ymate.app/es/youtube/apGlGkClgEE
301 Moved Permanently 0 B URL HTTP/1.1 ymate.app/es/youtube/apGlGkClgEE
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /es/youtube/apGlGkClgEE HTTP/1.1
Host: ymate.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 22:35:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 26 Jan 2023 23:35:28 GMT
Location: https://ymate.app/es/youtube/apGlGkClgEE
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSnKoouIpve52AD9wWyH7bz%2F1lVs4XrwhJG6p1uW47UnDEOYf%2BWdNF1DJLl3AR%2BQoBHB0KdU8x%2F%2FUyZHMk0W%2FBExgLfW3njhq89mgorJLO1zSGTKGpTdyNw8EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fcb8d18f93b4ee-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4328
Expires: Thu, 26 Jan 2023 23:47:37 GMT
Date: Thu, 26 Jan 2023 22:35:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10870
Expires: Fri, 27 Jan 2023 01:36:39 GMT
Date: Thu, 26 Jan 2023 22:35:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Thu, 26 Jan 2023 23:41:16 GMT
Date: Thu, 26 Jan 2023 22:35:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X16nAmNSsFZvIQctvBnetoGRixjuDUO00JKLk6lz1nJVaqm+uqd0HSjBd/0ewtcpED/TZdI//6c=
x-amz-request-id: NSJZVN9YY0B8CJ9S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 21:49:09 GMT
age: 2780
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 21:42:56 GMT
content-type: application/json
age: 3153
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 10c193fbc0762e18a019d36086f58c90
ddb70a5f419a402c5149dc9aa0443a45578f4165
165607b27f2943706d8cbfc42772e3df8fe7c4a516115a38aef7fb588094d921
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "165607B27F2943706D8CBFC42772E3DF8FE7C4A516115A38AEF7FB588094D921"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6872
Expires: Fri, 27 Jan 2023 00:30:01 GMT
Date: Thu, 26 Jan 2023 22:35:29 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:35:29 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 10c193fbc0762e18a019d36086f58c90
ddb70a5f419a402c5149dc9aa0443a45578f4165
165607b27f2943706d8cbfc42772e3df8fe7c4a516115a38aef7fb588094d921
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "165607B27F2943706D8CBFC42772E3DF8FE7C4A516115A38AEF7FB588094D921"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6872
Expires: Fri, 27 Jan 2023 00:30:01 GMT
Date: Thu, 26 Jan 2023 22:35:29 GMT
Connection: keep-alive
cdn.hooliganmedia.com/hmads0.js
200 OK 195 kB URL HTTP/2 cdn.hooliganmedia.com/hmads0.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 195 kB (195378 bytes)
Hash 397ce81c9f3b983cff524d2c0a2366c6
1cd28133796b512cb4622e881b1aa1ad9487b5c0
2b6e18132b3e4c063dadb4994dc4bd9821d761b1123bf55bf1875b737f7787b3
GET /hmads0.js HTTP/1.1
Host: cdn.hooliganmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:35:29 GMT
cache-control: max-age=715
content-length: 195378
content-type: text/javascript
last-modified: Tue, 04 Oct 2022 20:24:23 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "397ce81c9f3b983cff524d2c0a2366c6"
x-amz-request-id: tx0000000000000a7e87a5f-0063d2f4ec-51ffc94a-nyc3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1674772529.dop015.sk1.t,1674772529.cds261.sk1.hn,1674772529.cds223.sk1.c
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 21:41:40 GMT
age: 3230
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12483
Expires: Fri, 27 Jan 2023 02:03:33 GMT
Date: Thu, 26 Jan 2023 22:35:30 GMT
Connection: keep-alive
ymate.app/es/youtube/apGlGkClgEE
200 OK 15 kB URL HTTP/2 ymate.app/es/youtube/apGlGkClgEE
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4432)
Hash 548ba54da34e8852ceb9d41eaead3584
7cc822176d34659969dd563227605f6c77baf126
afbace0f8ed853a09252e70f4ffe3b9f3e57a6b90cafcdaf1fcdf26afd846d63
GET /es/youtube/apGlGkClgEE HTTP/1.1
Host: ymate.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:35:29 GMT
content-type: text/html
cf-ray: 78fcb8d47f9eb521-OSL
cache-control: public, s-maxage=31536000, max-age=0
expires: Thu, 26 Jan 2023 22:35:29 GMT
last-modified: Thu, 19 Jan 2023 03:05:18 GMT
vary: Accept-Encoding,Origin,User-Agent
cf-cache-status: REVALIDATED
x-robots-tag: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEYOyH0s%2By2Ne%2BCuNs2Bdr%2F48rCY2GnXMQFCOtWFZSurTJazFOECO4lT%2Fd%2FzEqiRVxo6F6LraqXVfb0U7lAg91m41pDoh3NelxJ9YkTKsqqfxEAbdaFM6JEr1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kc2fv8cQc0suL53fFOeg5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qXtNrQXoWzBFFVLhdjWrHpyLJTU=
r3.o.lencr.org/
200 OK 2.6 kB IP
ASN #20940 Akamai International B.V.
Hash edf40c263d319d789d2399958a7bc573
0528e29c0bd037849e3f55dd6480f5e6d1327190
c6b6781e8a71720015c3bce6e1c0d6e200b5bb780ddd0c13ca5c2796decd5410
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A6421010380753D4475A82ABA9AEBF169DC8395DF25F70A0F225E99778EE194"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10208
Expires: Fri, 27 Jan 2023 01:25:38 GMT
Date: Thu, 26 Jan 2023 22:35:30 GMT
Connection: keep-alive
prebid.a-mo.net/a/c
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2770
Origin: https://ymate.app
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://ymate.app
cache-control: max-age=0, private, must-revalidate
date: Thu, 26 Jan 2023 22:35:30 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP
File type ASCII text, with very long lines (39375)
Hash a6b9e7fa5c4db060e6ea3b4700d6bbee
d17366a1e255f07e5597e6969c71b96cad7ea109
94377bc67488cb8120784f744c038d16ee57b27717f6cb0dde288498b0a8ad5d
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27631
date: Thu, 26 Jan 2023 22:35:31 GMT
expires: Thu, 26 Jan 2023 22:35:31 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1464 / 516 of 1000 / last-modified: 1674752068"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a4154f9780d4ef7c61b45ccfff91e5ee
fa97c53e69a2e72e10ee12627c31b5201d36c14c
73f37cd9a981be0d639f75cb30582ab2d7a4e92ce1c47cee30856b2f7d7e8207
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/apGlGkClgEE/0.jpg
200 OK 51 kB URL HTTP/2 i.ytimg.com/vi/apGlGkClgEE/0.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 598e959042b6fa6c776df7f7e8c5f9c5
dbe28be23ef8046415e64bef822d59dfde2417e6
692188f6ac22b53eb536e3e89079d0ee42084adbd6c11f2785d9737fd3884e7e
GET /vi/apGlGkClgEE/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 50938
date: Thu, 26 Jan 2023 22:35:31 GMT
expires: Fri, 27 Jan 2023 00:35:31 GMT
cache-control: public, max-age=7200
etag: "1650297056"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a4154f9780d4ef7c61b45ccfff91e5ee
fa97c53e69a2e72e10ee12627c31b5201d36c14c
73f37cd9a981be0d639f75cb30582ab2d7a4e92ce1c47cee30856b2f7d7e8207
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8c9d07227c8257f662fe5cebaf7eee4f
0f9d5142aa05583bdf693de42154847a0e63596a
2374b384f2b81bf129471dcd3c2a67a90af337d2bc3b0465cf8f058828ca166f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2374B384F2B81BF129471DCD3C2A67A90AF337D2BC3B0465CF8F058828CA166F"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5299
Expires: Fri, 27 Jan 2023 00:03:50 GMT
Date: Thu, 26 Jan 2023 22:35:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5623
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 22:35:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5623
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 22:35:31 GMT
Connection: keep-alive
adservice.google.no/adsid/integrator.js?domain=ymate.app
200 OK 1.1 kB URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=ymate.app
IP
Hash 62489a107e2a3970d8457456582b79eb
279678dff8a5c016bbb93df70864d9ff3f2a8099
6e45d63ad8831b626817cf1e0e5cc210dae7a7f41028a4cb362489022bb68cbd
GET /adsid/integrator.js?domain=ymate.app HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 26 Jan 2023 22:35:31 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5623
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 22:35:31 GMT
Connection: keep-alive
adservice.google.com/adsid/integrator.js?domain=ymate.app
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=ymate.app
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ymate.app HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 26 Jan 2023 22:35:31 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
IP
Hash e806d02f39759df27d1d5a4593057d0d
d79607c36984133ef542922af624bb47ce665c45
f7e23d201cdf95634952b2e04a00e54bf26cb74dd7978cd25159079d91ff97a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6055
x-amzn-requestid: dd44b3ab-6248-419a-995a-f3aaf59dae77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLRhMFPYIAMF91g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfc6d-4df410b022dbbb55297e6ac7;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:18:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b0NnMvzF8QzmCB6erAH6gTky4A2vBwI6huYmgX8hLTatYq_NHhQl1A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 15:23:32 GMT
age: 25919
etag: "9d9680fb1a9232bb2b42b824dc11633666bfa31a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5623
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 22:35:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5623
