ytboob.com/fashion-week-topless-models/
185.178.208.169301 Moved Permanently 568 B URL HTTP/1.1 ytboob.com/fashion-week-topless-models/
IP 185.178.208.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
GET /fashion-week-topless-models/ HTTP/1.1
Host: ytboob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Thu, 22 Sep 2022 18:59:46 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://ytboob.com/fashion-week-topless-models/
Content-Type: text/html; charset=utf8
Content-Length: 568
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 18:14:02 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fxLD3BhmQQQHXk17ZOIccI4c9GbW-MHNXF72Tkcve5uKwjTyNOQE6w==
Age: 2744
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8909
Expires: Thu, 22 Sep 2022 21:28:15 GMT
Date: Thu, 22 Sep 2022 18:59:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iaTVdky--3gzNwWPuAI1S4lf2qWSsLro_JTklP-MgmbCQmuyKfo8Tg==
age: 51872
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09f17db3d671ef324775ac5fdf23f67c
9a843c524d3b204a901a02dd4801982471e0c8d7
f0d8ad61d53f4df543eeefc403b3719da0796f94e5082ddd67f2b2c60d9ee6d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F0D8AD61D53F4DF543EEEFC403B3719DA0796F94E5082DDD67F2B2C60D9EE6D4"
Last-Modified: Wed, 21 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3419
Expires: Thu, 22 Sep 2022 19:56:45 GMT
Date: Thu, 22 Sep 2022 18:59:46 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ytboob.com/fashion-week-topless-models/
185.178.208.169200 OK 11 kB URL HTTP/2 ytboob.com/fashion-week-topless-models/
IP 185.178.208.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21021)
Hash 80d1cfd00a19553107a08c19d3499f68
08a88593b5c9ac385bd2a576201302be5fec1b6d
d6e34847c0b5642dfbd3773f9db7f5c05a5bab5b468d5ccd48958a5a5cb07e13
GET /fashion-week-topless-models/ HTTP/1.1
Host: ytboob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=SQQhMNuYp1zfWdxJzclF; Domain=.ytboob.com; HttpOnly; Path=/; Expires=Fri, 22-Sep-2023 18:59:46 GMT
date: Thu, 22 Sep 2022 18:59:46 GMT
content-type: text/html; charset=UTF-8
content-length: 11226
vary: Accept-Encoding, Cookie
cache-control: max-age=3, must-revalidate
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
vjs.zencdn.net/7.17.0/video-js.css?ver=7.17.0
151.101.86.217200 OK 11 kB URL HTTP/2 vjs.zencdn.net/7.17.0/video-js.css?ver=7.17.0
IP 151.101.86.217:0
File type Unicode text, UTF-8 text, with very long lines (5844)
Hash fd2ce389889ee4213b41c953de3c4f64
62dd96550a161b4534bfebb9a62c7891f098e0ae
ab514e6f2e3701ac8c1d686a49fb6118e3142cded419aa87a0098c547fa06b0d
GET /7.17.0/video-js.css?ver=7.17.0 HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 10 Nov 2021 19:41:49 GMT
etag: "514fccb15bdc95ea2c2b6fddaded8ecc"
content-type: text/css
content-encoding: gzip
date: Thu, 22 Sep 2022 18:59:47 GMT
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10921
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.realsrv.com/ad-provider.js
205.185.216.10200 OK 24 kB URL HTTP/1.1 a.realsrv.com/ad-provider.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 46504668ecf4671f582f5ba93a2f3c6b
8b165c478da3dd4fd4df3b40745733049b5acb0c
5230c0e2745fedbf038f97e374a5b6ea033434301aa86ec545eae37b29350799
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 18:59:47 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23726
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"2bf044048f482551901a41a7444"
X-HW: 1663873187.dop066.sk1.t,1663873187.cds256.sk1.shn,1663873187.cds256.sk1.c
Access-Control-Allow-Origin: *, *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vjs.zencdn.net/7.17.0/video.min.js?ver=7.17.0
151.101.86.217200 OK 160 kB URL HTTP/2 vjs.zencdn.net/7.17.0/video.min.js?ver=7.17.0
IP 151.101.86.217:0
File type Unicode text, UTF-8 text, with very long lines (48222)
Size 160 kB (159939 bytes)
Hash fd6c60282ab3fb9f9941f35a2a42ab51
64d4000fc161acfc5e8fe6eb73e34f91f3cc1944
a98cf15a87404137852fb76ff856ef3e176101ef80ad9aa9dad6dbc5bbe0d72d
