbJ6RYhGAnog_9CTicxHvxLg6yrmbTzawbQZW2YrjHs_n05QZ-1rMZ_y0lNw
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S671534676%3A1663998422627492&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWog7qsu1ZHUD-QbJ6RYhGAnog_9CTicxHvxLg6yrmbTzawbQZW2YrjHs_n05QZ-1rMZ_y0lNw
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S671534676%3A1663998422627492&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWog7qsu1ZHUD-QbJ6RYhGAnog_9CTicxHvxLg6yrmbTzawbQZW2YrjHs_n05QZ-1rMZ_y0lNw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytsmx2.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 24 Sep 2022 05:47:02 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-2wYIqavafDm7auA06as56Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=Gm8yQAc4UOKLfcuaRpVo-WHzD6XNN5Z8MldP4uaT0pmTshXeIYrM30N3O6o_5afdyriCtlS0njVy2e7i32KzykDslegnOH3PZ5yfLDemEQaVgOvcYl6gkQbhnZsKLhJlC_dPwjSY-m7RP9FJ2e7mqQMahZ3vc-bcHPOMhZJwQK8; expires=Sun, 26-Mar-2023 05:47:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.133.29200 OK 0 B IP 172.64.133.29:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytsmx2.com/
Origin: https://ytsmx2.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 24 Sep 2022 05:47:02 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://ytsmx2.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sat, 24 Sep 2022 03:25:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ysQlvKUfIbnlSK5JSGdDI%2F4zcVyF8bsuEGqG9M9bxKQM6BFhlHh%2BzlAFqXMjXN4LlCduQDrL43bH6EoJjYZR%2BBZC11%2FaJwAQLRTNYC8XcSuWJt%2FkMKz7F%2F4kE6Lc4iR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f9391dde0f72c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.200.35:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytsmx2.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 0OuGaiwKJ9cP3i8AoGrc0W/sXmORitkJ1XTztWuvx6MGysJ4HpuiVmrXmekxS9qraI1J3UlsqzKv5fRcUUB4YQ==
date: Sat, 24 Sep 2022 05:47:02 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_US/base.js
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_US/base.js
IP 142.250.74.174:0
GET /s/player/abfb84fe/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/cWeVNyEcQSM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 591484
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 14:49:57 GMT
expires: Fri, 22 Sep 2023 14:49:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
content-type: text/javascript
age: 140224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2