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 22:35:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 262b43386e404cb3d320c47c4cf792c1
87f304f8583fe6b6e942a9dbcb5efb5ee94987f2
ca0f72005920b2b2f49c387314540f3cd2f3d7808f0365dfb1c491500e8a8714
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8065
x-amzn-requestid: 4a4a6d4c-9c4b-418d-be96-8a0d1de4828a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuHZsoAMFmWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-74c21aa22d11c4240019a4b3;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TXXkkbJHyvwrly_-5FH0EIkRm4EwlDJxGWBHcbwax2H_ccfMfs-5PQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 2903
etag: "87f304f8583fe6b6e942a9dbcb5efb5ee94987f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 22:59:28 GMT
age: 84963
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:59:56 GMT
age: 2135
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3df3868d4a13270faf944f911637a7
1b69b2433956c79510bc4a013648a5fb12882884
e13e2ca5d6552a96eb972936f553937a5aff566eb37f39b0928f15d3eeab617f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11372
x-amzn-requestid: d50f0c0e-a383-419a-a3ca-630d5fd32821
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPAw_E_rIAMF0hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf7b39-64abe6b72176db7d7b67f315;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 06:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P--KVawXg_IYJa8S3gcxIL5XZZGwRbhclRRRMUFlWmMAqzVus7RdnA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 2903
etag: "1b69b2433956c79510bc4a013648a5fb12882884"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a77b6d-ccc1-422b-8493-221c615accaf.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a77b6d-ccc1-422b-8493-221c615accaf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0fe44d9606e6a149a253423f312dfc5
78e442e8a9142311c25dafd01823a240f4acb0d6
9aad8938c1fda9641f95a4369f57ea57303a28e05f56e3bb1961e17cfbb123f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a77b6d-ccc1-422b-8493-221c615accaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13175
x-amzn-requestid: 14ccf28a-a84a-4903-9edc-7659096cb3ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRxOCFrkIAMFt8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0958c-6a67f1aa65038439793808fd;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:35:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6Af7rqnIDAKAw6O0CYUv1epQ8VxFyXBjtAtpovQZJ72aKEymQu_O8Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:43:29 GMT
age: 53522
etag: "78e442e8a9142311c25dafd01823a240f4acb0d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pl17280911.highcpmrevenuenetwork.com/5b/97/9a/5b979a601ccf8274561b9b04ff8e4274.js
200 OK 21 kB URL HTTP/1.1 pl17280911.highcpmrevenuenetwork.com/5b/97/9a/5b979a601ccf8274561b9b04ff8e4274.js
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60185), with no line terminators
Hash 26bfc6861cb4bd0d0235943f0c03f9a2
dcfc06cc7d52d76ec8379ee67f4ecd2d25564f8c
12fc5f65c80f889faae8102641b93a4b55a0cb1579087b46e189c55df852f79b
Analyzer Verdict Alert quad9 Sinkholed
GET /5b/97/9a/5b979a601ccf8274561b9b04ff8e4274.js HTTP/1.1
Host: pl17280911.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 22:35:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b8b329bf0724dcbbbe984f354262bf42
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
200 OK 2.7 kB URL HTTP/2 d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Thu, 26 Jan 2023 22:35:32 GMT
expires: Fri, 26 Jan 2024 22:35:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 447474524ebd9ae1cbb9542a19ef9805
77fcd42a646b8f888734f1af5c7a120f962a18d2
ca96b2437c5e1b4170e7662f62b9ad328c3577d275135be32a01111589d5041b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA96B2437C5E1B4170E7662F62B9AD328C3577D275135BE32A01111589D5041B"
Last-Modified: Wed, 25 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5916
Expires: Fri, 27 Jan 2023 00:14:08 GMT
Date: Thu, 26 Jan 2023 22:35:32 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 0e0794742d318d830bb70192940d1ea6
23cf49def92a0b062bcdccbbf61383fb22d58ba0
5078277491858b6974d34d56c4c966210a37ad970bc165a08d9bb6e2510874de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143789
Date: Thu, 26 Jan 2023 22:35:32 GMT
Etag: "63d28099-1d7"
Expires: Sat, 28 Jan 2023 14:32:01 GMT
Last-Modified: Thu, 26 Jan 2023 13:31:05 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1_8IZJuynh80lfJIGP6Ix33zZs-_c0jyHKbXl4XvBiradG95oYPvtA==
Age: 3656
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 447474524ebd9ae1cbb9542a19ef9805
77fcd42a646b8f888734f1af5c7a120f962a18d2
ca96b2437c5e1b4170e7662f62b9ad328c3577d275135be32a01111589d5041b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA96B2437C5E1B4170E7662F62B9AD328C3577D275135BE32A01111589D5041B"
Last-Modified: Wed, 25 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5916
Expires: Fri, 27 Jan 2023 00:14:08 GMT
Date: Thu, 26 Jan 2023 22:35:32 GMT
Connection: keep-alive
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 5603fc96770b0a5a0b0845b5e68f8218
247ab1147162309f6bc0a8759204801a3029a8ae
cd404aec5a76bcee1adf2bedae7ad34ec3dd13e5efc1c361a67498e370419fe5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ymate.app
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:35:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ymate.app
access-control-allow-credentials: true
set-cookie: uid_id2=32792ded-316b-4f57-be72-d5a1c66e09b8:2:1; expires=Sun, 23 Jan 2033 22:35:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
prototypewailrubber.com/pixel/purst?dl=0&th=0&sc=0&rs=3227&rd=3227&fd=853&bv=22.10.v.9&tmpl=70
200 OK 0 B URL HTTP/1.1 prototypewailrubber.com/pixel/purst?dl=0&th=0&sc=0&rs=3227&rd=3227&fd=853&bv=22.10.v.9&tmpl=70
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3227&rd=3227&fd=853&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 22:35:32 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
prototypewailrubber.com/bc/2b/53/bc2b53d53a7b2bcbc3f770f48cbf1169.js
200 OK 13 kB URL HTTP/1.1 prototypewailrubber.com/bc/2b/53/bc2b53d53a7b2bcbc3f770f48cbf1169.js
IP
File type ASCII text, with very long lines (37154), with no line terminators
Hash 76c4514b62b439ea232bcb6db8369d9d
340ae7854cd74af4a6689a0cb240ff1635a0221c
5bd8a7b58c21c3b4e8c208f95b78c749a9966fd145818ba98bea0b1d4f8a7a3e
Analyzer Verdict Alert quad9 Sinkholed
GET /bc/2b/53/bc2b53d53a7b2bcbc3f770f48cbf1169.js HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 22:35:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 59787ffca07714133beb2471ef7718a8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 574cdc005607817b8a2455a3a0bdea79
e2f0aec5fb53222654eb9be1a288b4731954558a
92d388aa41ace9e83c93d26b6ce89560c863c4d71f57a0323196bfd96314a7d9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "92D388AA41ACE9E83C93D26B6CE89560C863C4D71F57A0323196BFD96314A7D9"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10739
Expires: Fri, 27 Jan 2023 01:34:31 GMT
Date: Thu, 26 Jan 2023 22:35:32 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 574cdc005607817b8a2455a3a0bdea79
e2f0aec5fb53222654eb9be1a288b4731954558a
92d388aa41ace9e83c93d26b6ce89560c863c4d71f57a0323196bfd96314a7d9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "92D388AA41ACE9E83C93D26B6CE89560C863C4D71F57A0323196BFD96314A7D9"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10738
Expires: Fri, 27 Jan 2023 01:34:31 GMT
Date: Thu, 26 Jan 2023 22:35:33 GMT
Connection: keep-alive
friendshipmale.com/sfp.js
200 OK 76 kB URL HTTP/2 friendshipmale.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b7aa612d97791b422cffe48cdf702440
cb11ffb2d8d0fcd9d135d57bd7a2cd2960c16853
6dcd1f6a1b3c274e60cce5334b17e30b3c437fb7d99780e952327bc6bf384bca
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:35:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3c81be189855f32fc173c6f837e5b340
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 26 Jan 2023 22:35:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyxvtVzK102RHqU1kK0BG1ayM8nOFi1JW5pG7NHp8O%2Btt2zghpAAAngeMWzqMTj0UXpQ3xFN%2FEtBT5Wjp4d6dvroEx3bP%2FC5llliXlil3rl72vYKGpPMiJ2LxdfALlK5qrRkp%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fcb8ea7ad28871-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9ed6523587fc067da6a2dee237932c93
758b0de226a3a8a8f8811e68f8ba70fa7de99d43
ad4a1c37cfdfba3634c941a00dcc4db8f781c6759fd15d23fa9090c754438eb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9ed6523587fc067da6a2dee237932c93
758b0de226a3a8a8f8811e68f8ba70fa7de99d43
ad4a1c37cfdfba3634c941a00dcc4db8f781c6759fd15d23fa9090c754438eb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js
200 OK 8.9 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js
IP
File type ASCII text, with very long lines (1569)
Hash f2def32331d05ead62d41a3b7d8a5aa6
886a89d32487bf14c4b6ca1455541859bfd9ab93
7d8b5162d6dc445509916c04871b423469ac015154fe015fe38f6529be4bbf77
GET /pagead/js/r20230124/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8871
x-xss-protection: 0