GET /7.17.0/video.min.js?ver=7.17.0 HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 10 Nov 2021 19:41:49 GMT
etag: "6d53ab10ac8d6c3be0ee1df6b4bdc00f"
content-type: application/javascript
content-encoding: gzip
date: Thu, 22 Sep 2022 18:59:47 GMT
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 159939
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a25c8b5d8a9e79cab4660f083564f7bd
5a51409dbbd6cc1bae857f59596248ca581b86e8
88b55c6edc7ce0a74e61a3418925bf18a39e222169c7cda841ce8f2445fb338d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 18:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 05:01:59 GMT
Expires: Wed, 28 Sep 2022 05:01:58 GMT
Etag: "5a51409dbbd6cc1bae857f59596248ca581b86e8"
Cache-Control: max-age=467530,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ed479b2d9bb52d-OSL
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116360 bytes)
Hash b87cd33d44e99d7bb4fa59f97915a154
429b6461bab5189d6987d39713c3405223c461b8
9ad12a8b1ed82ccdfc74eebce578bd8f146b04ba08476f8a9a237e346f1772b2
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116360
date: Thu, 22 Sep 2022 18:59:47 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/themes/ultimatube/assets/img/px.gif
89.187.169.3200 OK 1.1 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/themes/ultimatube/assets/img/px.gif
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash 96e31d075a835fb1e9d431373451cc27
8c0c1169f70c3d487419599597f095c60ed2469f
a9bb07bf95a4eb5b11f74e1be96e3cee1579e41c4c134b3773581c5340ba63ac
GET /wp-content/themes/ultimatube/assets/img/px.gif HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: image/gif
content-length: 1095
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 0
cache-control: public, max-age=604800
last-modified: Sat, 15 Aug 2020 13:19:16 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/20/2022 02:35:31
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 4312c1b0d59fae411eccc1f4021c7b3e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2019/03/ytboob.png
89.187.169.3200 OK 1.7 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2019/03/ytboob.png
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type PNG image data, 160 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash ff29578719311f6774164eb138a698ec
07250c2414f129bd12c3d156d70d1630ee7f1f3a
39b3b9260f0fa5ad5114fb67b0eec3fcdba05a97fb6d6f38ece1f25c43cbd65f
GET /wp-content/uploads/2019/03/ytboob.png HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: image/png
content-length: 1721
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 0
cache-control: public, max-age=604800
last-modified: Sun, 20 Sep 2020 13:42:20 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/20/2022 02:35:31
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 92d6507c16ea7ad71b6b3f4a1fb9a4ab
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto%3Awght%40400%3B700&display=swap&ver=css2
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto%3Awght%40400%3B700&display=swap&ver=css2
IP 142.250.74.10:0
Hash d94daf4c282c484649be1baa6c238eb3
e4baef0fc3158429247a0ff74444a679c715da7b
125667686bc412ad7d86b1433d7fa9d1a111bfd252be87317e242082fc672e1c
GET /css2?family=Roboto%3Awght%40400%3B700&display=swap&ver=css2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 18:59:47 GMT
date: Thu, 22 Sep 2022 18:59:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 22 Sep 2022 18:03:22 GMT
Expires: Thu, 22 Sep 2022 18:12:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JanWsTYDkewa_xnNZe4ho5z2gBAGcJJhxErCLx9napM3uiTwmzSsyA==
Age: 3385
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a25c8b5d8a9e79cab4660f083564f7bd
5a51409dbbd6cc1bae857f59596248ca581b86e8
88b55c6edc7ce0a74e61a3418925bf18a39e222169c7cda841ce8f2445fb338d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 18:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 05:01:59 GMT
Expires: Wed, 28 Sep 2022 05:01:58 GMT
Etag: "5a51409dbbd6cc1bae857f59596248ca581b86e8"