date: Thu, 26 Jan 2023 20:39:55 GMT
expires: Thu, 09 Feb 2023 20:39:55 GMT
cache-control: public, max-age=1209600
age: 6938
etag: 9510037503091481574
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
IP
File type ASCII text, with very long lines (1506)
Hash c8e19ab58d75eb01fd735f016f55201f
e3d257ad917d19ae463c29907f36e31e856cad37
52207b7bc66270e84d6bb6c05c6d5a2d2b0d511138073a3d3fe15d7c08119932
GET /pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7523
x-xss-protection: 0
date: Thu, 26 Jan 2023 20:39:52 GMT
expires: Thu, 09 Feb 2023 20:39:52 GMT
cache-control: public, max-age=1209600
age: 6941
etag: 641023367890010850
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/interstitial_ad_frame_fy2021.js
200 OK 8.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/interstitial_ad_frame_fy2021.js
IP
File type ASCII text, with very long lines (2256)
Hash 836ec93411a2fe5be80da9529bd4311b
d6775e2f91e6b97c0ae0219b893f9756bf113ded
7bcd6a3c780093b5baf75974ba43ddd38d9a81e0e24eaa675318a59e20479212
GET /pagead/js/r20230124/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8242
x-xss-protection: 0
date: Thu, 26 Jan 2023 20:52:57 GMT
expires: Thu, 09 Feb 2023 20:52:57 GMT
cache-control: public, max-age=1209600
age: 6156
etag: 13932103368176740555
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY3oqFvQEwAQ&v=APEucNWp5fU77cD4--FX6p1EXA0BgBKQ85uf9UoOClX_eexjZgT9ft0QWS6MHAEw4lXG3wnx_pBKiH1g1vGA0rHWQFMo0rvqbS2CKvMGV_gmOufApB-lDh8QEeLgbjc-WtQB6RSY65G2BLpFZsujxvGx91y8TTsw6FKMzk3AxZcn_eKLG8nsVZg
200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY3oqFvQEwAQ&v=APEucNWp5fU77cD4--FX6p1EXA0BgBKQ85uf9UoOClX_eexjZgT9ft0QWS6MHAEw4lXG3wnx_pBKiH1g1vGA0rHWQFMo0rvqbS2CKvMGV_gmOufApB-lDh8QEeLgbjc-WtQB6RSY65G2BLpFZsujxvGx91y8TTsw6FKMzk3AxZcn_eKLG8nsVZg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CJfnugEQpvPq4AIY3oqFvQEwAQ&v=APEucNWp5fU77cD4--FX6p1EXA0BgBKQ85uf9UoOClX_eexjZgT9ft0QWS6MHAEw4lXG3wnx_pBKiH1g1vGA0rHWQFMo0rvqbS2CKvMGV_gmOufApB-lDh8QEeLgbjc-WtQB6RSY65G2BLpFZsujxvGx91y8TTsw6FKMzk3AxZcn_eKLG8nsVZg HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 26 Jan 2023 22:35:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 22:50:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 26 Jan 2023 22:35:33 GMT
cache-control: private
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/dv3.js
200 OK 27 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/dv3.js
IP
File type ASCII text, with very long lines (2097)
Hash 8a28e64749071e59eb63574a46c3cd52
ae93a882fe7de22d8445409ec7bd033340ed04d8
b74a8a34a9fa56407f411ef3f041339997c867be4493e7fade037d65f935edee
GET /pagead/js/dv3.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 26 Jan 2023 22:35:33 GMT
expires: Thu, 26 Jan 2023 22:35:33 GMT
cache-control: private, max-age=600
content-type: text/javascript; charset=UTF-8
etag: 10506132538256102613
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 27384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&turl=https://ymate.app/es/youtube/apGlGkClgEE&DVP_PP_BUNDLE_ID=
200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&turl=https://ymate.app/es/youtube/apGlGkClgEE&DVP_PP_BUNDLE_ID=
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash c130b6fbb443e8aedc3088d6e002cb18
993b47a1da2bfb78ef33b7fce7d2a8ef034033da
b37b66a9b9a7b0f362460c1efb62f50e14052b9f374654a94d85b4261e7111a4
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&turl=https://ymate.app/es/youtube/apGlGkClgEE&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 24 Jan 2023 16:47:29 GMT
Accept-Ranges: bytes
ETag: "80a6ac8b1330d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3337
Date: Thu, 26 Jan 2023 22:35:33 GMT
Connection: keep-alive
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182812&sid=18330&dvregion=0&unit=970x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&turl=https://ymate.app/es/youtube/apGlGkClgEE&DVP_PP_BUNDLE_ID=
200 OK 1.9 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182812&sid=18330&dvregion=0&unit=970x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&turl=https://ymate.app/es/youtube/apGlGkClgEE&DVP_PP_BUNDLE_ID=
IP
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash 87b6182d03ee779aa68e37632f67656e
fac511e36df5215ae95ad7d03c4984e5ffcb7f6e
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
GET /dvbs_src.js?ctx=1828362&cmp=115750&plc=5182812&sid=18330&dvregion=0&unit=970x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&turl=https://ymate.app/es/youtube/apGlGkClgEE&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycds6p1jm1dM37ZrGE7degj1PHtVHSCOhkWg3tNxtDa8jls04Qf_pWilJX59SK2PF90mCXMWOvLDiSS4yJ4B9Ex0-uw
Cache-Control: max-age=86400
Expires: Wed, 18 Jan 2023 15:48:02 GMT
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1922
x-goog-meta-pipeline-id: 742670731
x-goog-meta-previous-generation-number: 1673253614982549
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Content-Length: 1922
Server: UploadServer
Date: Thu, 26 Jan 2023 22:35:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
200 OK 205 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
IP
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 4087858e2c9db9aa8f6a840aedcfb533
d1ffe861da6bd0e95fd1a365b0c3d3ceb6cd58a3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 08:15:13 GMT
expires: Tue, 23 Jan 2024 08:15:13 GMT
cache-control: public, max-age=31536000
age: 310820
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
200 OK 604 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
IP
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 7bd42e5a35b5fb3ff852d6ea9191ca83
8a141eb392a05a2dea3dcd83b97940ef70a81ebc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 13:30:57 GMT
expires: Thu, 25 Jan 2024 13:30:57 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 119076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvbs_src_internal117.js
200 OK 19 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src_internal117.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2636), with CRLF, LF line terminators
Hash cf93b15de9d1c76c1bc6fdaee5382496
26e52f0a242bff375cc54d8d33a1a416d89e2813
c290ae68279e0685c13650d1534a0cd86997420399bb67288046e61b13defb53
GET /dvbs_src_internal117.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Accept-Ranges: bytes
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 18840
Date: Thu, 26 Jan 2023 22:35:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5aa4e7e445a837a3ccbae810df1bc1de
9d1e99e731fbc36137b047dfff914253b7130446
cc5c56bb41c864a169ec14411a6f76a95fe4a4e7b1af7d94abc227130988edf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC5C56BB41C864A169EC14411A6F76A95FE4A4E7B1AF7D94ABC227130988EDF5"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8287
Expires: Fri, 27 Jan 2023 00:53:41 GMT
Date: Thu, 26 Jan 2023 22:35:34 GMT
Connection: keep-alive
hal9000.redintelligence.net/zone/obf62a1utdhd?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_XjyNQDTY5jkD7SmiQaIjYD4Csm5opxp1LbNztUP8C4QASCT3JxzYMOEgICYGMgBCakCjOQ1Kug5sj6oAwGqBPcBT9ASK0yFqWXzWiDdeO9yJ8cfKIhFcOZtJTiqAGh4ouI9_xjrm62Iv7XGbB9eXimQWuXASvRCiMgf1TEOdD8n5lnZKRXtYL5oKGF7WzVRrEsTBc1WUE9uWCwMCm_nmz7eNFXZtseYBrGn6mWuskG_xzMZrfBHcR85-zY1VBHVeBvVI_pA7QG5wqHC42jd_uH83__ad2izy1dONMW9iWPuWKIFUxofAGNsesgJDTGvY8xBH5r54MmcH6CMnr9m-FKp6gukQ6MpNRXv-qxEwHVFe8WrU0vDPfL7ORIh0SNFxC-CU8Zn2j4Xo9lCYL86fYAglVzX0BGGIcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymhfB80CkMybQNSASmDsgBghpQWVSYooOo6yYtA7Ees8MWi3ati9ni4E9BScINjfy0OwTPdZtirb23FGnPU3g-ZKQwQWEE1xgBIBM%26sig%3DAOD64_35tfa8_AEik6-r9d8u9AskOkvJKA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C2PdMnQc14GPiX-QDC6kUzkYN-X7DDaspbMuGOPn1m99eWqEQXbj1gmzzsrblS9J4UAXGkC0EHuHrrKmQUNJSYDVUCy_y9UvZeQlkBkuVq4T25jj68NOmtc15UJWHFVhQj_TMBhrCQVE7ZlgEWXsXkT48BCfoHKEOGuzAIB_aQ0ezFtxg%26cry%3D1%26dbm_d%3DAKAmf-BNsqwNqXPYJG-EJJd3RmhIUm3G-Eegf_MineBYW7w8eRp_UQmhObH392mEoebOaXFvRSbbpbbRtilCm_kh9UbOrsCNK4Uh0LYwV7Om8biRIX53PPA8-udYIFR07Iq_TSRUheecyA_PMRsHRZwOtZwoF2FY22h2EKXm6fM2Q60VhtQmTsu19jpRUdPyV4w_hhBfwCV-Ih1Tjr-uJbXZ44957zGHLkDDmNKv4Q_urjvmr1re80A7iZbuS88AMM80tTTBezrTmVmab0xXvMdxUgbYlmP4xpSiXM-BuJnwnHT7LFQbjFWr8vKiMoqNimGgpgErlcoILwu-VqcD0htsgFHy3WI3eXryGzYsL1sq5ckIa7DDogBk60v45zHLz4QJ-Wnkvxtw8BGwF4_FbQgkXtnITynVJOOzMhg0Xq7GUfQ3yC3-HX6DESJHeTVpBhT6GYeaZO6yR-tEzdZnxfXeGSzmkcMLfe1W-9y7vSjBsQPUCZ85W-kW2vUwZaChezM4XaszduNJ4p1ptKg2WHn4dZWJ2UtSSNu603051w1Hjh-qVTI03by6pN-BQZSdfIvor8FUQsqY%26adurl%3D