Cache-Control: max-age=467530,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ed479b2bda0b06-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a25c8b5d8a9e79cab4660f083564f7bd
5a51409dbbd6cc1bae857f59596248ca581b86e8
88b55c6edc7ce0a74e61a3418925bf18a39e222169c7cda841ce8f2445fb338d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 18:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 05:01:59 GMT
Expires: Wed, 28 Sep 2022 05:01:58 GMT
Etag: "5a51409dbbd6cc1bae857f59596248ca581b86e8"
Cache-Control: max-age=467530,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ed479b2a0bb529-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1314
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:47 GMT
Last-Modified: Thu, 22 Sep 2022 18:37:53 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GPEXOqnfaQzy5ZGsLolJBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lnhfhSuBMzLiQ67q6zfuTT6cYNo=
ytboob.b-cdn.net/wp-content/cache/autoptimize/js/autoptimize_c3be99ec1f6f4e7977f0d5d9d032333e.js
89.187.169.3200 OK 12 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/cache/autoptimize/js/autoptimize_c3be99ec1f6f4e7977f0d5d9d032333e.js
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type Unicode text, UTF-8 text, with very long lines (11126)
Hash b163bfd9a612f58f1b898883a93f9c83
9c3a195d525a3de5cd7262d90c4fde2406e82314
3cef98f9c7ee53b515b9924986a54e81cbc9b8d2c6397beaf00dedd1c65ae9b2
GET /wp-content/cache/autoptimize/js/autoptimize_c3be99ec1f6f4e7977f0d5d9d032333e.js HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: application/javascript; charset=utf-8
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
vary: Accept-Encoding
age: 2
cache-control: public, max-age=604800
content-encoding: br
etag: W/"630fc147-9ffb"
last-modified: Wed, 31 Aug 2022 20:15:03 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/02/2022 01:20:38
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 44566df0d7f7e1bb797e02ec9992d24c
cdn-cache: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ytboob.com/wp-content/themes/ultimatube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
185.178.208.169200 OK 77 kB URL HTTP/2 ytboob.com/wp-content/themes/ultimatube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 185.178.208.169:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/ultimatube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ytboob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ytboob.b-cdn.net/wp-content/cache/autoptimize/css/autoptimize_20844ca524f97c21a277dc2526624c34.css
Cookie: __ddg1_=SQQhMNuYp1zfWdxJzclF; _ga_B9HWGDSQ07=GS1.1.1663873186.1.0.1663873186.0.0.0; _ga=GA1.1.1819822229.1663873187
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Sep 2022 23:40:27 GMT
content-type: application/octet-stream
content-length: 77160
last-modified: Sat, 15 Aug 2020 13:19:21 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
etag: "5f37e0d9-12d68"
age: 501560
ddg-cache-status: HIT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 84339
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 22 Sep 2022 18:59:47 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 84339
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 503 B IP 142.250.74.3:0
Hash 78d32dad891687a16f15b4df1fcf88e6
cf13e98ebd7e32f1a9fbbc728e8dd68173a76559
b54733d9d61188274788af8a92253f26ad88c61b02de64484590810f565833f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.pncloudfl.com/pn/744/081/678/7440816781d0d85a30283dca9b3b28d80826b38f.jpg
104.22.58.221200 OK 37 kB URL HTTP/2 cdn.pncloudfl.com/pn/744/081/678/7440816781d0d85a30283dca9b3b28d80826b38f.jpg
IP 104.22.58.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c994c44c682769b6bbb4079385f02ca0
431277bc9ea5c81f48a73dc0a3aeaa84db3d345a
8b19dee80ecbf597df8b5db23627cf5e0e3cad541dd0260162238d8ad9314c2d
GET /pn/744/081/678/7440816781d0d85a30283dca9b3b28d80826b38f.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: image/webp
content-length: 37090
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=73232
content-disposition: inline; filename="7440816781d0d85a30283dca9b3b28d80826b38f.webp"
etag: 71f517f39d38846c02be3576ea99b943
expires: Fri, 23 Sep 2022 02:06:41 GMT
last-modified: Wed, 21 Sep 2022 01:58:36 GMT
vary: Accept
x-openstack-request-id: tx3b5a6acb74eb4fb5bcc97-00632a700b
x-proxy-cache: HIT
x-timestamp: 1663725515.95097
x-trans-id: tx3b5a6acb74eb4fb5bcc97-00632a700b
cf-cache-status: HIT
age: 147186
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 74ed47a088f8b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ber2g8e3keley.com/aas/r45d/vki/1830156/tghr.js
62.122.171.6200 OK 74 kB URL HTTP/2 ber2g8e3keley.com/aas/r45d/vki/1830156/tghr.js
IP 62.122.171.6:0
Hash 2e109086feab70754e1e03e943fc3cf2
e79d242c40aa3ccb7cd3d904e17d3edc859ce3de
f901459a7d6d1b97f47e902deb1abbfdee604f234c511a2479a4b45d1c1da55b
Analyzer Verdict Alert quad9 Sinkholed
GET /aas/r45d/vki/1830156/tghr.js HTTP/1.1
Host: ber2g8e3keley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1091a"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
ber2g8e3keley.com/solid.gif?z=1830156&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 ber2g8e3keley.com/solid.gif?z=1830156&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1830156&abvar=0 HTTP/1.1
Host: ber2g8e3keley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ber2g8e3keley.com/solid.gif?z=1830156&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 ber2g8e3keley.com/solid.gif?z=1830156&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1830156&abvar=0 HTTP/1.1
Host: ber2g8e3keley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2022/09/xl69a5-320x180.jpg
89.187.169.3200 OK 15 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/09/xl69a5-320x180.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 48e2c17f691ddacf730212f43532eb99
d26a58b9a35769272a3d76bb8e535de4b22d9719
161c549c384343166230e3e0869057cb7ada98aa6bb5c9bab9b845a532197581
GET /wp-content/uploads/2022/09/xl69a5-320x180.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/jpeg
content-length: 14801
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 6
cache-control: public, max-age=604800
last-modified: Thu, 22 Sep 2022 16:41:34 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: HIT
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/22/2022 16:41:46
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 08152ca934847ee13aeb2eb9087fe257
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2022/09/xj7e3d-320x180.jpg
89.187.169.3200 OK 6.6 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/09/xj7e3d-320x180.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 9ec00816cdb3a57706758e31d1ddd744
7c26fc0df75517277c0f3f5bfb9aeb1e457a9661
640026941cfd9c0a8b5a3bd1a786f04fc1c702cd07d79fe2121a6d82e5d8562d
GET /wp-content/uploads/2022/09/xj7e3d-320x180.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/jpeg
content-length: 6583
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 30
cache-control: public, max-age=604800
last-modified: Tue, 20 Sep 2022 12:26:51 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: HIT
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/20/2022 12:27:24
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 24c62d7e3936a5aa7a7b5ea5babba21d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2022/09/xbxfj1-320x180.jpg
89.187.169.3200 OK 14 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/09/xbxfj1-320x180.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash ccb80f8fe80add87560423a9502f291a
5b61caca3ede14a4e8908184605a033f2ab8c3a6
1f3e16a669caa6e989343cec4a6fc7b46bbcad21853cb9bc476200f05343a44b
GET /wp-content/uploads/2022/09/xbxfj1-320x180.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/jpeg
content-length: 13982
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 0
cache-control: public, max-age=604800