200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/obf62a1utdhd?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_XjyNQDTY5jkD7SmiQaIjYD4Csm5opxp1LbNztUP8C4QASCT3JxzYMOEgICYGMgBCakCjOQ1Kug5sj6oAwGqBPcBT9ASK0yFqWXzWiDdeO9yJ8cfKIhFcOZtJTiqAGh4ouI9_xjrm62Iv7XGbB9eXimQWuXASvRCiMgf1TEOdD8n5lnZKRXtYL5oKGF7WzVRrEsTBc1WUE9uWCwMCm_nmz7eNFXZtseYBrGn6mWuskG_xzMZrfBHcR85-zY1VBHVeBvVI_pA7QG5wqHC42jd_uH83__ad2izy1dONMW9iWPuWKIFUxofAGNsesgJDTGvY8xBH5r54MmcH6CMnr9m-FKp6gukQ6MpNRXv-qxEwHVFe8WrU0vDPfL7ORIh0SNFxC-CU8Zn2j4Xo9lCYL86fYAglVzX0BGGIcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymhfB80CkMybQNSASmDsgBghpQWVSYooOo6yYtA7Ees8MWi3ati9ni4E9BScINjfy0OwTPdZtirb23FGnPU3g-ZKQwQWEE1xgBIBM%26sig%3DAOD64_35tfa8_AEik6-r9d8u9AskOkvJKA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C2PdMnQc14GPiX-QDC6kUzkYN-X7DDaspbMuGOPn1m99eWqEQXbj1gmzzsrblS9J4UAXGkC0EHuHrrKmQUNJSYDVUCy_y9UvZeQlkBkuVq4T25jj68NOmtc15UJWHFVhQj_TMBhrCQVE7ZlgEWXsXkT48BCfoHKEOGuzAIB_aQ0ezFtxg%26cry%3D1%26dbm_d%3DAKAmf-BNsqwNqXPYJG-EJJd3RmhIUm3G-Eegf_MineBYW7w8eRp_UQmhObH392mEoebOaXFvRSbbpbbRtilCm_kh9UbOrsCNK4Uh0LYwV7Om8biRIX53PPA8-udYIFR07Iq_TSRUheecyA_PMRsHRZwOtZwoF2FY22h2EKXm6fM2Q60VhtQmTsu19jpRUdPyV4w_hhBfwCV-Ih1Tjr-uJbXZ44957zGHLkDDmNKv4Q_urjvmr1re80A7iZbuS88AMM80tTTBezrTmVmab0xXvMdxUgbYlmP4xpSiXM-BuJnwnHT7LFQbjFWr8vKiMoqNimGgpgErlcoILwu-VqcD0htsgFHy3WI3eXryGzYsL1sq5ckIa7DDogBk60v45zHLz4QJ-Wnkvxtw8BGwF4_FbQgkXtnITynVJOOzMhg0Xq7GUfQ3yC3-HX6DESJHeTVpBhT6GYeaZO6yR-tEzdZnxfXeGSzmkcMLfe1W-9y7vSjBsQPUCZ85W-kW2vUwZaChezM4XaszduNJ4p1ptKg2WHn4dZWJ2UtSSNu603051w1Hjh-qVTI03by6pN-BQZSdfIvor8FUQsqY%26adurl%3D
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1706), with CRLF line terminators
Hash 82751a06108358cb99d45f54a3c17710
a652732f218435dbba1251c61bc6e761bae9860c
117d18ded399aec9c36a0c865fe90bce5678b805b17f33221c484f7f7b7822ea
GET /zone/obf62a1utdhd?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_XjyNQDTY5jkD7SmiQaIjYD4Csm5opxp1LbNztUP8C4QASCT3JxzYMOEgICYGMgBCakCjOQ1Kug5sj6oAwGqBPcBT9ASK0yFqWXzWiDdeO9yJ8cfKIhFcOZtJTiqAGh4ouI9_xjrm62Iv7XGbB9eXimQWuXASvRCiMgf1TEOdD8n5lnZKRXtYL5oKGF7WzVRrEsTBc1WUE9uWCwMCm_nmz7eNFXZtseYBrGn6mWuskG_xzMZrfBHcR85-zY1VBHVeBvVI_pA7QG5wqHC42jd_uH83__ad2izy1dONMW9iWPuWKIFUxofAGNsesgJDTGvY8xBH5r54MmcH6CMnr9m-FKp6gukQ6MpNRXv-qxEwHVFe8WrU0vDPfL7ORIh0SNFxC-CU8Zn2j4Xo9lCYL86fYAglVzX0BGGIcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymhfB80CkMybQNSASmDsgBghpQWVSYooOo6yYtA7Ees8MWi3ati9ni4E9BScINjfy0OwTPdZtirb23FGnPU3g-ZKQwQWEE1xgBIBM%26sig%3DAOD64_35tfa8_AEik6-r9d8u9AskOkvJKA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C2PdMnQc14GPiX-QDC6kUzkYN-X7DDaspbMuGOPn1m99eWqEQXbj1gmzzsrblS9J4UAXGkC0EHuHrrKmQUNJSYDVUCy_y9UvZeQlkBkuVq4T25jj68NOmtc15UJWHFVhQj_TMBhrCQVE7ZlgEWXsXkT48BCfoHKEOGuzAIB_aQ0ezFtxg%26cry%3D1%26dbm_d%3DAKAmf-BNsqwNqXPYJG-EJJd3RmhIUm3G-Eegf_MineBYW7w8eRp_UQmhObH392mEoebOaXFvRSbbpbbRtilCm_kh9UbOrsCNK4Uh0LYwV7Om8biRIX53PPA8-udYIFR07Iq_TSRUheecyA_PMRsHRZwOtZwoF2FY22h2EKXm6fM2Q60VhtQmTsu19jpRUdPyV4w_hhBfwCV-Ih1Tjr-uJbXZ44957zGHLkDDmNKv4Q_urjvmr1re80A7iZbuS88AMM80tTTBezrTmVmab0xXvMdxUgbYlmP4xpSiXM-BuJnwnHT7LFQbjFWr8vKiMoqNimGgpgErlcoILwu-VqcD0htsgFHy3WI3eXryGzYsL1sq5ckIa7DDogBk60v45zHLz4QJ-Wnkvxtw8BGwF4_FbQgkXtnITynVJOOzMhg0Xq7GUfQ3yC3-HX6DESJHeTVpBhT6GYeaZO6yR-tEzdZnxfXeGSzmkcMLfe1W-9y7vSjBsQPUCZ85W-kW2vUwZaChezM4XaszduNJ4p1ptKg2WHn4dZWJ2UtSSNu603051w1Hjh-qVTI03by6pN-BQZSdfIvor8FUQsqY%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:35:34 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4122
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a076f6e17dc94b4a5d0088084cea3a7f
8d44fbc126498266329fdbcf6b38b64aa95849be
e59bc35dec4415cdc12acbe5ace1c14fc62cfd657558beec415d21ee4e14b619
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a076f6e17dc94b4a5d0088084cea3a7f
8d44fbc126498266329fdbcf6b38b64aa95849be
e59bc35dec4415cdc12acbe5ace1c14fc62cfd657558beec415d21ee4e14b619
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a076f6e17dc94b4a5d0088084cea3a7f
8d44fbc126498266329fdbcf6b38b64aa95849be
e59bc35dec4415cdc12acbe5ace1c14fc62cfd657558beec415d21ee4e14b619
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a076f6e17dc94b4a5d0088084cea3a7f
8d44fbc126498266329fdbcf6b38b64aa95849be
e59bc35dec4415cdc12acbe5ace1c14fc62cfd657558beec415d21ee4e14b619
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.starfieldtech.com/
200 OK 1.8 kB IP
Hash 41b1f0195d1a6c717f50a268bf091ca1
2e2af7afbd8bdfa78a9a42b47172e647f595b9bb
7a108514a0467211fa2278e02591b078a7323cd110b44b20eacb29eca42ee008
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 26 Jan 2023 22:35:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 26 Jan 2023 20:39:21 GMT
Expires: Fri, 27 Jan 2023 20:39:21 GMT
ETag: "2e2af7afbd8bdfa78a9a42b47172e647f595b9bb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
IP
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash 27cf438fb43d91ae188ec660779545d6
8b9a4cafe884163806af638d24d38b3d3ebc9a4b
fbad1bda779d108b137b7ef98564a9538f866d3c20208c5c3f59f30be33e43ad
GET /rtv/012301112346000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61771
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "004684fcaffa7679"
content-type: text/javascript; charset=UTF-8
age: 275069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
IP
File type ASCII text, with very long lines (14751)
Hash 8d4f7148a157a31d69df198119f15f6c
869d2edb3409f82d8da8690b3b6c7c4212466bf1
9e17a0f37428d7db29cea9973f978d4716aaa7581c2480e9c337efcc84def4bf
GET /rtv/012301112346000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ymate.app/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5217
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "cee5c64b71634b65"
content-type: text/javascript; charset=UTF-8
age: 275069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ymate.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 14:34:21 GMT
expires: Fri, 26 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 28873
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
IP
File type ASCII text, with very long lines (5021)
Hash 7fe5c160dceb250b352d5e11b7586036
0903f40a74a5805f6391a371509369de8e2e1c50
eaec033417fdbf02ec62fc0bf45d0bee3538e3e1722660a312cbe3e4dd60068f
GET /rtv/012301112346000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ymate.app/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1907
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:08 GMT
expires: Tue, 23 Jan 2024 18:11:08 GMT
cache-control: public, max-age=31536000
etag: "5788572ff662ddbc"
content-type: text/javascript; charset=UTF-8
age: 275066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
IP
File type ASCII text, with very long lines (65534)
Hash 7c4e76629bf5f57043e927954d19a19d
a144b16ad4d7168628eaed4f4b26e00a8f4364e3
310354d1c8f1db61fdfb182e107c8eb8a2e7986d1f4e95a2664df2cbdc1f7ccf
GET /rtv/012301112346000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ymate.app/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28839
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "22d781f17bba60c1"
content-type: text/javascript; charset=UTF-8
age: 275069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a076f6e17dc94b4a5d0088084cea3a7f
8d44fbc126498266329fdbcf6b38b64aa95849be
e59bc35dec4415cdc12acbe5ace1c14fc62cfd657558beec415d21ee4e14b619
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_189666514622&jsTagObjCallback=__tagObject_callback_189666514622&num=6&ctx=1828362&cmp=115750&plc=5182812&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=189666514622&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://ymate.app/es/youtube/apGlGkClgEE&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=5&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATauU2%26C%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATau6DTauJ%40FEF36Tau2Av%3Dv%3Cr%3D8tt&dvp_exetime=20.00&callbackName=__verify_callback_189666514622
200 OK 264 B URL HTTP/1.1 rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_189666514622&jsTagObjCallback=__tagObject_callback_189666514622&num=6&ctx=1828362&cmp=115750&plc=5182812&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=189666514622&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://ymate.app/es/youtube/apGlGkClgEE&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=5&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATauU2%26C%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATau6DTauJ%40FEF36Tau2Av%3Dv%3Cr%3D8tt&dvp_exetime=20.00&callbackName=__verify_callback_189666514622
IP
Hash 216302ee7fef68ced79df09821b69b28
83dd238134682fcb47a2b337cc2732f678b24568
9dd46042657c01a9ff2163f225288d49f4d3afb66cf4c13170c757a340400f57
GET /verify.js?flvr=0&jsCallback=__verify_callback_189666514622&jsTagObjCallback=__tagObject_callback_189666514622&num=6&ctx=1828362&cmp=115750&plc=5182812&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=189666514622&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://ymate.app/es/youtube/apGlGkClgEE&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=5&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATauU2%26C%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATau6DTauJ%40FEF36Tau2Av%3Dv%3Cr%3D8tt&dvp_exetime=20.00&callbackName=__verify_callback_189666514622 HTTP/1.1
Host: rtb0.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:35:34 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 01/25/2023 22:35:34
Pragma: no-cache
Vary: Accept-Encoding
X-DV-Response: 0