last-modified: Sun, 11 Sep 2022 23:59:06 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/11/2022 23:59:13
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 56c6a03a79ff1cbd4de2324f215f462a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2022/09/x80o6j-320x180.jpg
89.187.169.3200 OK 19 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/09/x80o6j-320x180.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 2bde80a89f18e7ec70ff62d6551dd9b0
b65b4bd629986c673c405e847bdfe561842afe0f
8e1e325b9f3abcdaf437707eb792c5e77fad2c95f80902f0ec9f8a3867e85405
GET /wp-content/uploads/2022/09/x80o6j-320x180.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/jpeg
content-length: 18708
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 0
cache-control: public, max-age=604800
last-modified: Wed, 07 Sep 2022 12:57:07 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/07/2022 12:57:12
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: f887f182a26e6ef0d0e315d721dfce3e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-B9HWGDSQ07>m=2oe9l0&_p=432755521&cid=1819822229.1663873187&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663873186&sct=1&seg=0&dl=https%3A%2F%2Fytboob.com%2Ffashion-week-topless-models%2F&dt=Fashion%20Week%20topless%20models%20-%20YTboob&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-B9HWGDSQ07>m=2oe9l0&_p=432755521&cid=1819822229.1663873187&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663873186&sct=1&seg=0&dl=https%3A%2F%2Fytboob.com%2Ffashion-week-topless-models%2F&dt=Fashion%20Week%20topless%20models%20-%20YTboob&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-B9HWGDSQ07>m=2oe9l0&_p=432755521&cid=1819822229.1663873187&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663873186&sct=1&seg=0&dl=https%3A%2F%2Fytboob.com%2Ffashion-week-topless-models%2F&dt=Fashion%20Week%20topless%20models%20-%20YTboob&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://ytboob.com
date: Thu, 22 Sep 2022 18:59:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2022/09/x4isi4-320x180.jpg
89.187.169.3200 OK 17 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/09/x4isi4-320x180.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash b88d28547eedee4e54c7dd60834d3d61
64661ac7acdf76cfeb8ecce64b9119dbba9b281d
3a0e633bddbbf1e356d1592b8f496b72eb938cb6d771627dd683b46af21bcee3
GET /wp-content/uploads/2022/09/x4isi4-320x180.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/jpeg
content-length: 16984
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 2
cache-control: public, max-age=604800
last-modified: Sun, 04 Sep 2022 17:19:05 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/04/2022 17:19:11
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: f7e85fde68679044b66199b4351b8b02
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2022/08/wyoh5g-320x180.jpg
89.187.169.3200 OK 18 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/08/wyoh5g-320x180.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 981fe5297ac092f861105e1c77eaf6b7
30da4d03701d4962ea06ec6cafe8745724a0bc8f
ab6605cc071415086f4365d32fc847327077e27fd562b5d55df4b38c252d4326
GET /wp-content/uploads/2022/08/wyoh5g-320x180.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/jpeg
content-length: 18121
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 0
cache-control: public, max-age=604800
last-modified: Sat, 27 Aug 2022 00:28:10 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/27/2022 01:03:15
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: 74a2aff5f34cb1c388e71691708e3f54
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2022/09/xgyz8w-320x180.jpg
89.187.169.3200 OK 9.8 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/09/xgyz8w-320x180.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 7a9d167844d41dabe44572c1da0f8855
c496423309af1cc7aab1b37747a4f27e27b10c62
ea5426db2a31113f7bed15e0df183746af768f33fcaab04a34b0f809510fc962
GET /wp-content/uploads/2022/09/xgyz8w-320x180.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/jpeg
content-length: 9795
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 0
cache-control: public, max-age=604800
last-modified: Tue, 20 Sep 2022 00:30:40 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/20/2022 00:31:05
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 22e1ef6d745aa70ad1a613aba0229f92
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2022/08/wwhpa1-320x180.jpg
89.187.169.3200 OK 11 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/08/wwhpa1-320x180.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 3dd8127677c258f7da610767e4e666cf
b77d8e1d2341d1fac34c725bc1dc7b050647e6a9
8d64ace03f1dd4cfe19fb4034d9e0de0217646d0be6326ba6dadb9ea8fd0a096
GET /wp-content/uploads/2022/08/wwhpa1-320x180.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/jpeg
content-length: 11269
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 0
cache-control: public, max-age=604800
last-modified: Wed, 24 Aug 2022 12:06:34 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/24/2022 12:14:26
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: f494b675082bdfa4b18454424d2a1411
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2022/08/wv5krk-320x180.jpg
89.187.169.3200 OK 13 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/08/wv5krk-320x180.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 921f1ee74a393071f43e2a90ddbecbe8
2cd86e78d04ed1c79f7913e47303665e278374c7
488a0a8b3d2dcf65309e3b94c90ee1023ccca01853be355a0f18eb7736b63c9a
GET /wp-content/uploads/2022/08/wv5krk-320x180.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/jpeg
content-length: 13084
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 2
cache-control: public, max-age=604800
last-modified: Mon, 22 Aug 2022 22:56:23 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/22/2022 22:56:30
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 866c2b368e7aafb025a8fbd3f3db854e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4f8e2deaac14f72ade5f4ef4ca233491
6675a095acba3847d4cbc9df9c23737a7f783cb1
a696f7987360a76f9e979c6b5b7294b9f4a1009d2327f7b26152f13452ecf588
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 18:59:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 14:07:03 GMT
Expires: Mon, 26 Sep 2022 14:07:02 GMT
Etag: "6675a095acba3847d4cbc9df9c23737a7f783cb1"
Cache-Control: max-age=602454,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 440
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ed47a1580db509-OSL
ytboob.b-cdn.net/wp-content/cache/autoptimize/css/autoptimize_20844ca524f97c21a277dc2526624c34.css
89.187.169.3200 OK 44 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/cache/autoptimize/css/autoptimize_20844ca524f97c21a277dc2526624c34.css
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (43771)
Hash db509423156b2b3637f746a3101bf352
274a87a94c9a4c36b9979c830be5a722c8d28990
2754476d948c25db566ae25efa6be22846cae276e745081946848defc7d352c0
GET /wp-content/cache/autoptimize/css/autoptimize_20844ca524f97c21a277dc2526624c34.css HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: text/css
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
age: 0
cache-control: public, max-age=604800
content-encoding: br
etag: W/"630fc147-2e897"
last-modified: Wed, 31 Aug 2022 20:15:03 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/03/2022 02:47:33
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 8b7a131ebad03043cb0009715a5628e7
cdn-cache: HIT
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2022/08/wvmwmp-640x360.jpg
89.187.169.3200 OK 44 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/08/wvmwmp-640x360.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3\012- data
Hash bcccc07329f0e0a831927fd887cf07ef
da0f9fecde7ddfe969b40b2db927317577424cdf
fdbe88b3eb2f5af63594876eed260e608babc93b5a6938a755d07fcd29217f85
GET /wp-content/uploads/2022/08/wvmwmp-640x360.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/jpeg
content-length: 44297