hal900013.redintelligence.net/request.php?zone=obf62a1utdhd&nw=20&renderingType=javascript&namespace=3a0cfdba39&subid=&uid=ce956d68a4e6586c&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_XjyNQDTY5jkD7SmiQaIjYD4Csm5opxp1LbNztUP8C4QASCT3JxzYMOEgICYGMgBCakCjOQ1Kug5sj6oAwGqBPcBT9ASK0yFqWXzWiDdeO9yJ8cfKIhFcOZtJTiqAGh4ouI9_xjrm62Iv7XGbB9eXimQWuXASvRCiMgf1TEOdD8n5lnZKRXtYL5oKGF7WzVRrEsTBc1WUE9uWCwMCm_nmz7eNFXZtseYBrGn6mWuskG_xzMZrfBHcR85-zY1VBHVeBvVI_pA7QG5wqHC42jd_uH83__ad2izy1dONMW9iWPuWKIFUxofAGNsesgJDTGvY8xBH5r54MmcH6CMnr9m-FKp6gukQ6MpNRXv-qxEwHVFe8WrU0vDPfL7ORIh0SNFxC-CU8Zn2j4Xo9lCYL86fYAglVzX0BGGIcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymhfB80CkMybQNSASmDsgBghpQWVSYooOo6yYtA7Ees8MWi3ati9ni4E9BScINjfy0OwTPdZtirb23FGnPU3g-ZKQwQWEE1xgBIBM%26sig%3DAOD64_35tfa8_AEik6-r9d8u9AskOkvJKA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C2PdMnQc14GPiX-QDC6kUzkYN-X7DDaspbMuGOPn1m99eWqEQXbj1gmzzsrblS9J4UAXGkC0EHuHrrKmQUNJSYDVUCy_y9UvZeQlkBkuVq4T25jj68NOmtc15UJWHFVhQj_TMBhrCQVE7ZlgEWXsXkT48BCfoHKEOGuzAIB_aQ0ezFtxg%26cry%3D1%26dbm_d%3DAKAmf-BNsqwNqXPYJG-EJJd3RmhIUm3G-Eegf_MineBYW7w8eRp_UQmhObH392mEoebOaXFvRSbbpbbRtilCm_kh9UbOrsCNK4Uh0LYwV7Om8biRIX53PPA8-udYIFR07Iq_TSRUheecyA_PMRsHRZwOtZwoF2FY22h2EKXm6fM2Q60VhtQmTsu19jpRUdPyV4w_hhBfwCV-Ih1Tjr-uJbXZ44957zGHLkDDmNKv4Q_urjvmr1re80A7iZbuS88AMM80tTTBezrTmVmab0xXvMdxUgbYlmP4xpSiXM-BuJnwnHT7LFQbjFWr8vKiMoqNimGgpgErlcoILwu-VqcD0htsgFHy3WI3eXryGzYsL1sq5ckIa7DDogBk60v45zHLz4QJ-Wnkvxtw8BGwF4_FbQgkXtnITynVJOOzMhg0Xq7GUfQ3yC3-HX6DESJHeTVpBhT6GYeaZO6yR-tEzdZnxfXeGSzmkcMLfe1W-9y7vSjBsQPUCZ85W-kW2vUwZaChezM4XaszduNJ4p1ptKg2WHn4dZWJ2UtSSNu603051w1Hjh-qVTI03by6pN-BQZSdfIvor8FUQsqY%26adurl%3D&documentReferer=https%3A%2F%2Fd9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3326472058849&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
302 Found 0 B URL HTTP/1.1 hal900013.redintelligence.net/request.php?zone=obf62a1utdhd&nw=20&renderingType=javascript&namespace=3a0cfdba39&subid=&uid=ce956d68a4e6586c&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_XjyNQDTY5jkD7SmiQaIjYD4Csm5opxp1LbNztUP8C4QASCT3JxzYMOEgICYGMgBCakCjOQ1Kug5sj6oAwGqBPcBT9ASK0yFqWXzWiDdeO9yJ8cfKIhFcOZtJTiqAGh4ouI9_xjrm62Iv7XGbB9eXimQWuXASvRCiMgf1TEOdD8n5lnZKRXtYL5oKGF7WzVRrEsTBc1WUE9uWCwMCm_nmz7eNFXZtseYBrGn6mWuskG_xzMZrfBHcR85-zY1VBHVeBvVI_pA7QG5wqHC42jd_uH83__ad2izy1dONMW9iWPuWKIFUxofAGNsesgJDTGvY8xBH5r54MmcH6CMnr9m-FKp6gukQ6MpNRXv-qxEwHVFe8WrU0vDPfL7ORIh0SNFxC-CU8Zn2j4Xo9lCYL86fYAglVzX0BGGIcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymhfB80CkMybQNSASmDsgBghpQWVSYooOo6yYtA7Ees8MWi3ati9ni4E9BScINjfy0OwTPdZtirb23FGnPU3g-ZKQwQWEE1xgBIBM%26sig%3DAOD64_35tfa8_AEik6-r9d8u9AskOkvJKA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C2PdMnQc14GPiX-QDC6kUzkYN-X7DDaspbMuGOPn1m99eWqEQXbj1gmzzsrblS9J4UAXGkC0EHuHrrKmQUNJSYDVUCy_y9UvZeQlkBkuVq4T25jj68NOmtc15UJWHFVhQj_TMBhrCQVE7ZlgEWXsXkT48BCfoHKEOGuzAIB_aQ0ezFtxg%26cry%3D1%26dbm_d%3DAKAmf-BNsqwNqXPYJG-EJJd3RmhIUm3G-Eegf_MineBYW7w8eRp_UQmhObH392mEoebOaXFvRSbbpbbRtilCm_kh9UbOrsCNK4Uh0LYwV7Om8biRIX53PPA8-udYIFR07Iq_TSRUheecyA_PMRsHRZwOtZwoF2FY22h2EKXm6fM2Q60VhtQmTsu19jpRUdPyV4w_hhBfwCV-Ih1Tjr-uJbXZ44957zGHLkDDmNKv4Q_urjvmr1re80A7iZbuS88AMM80tTTBezrTmVmab0xXvMdxUgbYlmP4xpSiXM-BuJnwnHT7LFQbjFWr8vKiMoqNimGgpgErlcoILwu-VqcD0htsgFHy3WI3eXryGzYsL1sq5ckIa7DDogBk60v45zHLz4QJ-Wnkvxtw8BGwF4_FbQgkXtnITynVJOOzMhg0Xq7GUfQ3yC3-HX6DESJHeTVpBhT6GYeaZO6yR-tEzdZnxfXeGSzmkcMLfe1W-9y7vSjBsQPUCZ85W-kW2vUwZaChezM4XaszduNJ4p1ptKg2WHn4dZWJ2UtSSNu603051w1Hjh-qVTI03by6pN-BQZSdfIvor8FUQsqY%26adurl%3D&documentReferer=https%3A%2F%2Fd9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3326472058849&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=obf62a1utdhd&nw=20&renderingType=javascript&namespace=3a0cfdba39&subid=&uid=ce956d68a4e6586c&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_XjyNQDTY5jkD7SmiQaIjYD4Csm5opxp1LbNztUP8C4QASCT3JxzYMOEgICYGMgBCakCjOQ1Kug5sj6oAwGqBPcBT9ASK0yFqWXzWiDdeO9yJ8cfKIhFcOZtJTiqAGh4ouI9_xjrm62Iv7XGbB9eXimQWuXASvRCiMgf1TEOdD8n5lnZKRXtYL5oKGF7WzVRrEsTBc1WUE9uWCwMCm_nmz7eNFXZtseYBrGn6mWuskG_xzMZrfBHcR85-zY1VBHVeBvVI_pA7QG5wqHC42jd_uH83__ad2izy1dONMW9iWPuWKIFUxofAGNsesgJDTGvY8xBH5r54MmcH6CMnr9m-FKp6gukQ6MpNRXv-qxEwHVFe8WrU0vDPfL7ORIh0SNFxC-CU8Zn2j4Xo9lCYL86fYAglVzX0BGGIcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymhfB80CkMybQNSASmDsgBghpQWVSYooOo6yYtA7Ees8MWi3ati9ni4E9BScINjfy0OwTPdZtirb23FGnPU3g-ZKQwQWEE1xgBIBM%26sig%3DAOD64_35tfa8_AEik6-r9d8u9AskOkvJKA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C2PdMnQc14GPiX-QDC6kUzkYN-X7DDaspbMuGOPn1m99eWqEQXbj1gmzzsrblS9J4UAXGkC0EHuHrrKmQUNJSYDVUCy_y9UvZeQlkBkuVq4T25jj68NOmtc15UJWHFVhQj_TMBhrCQVE7ZlgEWXsXkT48BCfoHKEOGuzAIB_aQ0ezFtxg%26cry%3D1%26dbm_d%3DAKAmf-BNsqwNqXPYJG-EJJd3RmhIUm3G-Eegf_MineBYW7w8eRp_UQmhObH392mEoebOaXFvRSbbpbbRtilCm_kh9UbOrsCNK4Uh0LYwV7Om8biRIX53PPA8-udYIFR07Iq_TSRUheecyA_PMRsHRZwOtZwoF2FY22h2EKXm6fM2Q60VhtQmTsu19jpRUdPyV4w_hhBfwCV-Ih1Tjr-uJbXZ44957zGHLkDDmNKv4Q_urjvmr1re80A7iZbuS88AMM80tTTBezrTmVmab0xXvMdxUgbYlmP4xpSiXM-BuJnwnHT7LFQbjFWr8vKiMoqNimGgpgErlcoILwu-VqcD0htsgFHy3WI3eXryGzYsL1sq5ckIa7DDogBk60v45zHLz4QJ-Wnkvxtw8BGwF4_FbQgkXtnITynVJOOzMhg0Xq7GUfQ3yC3-HX6DESJHeTVpBhT6GYeaZO6yR-tEzdZnxfXeGSzmkcMLfe1W-9y7vSjBsQPUCZ85W-kW2vUwZaChezM4XaszduNJ4p1ptKg2WHn4dZWJ2UtSSNu603051w1Hjh-qVTI03by6pN-BQZSdfIvor8FUQsqY%26adurl%3D&documentReferer=https%3A%2F%2Fd9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3326472058849&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP/1.1
Host: hal900013.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 26 Jan 2023 22:35:34 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 26 Jan 2023 22:35:34 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=b75b1be87daa2716; expires=Wed, 26-Apr-2023 22:35:34 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=obf62a1utdhd&nw=20&renderingType=javascript&namespace=3a0cfdba39&subid=&uid=ce956d68a4e6586c&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_XjyNQDTY5jkD7SmiQaIjYD4Csm5opxp1LbNztUP8C4QASCT3JxzYMOEgICYGMgBCakCjOQ1Kug5sj6oAwGqBPcBT9ASK0yFqWXzWiDdeO9yJ8cfKIhFcOZtJTiqAGh4ouI9_xjrm62Iv7XGbB9eXimQWuXASvRCiMgf1TEOdD8n5lnZKRXtYL5oKGF7WzVRrEsTBc1WUE9uWCwMCm_nmz7eNFXZtseYBrGn6mWuskG_xzMZrfBHcR85-zY1VBHVeBvVI_pA7QG5wqHC42jd_uH83__ad2izy1dONMW9iWPuWKIFUxofAGNsesgJDTGvY8xBH5r54MmcH6CMnr9m-FKp6gukQ6MpNRXv-qxEwHVFe8WrU0vDPfL7ORIh0SNFxC-CU8Zn2j4Xo9lCYL86fYAglVzX0BGGIcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymhfB80CkMybQNSASmDsgBghpQWVSYooOo6yYtA7Ees8MWi3ati9ni4E9BScINjfy0OwTPdZtirb23FGnPU3g-ZKQwQWEE1xgBIBM%26sig%3DAOD64_35tfa8_AEik6-r9d8u9AskOkvJKA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C2PdMnQc14GPiX-QDC6kUzkYN-X7DDaspbMuGOPn1m99eWqEQXbj1gmzzsrblS9J4UAXGkC0EHuHrrKmQUNJSYDVUCy_y9UvZeQlkBkuVq4T25jj68NOmtc15UJWHFVhQj_TMBhrCQVE7ZlgEWXsXkT48BCfoHKEOGuzAIB_aQ0ezFtxg%26cry%3D1%26dbm_d%3DAKAmf-BNsqwNqXPYJG-EJJd3RmhIUm3G-Eegf_MineBYW7w8eRp_UQmhObH392mEoebOaXFvRSbbpbbRtilCm_kh9UbOrsCNK4Uh0LYwV7Om8biRIX53PPA8-udYIFR07Iq_TSRUheecyA_PMRsHRZwOtZwoF2FY22h2EKXm6fM2Q60VhtQmTsu19jpRUdPyV4w_hhBfwCV-Ih1Tjr-uJbXZ44957zGHLkDDmNKv4Q_urjvmr1re80A7iZbuS88AMM80tTTBezrTmVmab0xXvMdxUgbYlmP4xpSiXM-BuJnwnHT7LFQbjFWr8vKiMoqNimGgpgErlcoILwu-VqcD0htsgFHy3WI3eXryGzYsL1sq5ckIa7DDogBk60v45zHLz4QJ-Wnkvxtw8BGwF4_FbQgkXtnITynVJOOzMhg0Xq7GUfQ3yC3-HX6DESJHeTVpBhT6GYeaZO6yR-tEzdZnxfXeGSzmkcMLfe1W-9y7vSjBsQPUCZ85W-kW2vUwZaChezM4XaszduNJ4p1ptKg2WHn4dZWJ2UtSSNu603051w1Hjh-qVTI03by6pN-BQZSdfIvor8FUQsqY%26adurl%3D&documentReferer=https%3A%2F%2Fd9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3326472058849&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
cdn.doubleverify.com/dv-measurements3438.js
200 OK 109 kB URL HTTP/1.1 cdn.doubleverify.com/dv-measurements3438.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 109 kB (109055 bytes)
Hash 9d818853909334b5c8790966cd9db9b4
99745be6a2f1e709fb5e9af2609585a72d0f75b0
45824500b50b592cd7918071004b4422b98bd45b3737dad87f0da61334d41feb
GET /dv-measurements3438.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 08:55:06 GMT
Accept-Ranges: bytes
ETag: "051846382fd91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 109055
Date: Thu, 26 Jan 2023 22:35:34 GMT
Connection: keep-alive
servedby.flashtalking.com/imp/8/115750;5182812;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedNODSKBAN970x250/?ftOBA=1&ft_domain=ymate.app&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fymate.app%2F&us_privacy=${US_PRIVACY}&cachebuster=511666.1564374397&ft_dv=%5B%25ft_dv%25%5D
200 OK 768 B URL HTTP/1.1 servedby.flashtalking.com/imp/8/115750;5182812;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedNODSKBAN970x250/?ftOBA=1&ft_domain=ymate.app&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fymate.app%2F&us_privacy=${US_PRIVACY}&cachebuster=511666.1564374397&ft_dv=%5B%25ft_dv%25%5D
IP
ASN #1299 Telia Company AB
File type ASCII text, with CRLF, CR, LF line terminators
Hash a605e67ed55872d6001235f274454ea8
8d8ad0a61310ba60b045854fa8994bc8881bd20e
81b6815aa0a6ec5c1f4c88f267f28522de7147f1153a68d36fc3d9aeae93f8f2
GET /imp/8/115750;5182812;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedNODSKBAN970x250/?ftOBA=1&ft_domain=ymate.app&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fymate.app%2F&us_privacy=${US_PRIVACY}&cachebuster=511666.1564374397&ft_dv=%5B%25ft_dv%25%5D HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=ISO-8859-1
Server: prod-xre-app8.frk11
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 26 Jan 2023 22:35:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 26 Jan 2023 22:35:34 GMT
Content-Length: 768
Connection: keep-alive
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ebf9d7211aba4c70b84fb470a61b414
28fe29a24e47d6abda88eeeb5e22eddda03c7fca
a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:35:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/drt/ui
302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 26 Jan 2023 22:35:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal900013.redintelligence.net/request.php?zone=obf62a1utdhd&nw=20&renderingType=javascript&namespace=3a0cfdba39&subid=&uid=ce956d68a4e6586c&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_XjyNQDTY5jkD7SmiQaIjYD4Csm5opxp1LbNztUP8C4QASCT3JxzYMOEgICYGMgBCakCjOQ1Kug5sj6oAwGqBPcBT9ASK0yFqWXzWiDdeO9yJ8cfKIhFcOZtJTiqAGh4ouI9_xjrm62Iv7XGbB9eXimQWuXASvRCiMgf1TEOdD8n5lnZKRXtYL5oKGF7WzVRrEsTBc1WUE9uWCwMCm_nmz7eNFXZtseYBrGn6mWuskG_xzMZrfBHcR85-zY1VBHVeBvVI_pA7QG5wqHC42jd_uH83__ad2izy1dONMW9iWPuWKIFUxofAGNsesgJDTGvY8xBH5r54MmcH6CMnr9m-FKp6gukQ6MpNRXv-qxEwHVFe8WrU0vDPfL7ORIh0SNFxC-CU8Zn2j4Xo9lCYL86fYAglVzX0BGGIcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymhfB80CkMybQNSASmDsgBghpQWVSYooOo6yYtA7Ees8MWi3ati9ni4E9BScINjfy0OwTPdZtirb23FGnPU3g-ZKQwQWEE1xgBIBM%26sig%3DAOD64_35tfa8_AEik6-r9d8u9AskOkvJKA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C2PdMnQc14GPiX-QDC6kUzkYN-X7DDaspbMuGOPn1m99eWqEQXbj1gmzzsrblS9J4UAXGkC0EHuHrrKmQUNJSYDVUCy_y9UvZeQlkBkuVq4T25jj68NOmtc15UJWHFVhQj_TMBhrCQVE7ZlgEWXsXkT48BCfoHKEOGuzAIB_aQ0ezFtxg%26cry%3D1%26dbm_d%3DAKAmf-BNsqwNqXPYJG-EJJd3RmhIUm3G-Eegf_MineBYW7w8eRp_UQmhObH392mEoebOaXFvRSbbpbbRtilCm_kh9UbOrsCNK4Uh0LYwV7Om8biRIX53PPA8-udYIFR07Iq_TSRUheecyA_PMRsHRZwOtZwoF2FY22h2EKXm6fM2Q60VhtQmTsu19jpRUdPyV4w_hhBfwCV-Ih1Tjr-uJbXZ44957zGHLkDDmNKv4Q_urjvmr1re80A7iZbuS88AMM80tTTBezrTmVmab0xXvMdxUgbYlmP4xpSiXM-BuJnwnHT7LFQbjFWr8vKiMoqNimGgpgErlcoILwu-VqcD0htsgFHy3WI3eXryGzYsL1sq5ckIa7DDogBk60v45zHLz4QJ-Wnkvxtw8BGwF4_FbQgkXtnITynVJOOzMhg0Xq7GUfQ3yC3-HX6DESJHeTVpBhT6GYeaZO6yR-tEzdZnxfXeGSzmkcMLfe1W-9y7vSjBsQPUCZ85W-kW2vUwZaChezM4XaszduNJ4p1ptKg2WHn4dZWJ2UtSSNu603051w1Hjh-qVTI03by6pN-BQZSdfIvor8FUQsqY%26adurl%3D&documentReferer=https%3A%2F%2Fd9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3326472058849&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
200 OK 511 B URL HTTP/1.1 hal900013.redintelligence.net/request.php?zone=obf62a1utdhd&nw=20&renderingType=javascript&namespace=3a0cfdba39&subid=&uid=ce956d68a4e6586c&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_XjyNQDTY5jkD7SmiQaIjYD4Csm5opxp1LbNztUP8C4QASCT3JxzYMOEgICYGMgBCakCjOQ1Kug5sj6oAwGqBPcBT9ASK0yFqWXzWiDdeO9yJ8cfKIhFcOZtJTiqAGh4ouI9_xjrm62Iv7XGbB9eXimQWuXASvRCiMgf1TEOdD8n5lnZKRXtYL5oKGF7WzVRrEsTBc1WUE9uWCwMCm_nmz7eNFXZtseYBrGn6mWuskG_xzMZrfBHcR85-zY1VBHVeBvVI_pA7QG5wqHC42jd_uH83__ad2izy1dONMW9iWPuWKIFUxofAGNsesgJDTGvY8xBH5r54MmcH6CMnr9m-FKp6gukQ6MpNRXv-qxEwHVFe8WrU0vDPfL7ORIh0SNFxC-CU8Zn2j4Xo9lCYL86fYAglVzX0BGGIcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymhfB80CkMybQNSASmDsgBghpQWVSYooOo6yYtA7Ees8MWi3ati9ni4E9BScINjfy0OwTPdZtirb23FGnPU3g-ZKQwQWEE1xgBIBM%26sig%3DAOD64_35tfa8_AEik6-r9d8u9AskOkvJKA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C2PdMnQc14GPiX-QDC6kUzkYN-X7DDaspbMuGOPn1m99eWqEQXbj1gmzzsrblS9J4UAXGkC0EHuHrrKmQUNJSYDVUCy_y9UvZeQlkBkuVq4T25jj68NOmtc15UJWHFVhQj_TMBhrCQVE7ZlgEWXsXkT48BCfoHKEOGuzAIB_aQ0ezFtxg%26cry%3D1%26dbm_d%3DAKAmf-BNsqwNqXPYJG-EJJd3RmhIUm3G-Eegf_MineBYW7w8eRp_UQmhObH392mEoebOaXFvRSbbpbbRtilCm_kh9UbOrsCNK4Uh0LYwV7Om8biRIX53PPA8-udYIFR07Iq_TSRUheecyA_PMRsHRZwOtZwoF2FY22h2EKXm6fM2Q60VhtQmTsu19jpRUdPyV4w_hhBfwCV-Ih1Tjr-uJbXZ44957zGHLkDDmNKv4Q_urjvmr1re80A7iZbuS88AMM80tTTBezrTmVmab0xXvMdxUgbYlmP4xpSiXM-BuJnwnHT7LFQbjFWr8vKiMoqNimGgpgErlcoILwu-VqcD0htsgFHy3WI3eXryGzYsL1sq5ckIa7DDogBk60v45zHLz4QJ-Wnkvxtw8BGwF4_FbQgkXtnITynVJOOzMhg0Xq7GUfQ3yC3-HX6DESJHeTVpBhT6GYeaZO6yR-tEzdZnxfXeGSzmkcMLfe1W-9y7vSjBsQPUCZ85W-kW2vUwZaChezM4XaszduNJ4p1ptKg2WHn4dZWJ2UtSSNu603051w1Hjh-qVTI03by6pN-BQZSdfIvor8FUQsqY%26adurl%3D&documentReferer=https%3A%2F%2Fd9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3326472058849&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 4f6728e9b17dc3fb5295f12ef881111f
cb87bbdcc4609679a8269ac2057c2e1d0a838d04
4c41f3310992222d81b8793f51d06c0f0b1e5ce6e4e27181005b987b4993f594
GET /request.php?zone=obf62a1utdhd&nw=20&renderingType=javascript&namespace=3a0cfdba39&subid=&uid=ce956d68a4e6586c&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_XjyNQDTY5jkD7SmiQaIjYD4Csm5opxp1LbNztUP8C4QASCT3JxzYMOEgICYGMgBCakCjOQ1Kug5sj6oAwGqBPcBT9ASK0yFqWXzWiDdeO9yJ8cfKIhFcOZtJTiqAGh4ouI9_xjrm62Iv7XGbB9eXimQWuXASvRCiMgf1TEOdD8n5lnZKRXtYL5oKGF7WzVRrEsTBc1WUE9uWCwMCm_nmz7eNFXZtseYBrGn6mWuskG_xzMZrfBHcR85-zY1VBHVeBvVI_pA7QG5wqHC42jd_uH83__ad2izy1dONMW9iWPuWKIFUxofAGNsesgJDTGvY8xBH5r54MmcH6CMnr9m-FKp6gukQ6MpNRXv-qxEwHVFe8WrU0vDPfL7ORIh0SNFxC-CU8Zn2j4Xo9lCYL86fYAglVzX0BGGIcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymhfB80CkMybQNSASmDsgBghpQWVSYooOo6yYtA7Ees8MWi3ati9ni4E9BScINjfy0OwTPdZtirb23FGnPU3g-ZKQwQWEE1xgBIBM%26sig%3DAOD64_35tfa8_AEik6-r9d8u9AskOkvJKA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C2PdMnQc14GPiX-QDC6kUzkYN-X7DDaspbMuGOPn1m99eWqEQXbj1gmzzsrblS9J4UAXGkC0EHuHrrKmQUNJSYDVUCy_y9UvZeQlkBkuVq4T25jj68NOmtc15UJWHFVhQj_TMBhrCQVE7ZlgEWXsXkT48BCfoHKEOGuzAIB_aQ0ezFtxg%26cry%3D1%26dbm_d%3DAKAmf-BNsqwNqXPYJG-EJJd3RmhIUm3G-Eegf_MineBYW7w8eRp_UQmhObH392mEoebOaXFvRSbbpbbRtilCm_kh9UbOrsCNK4Uh0LYwV7Om8biRIX53PPA8-udYIFR07Iq_TSRUheecyA_PMRsHRZwOtZwoF2FY22h2EKXm6fM2Q60VhtQmTsu19jpRUdPyV4w_hhBfwCV-Ih1Tjr-uJbXZ44957zGHLkDDmNKv4Q_urjvmr1re80A7iZbuS88AMM80tTTBezrTmVmab0xXvMdxUgbYlmP4xpSiXM-BuJnwnHT7LFQbjFWr8vKiMoqNimGgpgErlcoILwu-VqcD0htsgFHy3WI3eXryGzYsL1sq5ckIa7DDogBk60v45zHLz4QJ-Wnkvxtw8BGwF4_FbQgkXtnITynVJOOzMhg0Xq7GUfQ3yC3-HX6DESJHeTVpBhT6GYeaZO6yR-tEzdZnxfXeGSzmkcMLfe1W-9y7vSjBsQPUCZ85W-kW2vUwZaChezM4XaszduNJ4p1ptKg2WHn4dZWJ2UtSSNu603051w1Hjh-qVTI03by6pN-BQZSdfIvor8FUQsqY%26adurl%3D&documentReferer=https%3A%2F%2Fd9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3326472058849&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal900013.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=b75b1be87daa2716
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:35:34 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 26 Jan 2023 22:35:34 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=b75b1be87daa2716; expires=Wed, 26-Apr-2023 22:35:34 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 72102200221120804439910012216013
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 511
Connection: close
Content-Type: application/x-javascript; charset=utf-8
cdn.flashtalking.com/xre/518/5182812/4069572/js/j-5182812-4069572.js
200 OK 17 kB URL HTTP/1.1 cdn.flashtalking.com/xre/518/5182812/4069572/js/j-5182812-4069572.js
IP
File type ASCII text, with very long lines (2897), with CRLF, CR, LF line terminators
Hash ba812a7ce590d2b49e73daa58a002724
40fdd075af030764f7eb227db8996ce69a0b41b9
b6214ea55db5497c88f4b806a2efc9b6fd06fddd59456bb317c0b06160dfd268
GET /xre/518/5182812/4069572/js/j-5182812-4069572.js HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:35:34 GMT
Connection: Keep-Alive
ETag: "1664998019"
Cache-Control: max-age=705
Content-Encoding: gzip
Content-Length: 17004
Content-Type: text/javascript; charset=utf-8
Last-Modified: Wed, 05 Oct 2022 19:26:59 GMT
Accept-Ranges: bytes
x-amz-id-2: 37LaSggdXPrnNsrNM4LTYE5srMejBeqeJzAs0unUlx0w7xMC8qhzkYpvGznMRlqXDNeGuaSQIF8=
x-amz-request-id: AGSG80TPDVZPKX34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1674772534.dop227.sk1.t,1674772534.cds228.sk1.shn,1674772534.dop227.sk1.t,1674772534.cds012.sk1.c
cdn.flashtalking.com/116327/4069572/index.html
200 OK 24 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069572/index.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1430), with CRLF, LF line terminators
Hash a1a984a0cf9005c7668239981824851c
a56ffe79cc9c154867824c8d29868e63a668e7bc
8b4aeaaf0f0c862ff90f8ab803c9c10962a5270b4b0e996bf835d9c1da1d5314
GET /116327/4069572/index.html HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:35:35 GMT
Connection: Keep-Alive
ETag: "1664411221"
Cache-Control: max-age=958
Content-Encoding: gzip
Content-Length: 23541
Content-Type: text/html
Last-Modified: Thu, 29 Sep 2022 00:27:01 GMT
Accept-Ranges: bytes
x-amz-id-2: Z5y4MkkUEjxdtRGQVMdcKwM6NohIhvHfaeCwRQSKEFH+4A8LJDMjFz8brasP7bS4ROAC/Dnkl/g=
x-amz-request-id: QAVAQ782EYNT1T95
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1674772534.dop227.sk1.t,1674772534.cds228.sk1.shn,1674772535.dop227.sk1.t,1674772535.cds261.sk1.c
cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182812&num=&adid=&advid=&adsrv=29&btreg=5182812&btadsrv=flashtalking&crt=4069572&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=3506FC35-C28A-91A4-6828-FAE08E478113&auevent=&772055050