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 45
cache-control: public, max-age=604800
last-modified: Tue, 23 Aug 2022 12:02:45 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: HIT
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/23/2022 12:13:28
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: a0ef274b752dac050619cf71a1261981
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn18685953.ahacdn.me/skins/bannerdating4.png
45.133.44.20200 OK 9.6 kB URL HTTP/2 cdn18685953.ahacdn.me/skins/bannerdating4.png
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 147 x 153, 8-bit/color RGBA, non-interlaced\012- data
Hash 56f07e0d933a1f7211667b4cc4a7db80
daf466fe3e15cc69bcf6b1d2592ba2d33357250f
5cc8d7fef92d8de943e1979813099b5f825d12443a29cf008928de90197b7118
GET /skins/bannerdating4.png HTTP/1.1
Host: cdn18685953.ahacdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/png
content-length: 9644
server: nginx/1.16.1
last-modified: Wed, 28 Jul 2021 08:50:24 GMT
etag: 56f07e0d933a1f7211667b4cc4a7db80
x-timestamp: 1627462223.18881
x-trans-id: tx9ec40df6ae564c1abf95a-0061c43775
x-openstack-request-id: tx9ec40df6ae564c1abf95a-0061c43775
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sat, 24 Sep 2022 18:59:48 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%3Fgender%3Dfemales%252Cfemale%252CmaleFemale%26isNew%3D0%26campaignId%3DbelowVideo%26targetDomain%3Dytboob.live%26profileEthnicity%3DethnicityAsian%26broadcastHD%3D1%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%252Fahegao%252Cgirls%252Fpregnant%26language%3Den%26autoplay%3DonHover%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26titleText%3DChat%2520%26thumbsMargin%3D2%26responsive%3D1%26hideButton%3D0%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3D%2523DC0C2C%26liveBadgeColor%3D%252300bd8f%26userId%3D883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4
104.18.42.40200 OK 1.9 kB URL HTTP/2 go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%3Fgender%3Dfemales%252Cfemale%252CmaleFemale%26isNew%3D0%26campaignId%3DbelowVideo%26targetDomain%3Dytboob.live%26profileEthnicity%3DethnicityAsian%26broadcastHD%3D1%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%252Fahegao%252Cgirls%252Fpregnant%26language%3Den%26autoplay%3DonHover%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26titleText%3DChat%2520%26thumbsMargin%3D2%26responsive%3D1%26hideButton%3D0%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3D%2523DC0C2C%26liveBadgeColor%3D%252300bd8f%26userId%3D883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4
IP 104.18.42.40:0
File type JSON data\012- , ASCII text
Hash 94bedd5e9868ef4a12c3a3219a3ead38
15c1c19f81a2817920be24ef580eb3aae42d5684
f206645212f026b19d38ae9f30edcacfa08f7d6b2697447cdfffcdaee8496857
GET /config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%3Fgender%3Dfemales%252Cfemale%252CmaleFemale%26isNew%3D0%26campaignId%3DbelowVideo%26targetDomain%3Dytboob.live%26profileEthnicity%3DethnicityAsian%26broadcastHD%3D1%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%252Fahegao%252Cgirls%252Fpregnant%26language%3Den%26autoplay%3DonHover%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26titleText%3DChat%2520%26thumbsMargin%3D2%26responsive%3D1%26hideButton%3D0%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3D%2523DC0C2C%26liveBadgeColor%3D%252300bd8f%26userId%3D883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4 HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: application/json
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 18:38:36 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=0H28uukSkGJRy5UBr2St4i2aEH3UZ9YXhqHDf5fAxRJ; SameSite=None; Secure; path=/; expires=Fri, 23-Sep-22 17:59:48 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed47a1e9c30b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