200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182812&num=&adid=&advid=&adsrv=29&btreg=5182812&btadsrv=flashtalking&crt=4069572&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=3506FC35-C28A-91A4-6828-FAE08E478113&auevent=&772055050
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash c130b6fbb443e8aedc3088d6e002cb18
993b47a1da2bfb78ef33b7fce7d2a8ef034033da
b37b66a9b9a7b0f362460c1efb62f50e14052b9f374654a94d85b4261e7111a4
GET /dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182812&num=&adid=&advid=&adsrv=29&btreg=5182812&btadsrv=flashtalking&crt=4069572&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=3506FC35-C28A-91A4-6828-FAE08E478113&auevent=&772055050 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 24 Jan 2023 16:47:29 GMT
Accept-Ranges: bytes
ETag: "80a6ac8b1330d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3337
Date: Thu, 26 Jan 2023 22:35:35 GMT
Connection: keep-alive
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash dd123685db4baebca640d317fe98f4f0
c624df8b2a1b9853892b4e11b4dfb28f19227cc0
b9d809b07484759e924818af213ae1c86f3bb2b6cf1ae438ba6ff6add35cc179
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 26 Jan 2023 22:35:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 26 Jan 2023 02:50:33 GMT
Expires: Fri, 27 Jan 2023 02:50:33 GMT
ETag: "c624df8b2a1b9853892b4e11b4dfb28f19227cc0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
200 OK 1.3 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
IP
File type PNG image data, 19 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash db320ef6f3c45ab5c90887ef618de2bb
7d4bd175166545ea775fcb69b406eba11f7fa3ec
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
GET /oba/icon/iconc.png?EDAA_icon=y HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Content-Type: image/png
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-Varnish: 440713868 434560932
Accept-Ranges: bytes
Content-Length: 1308
Cache-Control: max-age=1228624
Expires: Fri, 10 Feb 2023 03:52:39 GMT
Date: Thu, 26 Jan 2023 22:35:35 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=293&ttfrms=69&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATauU2%26C%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATau6DTauJ%40FEF36Tau2Av%3Dv%3Cr%3D8tt&srcurlD=0&aUrlD=-1&ssl=https:&uid=1674772534690527&jsCallback=dvCallback_1674772534690188&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3438&tgjsver=3438&lvvn=28&m1=13&refD=1&fcifrms=6&brh=1&sdf=2&dvp_epl=113&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ymate.app/es/youtube/apGlGkClgEE&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=6445697206.697444&dvp_tukv=5340367952.650546&dvp_uuid=23951151.084675122&dvp_tuid=599550478064&jurtd=2146457105
200 OK 875 B URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=293&ttfrms=69&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATauU2%26C%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATau6DTauJ%40FEF36Tau2Av%3Dv%3Cr%3D8tt&srcurlD=0&aUrlD=-1&ssl=https:&uid=1674772534690527&jsCallback=dvCallback_1674772534690188&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3438&tgjsver=3438&lvvn=28&m1=13&refD=1&fcifrms=6&brh=1&sdf=2&dvp_epl=113&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ymate.app/es/youtube/apGlGkClgEE&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=6445697206.697444&dvp_tukv=5340367952.650546&dvp_uuid=23951151.084675122&dvp_tuid=599550478064&jurtd=2146457105
IP
File type ASCII text, with very long lines (2258), with no line terminators
Hash 79cf81f166778740f524648fbda2c4b2
184d53eb54869c981899442580d59f7f7799c99f
97b3487c1516bfccd0fb72286b0a07362d048c39c022c56b0919642848bd0483
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=293&ttfrms=69&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATauU2%26C%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATau6DTauJ%40FEF36Tau2Av%3Dv%3Cr%3D8tt&srcurlD=0&aUrlD=-1&ssl=https:&uid=1674772534690527&jsCallback=dvCallback_1674772534690188&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3438&tgjsver=3438&lvvn=28&m1=13&refD=1&fcifrms=6&brh=1&sdf=2&dvp_epl=113&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ymate.app/es/youtube/apGlGkClgEE&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gtYz8Ssi0VM_LcgM8xY-nV&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396445022&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1675345995540&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=6445697206.697444&dvp_tukv=5340367952.650546&dvp_uuid=23951151.084675122&dvp_tuid=599550478064&jurtd=2146457105 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:35:35 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=0
Content-Encoding: br
Expires: 01/25/2023 22:35:35
Pragma: no-cache
Vary: Accept-Encoding
cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=54c685e176de4610a05835f50722933b&dup=&eoid=1000&cbust=1674772535499989
302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=54c685e176de4610a05835f50722933b&dup=&eoid=1000&cbust=1674772535499989
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-frc¶m=akipv6&impid=54c685e176de4610a05835f50722933b&dup=&eoid=1000&cbust=1674772535499989 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-frc.doubleverify.com/event.png?impid=54c685e176de4610a05835f50722933b&akipv6=&dup=&eoid=1000
Date: Thu, 26 Jan 2023 22:35:35 GMT
Connection: keep-alive
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=345&ttfrms=22&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATauU2%26C%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATau6DTauJ%40FEF36Tau2Av%3Dv%3Cr%3D8tt&srcurlD=0&aUrlD=-1&ssl=https:&dfs=2093&ddur=89&uid=1674772535649148&jsCallback=dvCallback_1674772535649477&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3438&tgjsver=3438&lvvn=28&m1=13&refD=1&fcifrms=8&brh=1&sdf=2&dvp_epl=113&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115750&sid=18330&plc=5182812&crt=4069572&btreg=5182812&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=3506FC35-C28A-91A4-6828-FAE08E478113&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=6445697206.697444&dvp_tukv=27758107082.304718&dvp_uuid=883797763.7709931&dvp_tuid=1545270981700&jurtd=1162291677
200 OK 1.2 kB URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=345&ttfrms=22&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATauU2%26C%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATau6DTauJ%40FEF36Tau2Av%3Dv%3Cr%3D8tt&srcurlD=0&aUrlD=-1&ssl=https:&dfs=2093&ddur=89&uid=1674772535649148&jsCallback=dvCallback_1674772535649477&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3438&tgjsver=3438&lvvn=28&m1=13&refD=1&fcifrms=8&brh=1&sdf=2&dvp_epl=113&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115750&sid=18330&plc=5182812&crt=4069572&btreg=5182812&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=3506FC35-C28A-91A4-6828-FAE08E478113&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=6445697206.697444&dvp_tukv=27758107082.304718&dvp_uuid=883797763.7709931&dvp_tuid=1545270981700&jurtd=1162291677
IP
File type ASCII text, with very long lines (3044), with no line terminators
Hash 962a43e94503e9dfaa1c9b80c6facef6
0ba0733bf7ed38a68bc80eaba1f9b9fbbcba3513
6a96431162dfb5b632db159e9d2c9bc756860612cbd34c3b0ea40562ff53da95
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=345&ttfrms=22&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATauU2%26C%3Dl9EEADTbpTauTauJ%3E2E6%5D2AATau6DTauJ%40FEF36Tau2Av%3Dv%3Cr%3D8tt&srcurlD=0&aUrlD=-1&ssl=https:&dfs=2093&ddur=89&uid=1674772535649148&jsCallback=dvCallback_1674772535649477&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3438&tgjsver=3438&lvvn=28&m1=13&refD=1&fcifrms=8&brh=1&sdf=2&dvp_epl=113&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115750&sid=18330&plc=5182812&crt=4069572&btreg=5182812&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=3506FC35-C28A-91A4-6828-FAE08E478113&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=6445697206.697444&dvp_tukv=27758107082.304718&dvp_uuid=883797763.7709931&dvp_tuid=1545270981700&jurtd=1162291677 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:35:32 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=0
Content-Encoding: br
Expires: 01/25/2023 22:35:35
Pragma: no-cache
Vary: Accept-Encoding
cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=ba6e87e59a534677af098d78ea696421&dup=&eoid=1000&cbust=1674772535778880
302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=ba6e87e59a534677af098d78ea696421&dup=&eoid=1000&cbust=1674772535778880
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-frc¶m=akipv6&impid=ba6e87e59a534677af098d78ea696421&dup=&eoid=1000&cbust=1674772535778880 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-frc.doubleverify.com/event.png?impid=ba6e87e59a534677af098d78ea696421&akipv6=&dup=&eoid=1000
Date: Thu, 26 Jan 2023 22:35:35 GMT
Connection: keep-alive
code.createjs.com/1.0.0/createjs.min.js
200 OK 117 kB URL HTTP/2 code.createjs.com/1.0.0/createjs.min.js
IP
ASN #20940 Akamai International B.V.
Size 117 kB (116813 bytes)
Hash 2f4ff100e2ff49af9a4c0115654ff0d4
1d62bd41063f68d7ac03b22389f6911d65738f37
ec08120aac48f98c649cb65f36ddc405c5627340390417074e9b3033bf9add5f
GET /1.0.0/createjs.min.js HTTP/1.1
Host: code.createjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900
expires: Thu, 26 Jan 2023 22:50:35 GMT
date: Thu, 26 Jan 2023 22:35:35 GMT
x-n: S
X-Firefox-Spdy: h2
secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
200 OK 6.0 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d675694ab4d4d2eb56cca854c25d9c36
34174b9397a3cb289f892f1f98ccc51a63698360
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
GET /oba/icon/consumer-privacy-logo.png HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Content-Type: image/png
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish: 721542519 721664610
Accept-Ranges: bytes
Content-Length: 5953
Cache-Control: max-age=1047
Expires: Thu, 26 Jan 2023 22:53:02 GMT
Date: Thu, 26 Jan 2023 22:35:35 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
hal900013.redintelligence.net/request_content.php?s=72102200221120804439910012216013&a=04f53cd7
200 OK 3.0 kB URL HTTP/1.1 hal900013.redintelligence.net/request_content.php?s=72102200221120804439910012216013&a=04f53cd7
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF, LF line terminators
Hash 6b232b72a4359b935bc15639f076df35
0c5b5646453fc1ed2a57ecfb5e475b2eec37c881
298d5986fd5c347fb0144e055f6fef99ff76ad928eb7b044ce6a4efa2045af41
GET /request_content.php?s=72102200221120804439910012216013&a=04f53cd7 HTTP/1.1
Host: hal900013.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Cookie: 8lcfmzhxc8d6_uid=b75b1be87daa2716
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:35:35 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 26 Jan 2023 22:35:35 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2279
Connection: close
Content-Type: text/html; charset=utf-8
tpsc-frc.doubleverify.com/event.png?impid=54c685e176de4610a05835f50722933b&akipv6=&dup=&eoid=1000
204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=54c685e176de4610a05835f50722933b&akipv6=&dup=&eoid=1000
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=54c685e176de4610a05835f50722933b&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 26 Jan 2023 22:35:33 GMT
Cache-Control: max-age=0
Expires: 01/25/2023 22:35:35
Pragma: no-cache
cdn.flashtalking.com/116327/4069572/images/Group171472.png
200 OK 48 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069572/images/Group171472.png
IP
File type PNG image data, 802 x 802, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c628e9acdc55344312932fc53e51890
544de55aac5ac7e8d94f23754372ed1a545beffd
dba335650002392562f88e326f52e0a88b3a1a9b9262b795b2c1b5dac900a476
GET /116327/4069572/images/Group171472.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069572/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:35:35 GMT
Connection: Keep-Alive
ETag: "1664411221"
Cache-Control: max-age=569
Content-Length: 47662
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 00:27:01 GMT
Accept-Ranges: bytes
x-amz-id-2: o/90Cl7P1zc9/KtzQif2/LLAo4IQ/NISW5xybDeG+FZzoZyq91ShCb2Sm1XVA71rs16fbAePnLs=
x-amz-request-id: EMKFXX24KPCCMH7S
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1674772534.dop227.sk1.t,1674772534.cds228.sk1.shn,1674772535.dop227.sk1.t,1674772535.cds202.sk1.c
tpsc-frc.doubleverify.com/event.png?impid=ba6e87e59a534677af098d78ea696421&akipv6=&dup=&eoid=1000
204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=ba6e87e59a534677af098d78ea696421&akipv6=&dup=&eoid=1000
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=ba6e87e59a534677af098d78ea696421&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 26 Jan 2023 22:35:35 GMT
Cache-Control: max-age=0
Expires: 01/25/2023 22:35:35
Pragma: no-cache
cdn.flashtalking.com/116327/4069572/images/MaskGroup171153.png
200 OK 82 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069572/images/MaskGroup171153.png
IP
File type PNG image data, 642 x 674, 8-bit/color RGB, non-interlaced\012- data
Hash aa80b743045113baa5a45756cc258c01
d1ec09f5074cd7612fb0cc06e5a02eab6ef40d19
d3b39584486be12795fc5a5e3b7184ffc43f9ce6995f8a27b535f589d46af75b
GET /116327/4069572/images/MaskGroup171153.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069572/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:35:36 GMT
Connection: Keep-Alive
ETag: "1664411221"
Cache-Control: max-age=568
Content-Length: 82376
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 00:27:01 GMT
Accept-Ranges: bytes
x-amz-id-2: Zw8bKjRSMRZ4gAqwJPUN04980SMW5jbejVJblNr7RfgQO796nfQ7L9/XOLkFfjfOBkF2QS05dTE=
x-amz-request-id: E98F4AAR0J40HVZ0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1674772534.dop227.sk1.t,1674772534.cds228.sk1.shn,1674772536.dop227.sk1.t,1674772536.cds261.sk1.c
ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
200 OK 32 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32764)
Hash 548260b20981c0be2d9dcf8d01c08c24
84230120f8f1bd559eca3fb2fec6acf6cffbf4e7
2f8a612a714e5c928525fdb193f8ec12f7965a6c0d63dd8e58ccae239358c8bb
GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900013.redintelligence.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32245
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 06:39:38 GMT
expires: Wed, 24 Jan 2024 06:39:38 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 230158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.contentspread.net/24i/content/soberfb/EN/S-980x120.gif
200 OK 32 kB URL HTTP/1.1 cdn.contentspread.net/24i/content/soberfb/EN/S-980x120.gif
IP
File type GIF image data, version 89a, 980 x 120\012- data
Hash eb620c93d774d207492ee449a58eb41f
6b5f5ae2e1d4c9dd9dbb7d152ad597f8e90cd7a8
4fbed6ec91f414e7d42dad06e53976a6ef052edff170ee6b635a0acbf3557a58
GET /24i/content/soberfb/EN/S-980x120.gif HTTP/1.1
Host: cdn.contentspread.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900013.redintelligence.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Jan 2023 22:35:36 GMT
Content-Type: image/gif
Content-Length: 32039
Last-Modified: Mon, 23 Jul 2018 15:20:35 GMT
Connection: close
ETag: "5b55f243-7d27"
Accept-Ranges: bytes
hal900013.redintelligence.net/viewability?s=72102200221120804439910012216013&a=5f2f7119&vb=m
200 OK 0 B URL HTTP/1.1 hal900013.redintelligence.net/viewability?s=72102200221120804439910012216013&a=5f2f7119&vb=m
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=72102200221120804439910012216013&a=5f2f7119&vb=m HTTP/1.1
Host: hal900013.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900013.redintelligence.net/request_content.php?s=72102200221120804439910012216013&a=04f53cd7
Cookie: 8lcfmzhxc8d6_uid=b75b1be87daa2716
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:35:36 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b2aafdafa11867a6d8cdb983186b122e
a5271d7ffd840a1a85c92f57a4afb2679546d420
f2b57d3bfecd984e2b90744a287788533ea75ef9e5b87b1c80526f6ef50a968f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2B57D3BFECD984E2B90744A287788533EA75EF9E5B87B1C80526F6EF50A968F"
Last-Modified: Thu, 26 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9862
Expires: Fri, 27 Jan 2023 01:19:58 GMT
Date: Thu, 26 Jan 2023 22:35:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b2aafdafa11867a6d8cdb983186b122e
a5271d7ffd840a1a85c92f57a4afb2679546d420
f2b57d3bfecd984e2b90744a287788533ea75ef9e5b87b1c80526f6ef50a968f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2B57D3BFECD984E2B90744A287788533EA75EF9E5B87B1C80526F6EF50A968F"
Last-Modified: Thu, 26 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9862
Expires: Fri, 27 Jan 2023 01:19:58 GMT
Date: Thu, 26 Jan 2023 22:35:36 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=32792ded-316b-4f57-be72-d5a1c66e09b8&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=5b979a601ccf8274561b9b04ff8e4274&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=32792ded-316b-4f57-be72-d5a1c66e09b8&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=5b979a601ccf8274561b9b04ff8e4274&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=32792ded-316b-4f57-be72-d5a1c66e09b8&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=5b979a601ccf8274561b9b04ff8e4274&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 22:35:37 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a6b21c4ee4e75b9b4bfacb31ef4e31e
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=32792ded-316b-4f57-be72-d5a1c66e09b8&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=bc2b53d53a7b2bcbc3f770f48cbf1169&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=32792ded-316b-4f57-be72-d5a1c66e09b8&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=bc2b53d53a7b2bcbc3f770f48cbf1169&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=32792ded-316b-4f57-be72-d5a1c66e09b8&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=bc2b53d53a7b2bcbc3f770f48cbf1169&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 22:35:37 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a40eeb6d62fb2dcc86af1d257667dfb4
Strict-Transport-Security: max-age=0; includeSubdomains
tps.doubleverify.com/visit.jpg?cmp=DV020594&ctx=818052&plc=impdm&dvp_cmp=3398513&dvp_ctx=3397726&jsver=3438&dvp_imp=54c685e176de4610a05835f50722933b&cbust=1674772537610288
302 Found 0 B URL HTTP/1.1 tps.doubleverify.com/visit.jpg?cmp=DV020594&ctx=818052&plc=impdm&dvp_cmp=3398513&dvp_ctx=3397726&jsver=3438&dvp_imp=54c685e176de4610a05835f50722933b&cbust=1674772537610288
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /visit.jpg?cmp=DV020594&ctx=818052&plc=impdm&dvp_cmp=3398513&dvp_ctx=3397726&jsver=3438&dvp_imp=54c685e176de4610a05835f50722933b&cbust=1674772537610288 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 26 Jan 2023 22:34:42 GMT
Content-Length: 0
Cache-Control: max-age=0
Expires: 01/25/2023 22:35:37
Location: https://cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=7e5bd6d3cb824ec8aaf51e89036cb2ae&dup=&eoid=1000
Pragma: no-cache
cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=7e5bd6d3cb824ec8aaf51e89036cb2ae&dup=&eoid=1000
302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=7e5bd6d3cb824ec8aaf51e89036cb2ae&dup=&eoid=1000
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-frc¶m=akipv6&impid=7e5bd6d3cb824ec8aaf51e89036cb2ae&dup=&eoid=1000 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-frc.doubleverify.com/event.png?impid=7e5bd6d3cb824ec8aaf51e89036cb2ae&akipv6=&dup=&eoid=1000
Date: Thu, 26 Jan 2023 22:35:37 GMT
Connection: keep-alive
tpsc-frc.doubleverify.com/event.png?impid=7e5bd6d3cb824ec8aaf51e89036cb2ae&akipv6=&dup=&eoid=1000
204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=7e5bd6d3cb824ec8aaf51e89036cb2ae&akipv6=&dup=&eoid=1000
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=7e5bd6d3cb824ec8aaf51e89036cb2ae&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d9707586d5008bafca57655e21af26db.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 26 Jan 2023 22:34:42 GMT
Cache-Control: max-age=0
Expires: 01/25/2023 22:35:37
Pragma: no-cache
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dfd3530064d405643a31fedd4fd7618
d8268771360e609892c5506f3114dc4f73c0aad0
b4790125e39e400c30d640cd0c64497256168892405511ec3d43b03dc0e5715a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10973
x-amzn-requestid: caff330a-0cc6-488d-be82-c09c2bb87408
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQYTEduIAMFZkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfa9b-1f26b225062c8465440cf460;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L-i1AEFIP6AoWwjds6n7ohyz-Ls1HoF9CXNJS7RRDFApBceBZXmoxA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:29:15 GMT
age: 36383
etag: "d8268771360e609892c5506f3114dc4f73c0aad0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
IP
GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymate.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 22:35:33 GMT
date: Thu, 26 Jan 2023 22:35:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
172.67.74.158
138.201.135.164
23.36.77.32
147.75.85.234
145.239.2.103
2.23.132.54
0.0.0.0