limurol.com/ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=qXTkZuGAGTr6aAfYuvPD95G5F27ZhWVshkHui_ukZkBJEpHH1J4IgVtC8UPz81GXBXmPZSkCykj60mRKuvq9hPaPj-NToufcZCNS241mgu5OldJHM-ETfJDTC7uzooSkmma9Aqlj6W8J3hmVkaM5wd8hrJccWCavOzOQteq4R8LMCINMAY7MNDi6GaZoRyvmk6gp0vE4pLqh3_-oVzLc-0MQu77ZGYa_UY7ZKTSuprYiDzqS6HrkHr430-_kUjT7epNjsu3nqsAM9ho7K0kuagR-pztTTn47F6OfV0LR5TmJ24UlJqEPJBH9EztXIi-X89qtFUkabH0BrE_-rX477sqUtQpopVJy5B_qcnkMXaI4xW7atIOWNUuamp6-mKmObvseeYcSksEjIHDltHOihi-ELkuhHOf3ONnF5A9agPdJAPknkhUUYehNyObLtnKtvDtMbngFP2QmvulFK4Sr1j4_PxpRHbThIN_AvkfTsTVo5z7xGChIX2tXYY-pz8TyHnDiB4Lo2F_EU4nH6MZg6RJXoD0cxc7wmTrKRdeAd7eMjuloMdVDE42sG8Cm9D6CCy8C4W3NmgaDgP96GRUPfofQ&cb=_clo1dsv1dtq5kdxy7gy7jh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 101 B URL HTTP/2 limurol.com/ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=qXTkZuGAGTr6aAfYuvPD95G5F27ZhWVshkHui_ukZkBJEpHH1J4IgVtC8UPz81GXBXmPZSkCykj60mRKuvq9hPaPj-NToufcZCNS241mgu5OldJHM-ETfJDTC7uzooSkmma9Aqlj6W8J3hmVkaM5wd8hrJccWCavOzOQteq4R8LMCINMAY7MNDi6GaZoRyvmk6gp0vE4pLqh3_-oVzLc-0MQu77ZGYa_UY7ZKTSuprYiDzqS6HrkHr430-_kUjT7epNjsu3nqsAM9ho7K0kuagR-pztTTn47F6OfV0LR5TmJ24UlJqEPJBH9EztXIi-X89qtFUkabH0BrE_-rX477sqUtQpopVJy5B_qcnkMXaI4xW7atIOWNUuamp6-mKmObvseeYcSksEjIHDltHOihi-ELkuhHOf3ONnF5A9agPdJAPknkhUUYehNyObLtnKtvDtMbngFP2QmvulFK4Sr1j4_PxpRHbThIN_AvkfTsTVo5z7xGChIX2tXYY-pz8TyHnDiB4Lo2F_EU4nH6MZg6RJXoD0cxc7wmTrKRdeAd7eMjuloMdVDE42sG8Cm9D6CCy8C4W3NmgaDgP96GRUPfofQ&cb=_clo1dsv1dtq5kdxy7gy7jh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
Hash 22c31822f69d39c671a9e91f5dc46b95
c04120aa066c132ba82172cac94d2f89a7e88fa1
63e0cd76db10bf427be1516cacfc76aa2f23d11224d420615134ad57b8f5b9c4
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=qXTkZuGAGTr6aAfYuvPD95G5F27ZhWVshkHui_ukZkBJEpHH1J4IgVtC8UPz81GXBXmPZSkCykj60mRKuvq9hPaPj-NToufcZCNS241mgu5OldJHM-ETfJDTC7uzooSkmma9Aqlj6W8J3hmVkaM5wd8hrJccWCavOzOQteq4R8LMCINMAY7MNDi6GaZoRyvmk6gp0vE4pLqh3_-oVzLc-0MQu77ZGYa_UY7ZKTSuprYiDzqS6HrkHr430-_kUjT7epNjsu3nqsAM9ho7K0kuagR-pztTTn47F6OfV0LR5TmJ24UlJqEPJBH9EztXIi-X89qtFUkabH0BrE_-rX477sqUtQpopVJy5B_qcnkMXaI4xW7atIOWNUuamp6-mKmObvseeYcSksEjIHDltHOihi-ELkuhHOf3ONnF5A9agPdJAPknkhUUYehNyObLtnKtvDtMbngFP2QmvulFK4Sr1j4_PxpRHbThIN_AvkfTsTVo5z7xGChIX2tXYY-pz8TyHnDiB4Lo2F_EU4nH6MZg6RJXoD0cxc7wmTrKRdeAd7eMjuloMdVDE42sG8Cm9D6CCy8C4W3NmgaDgP96GRUPfofQ&cb=_clo1dsv1dtq5kdxy7gy7jh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2209221359a9d7824087964f2aad02e37145; Path=/; Expires=Fri, 22 Sep 2023 18:59:48 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
stagepopkek.com/chicken.gif?z=1830150&pb=601161fb5500376286c46c003593637c1663880387&psp=8dyMkYrJyNEE9pk5ofrQr3QJgVq_31Vn1REDEEzvj-mpUG4itFV5FAnQgmVrzv2FLKg_-RYeSMrIUaQKUbAQS1rt3hCcm7JMgWdtbZm-6VHz1r_CIEOJSbjErqnjj_7ftrHBT7-udWoCVa_yjiZi3sYcnUYw-d7KRSi4OmzCjQuB-h6Aa7yqk8AB2z0Qwlq9AB3oW2uPZLboLgCQ6vM2_KN62R6ngq5L_VlM29NLQl2wIMVDs0Ms8hrwAd01PtxAGANIrCujvuh82hzzI4qsVo7MdPgEMVkpmGplvETIz7B776M5FGXEW3nBUx5yAxG94cUa-icnHrJTBlElb_n6-pU_W_vFztwjPEsHJsw7iqhOdx9Z7javH1i7GN1xGQxqdvntZVX25MbY2DxjZhizHWXxwp1VsxQ4xlIF89IpV86lcNY8an1I8_XXKWANhAgLwSW-G_UxTKbBsBSdjjbhy0Xf1PVKsKo_5pC3cBIr3cBxs0J3pcs7Avrjvhm1SPUOFyR1faZz2lRg7fPma5HHxEyrSYg7tv_IX1OeE_D1Cioeg-OMC_ciN0UTGrBwW8_J9FNk_WTVTxdDOGtMdvmo8UpkoNdQnTxGQ5vUmdkuJBxQbWd-E4aGZU6rhvA5g7TKaT2iekmX5HKXfH9nm9gfRf0xYaPerofPU7ECxFkdo36zgE0CBs7W50fm7qLNuEAva5oD7CVW-A==&abvar=28&os=0
62.122.171.6200 OK 43 B URL HTTP/2 stagepopkek.com/chicken.gif?z=1830150&pb=601161fb5500376286c46c003593637c1663880387&psp=8dyMkYrJyNEE9pk5ofrQr3QJgVq_31Vn1REDEEzvj-mpUG4itFV5FAnQgmVrzv2FLKg_-RYeSMrIUaQKUbAQS1rt3hCcm7JMgWdtbZm-6VHz1r_CIEOJSbjErqnjj_7ftrHBT7-udWoCVa_yjiZi3sYcnUYw-d7KRSi4OmzCjQuB-h6Aa7yqk8AB2z0Qwlq9AB3oW2uPZLboLgCQ6vM2_KN62R6ngq5L_VlM29NLQl2wIMVDs0Ms8hrwAd01PtxAGANIrCujvuh82hzzI4qsVo7MdPgEMVkpmGplvETIz7B776M5FGXEW3nBUx5yAxG94cUa-icnHrJTBlElb_n6-pU_W_vFztwjPEsHJsw7iqhOdx9Z7javH1i7GN1xGQxqdvntZVX25MbY2DxjZhizHWXxwp1VsxQ4xlIF89IpV86lcNY8an1I8_XXKWANhAgLwSW-G_UxTKbBsBSdjjbhy0Xf1PVKsKo_5pC3cBIr3cBxs0J3pcs7Avrjvhm1SPUOFyR1faZz2lRg7fPma5HHxEyrSYg7tv_IX1OeE_D1Cioeg-OMC_ciN0UTGrBwW8_J9FNk_WTVTxdDOGtMdvmo8UpkoNdQnTxGQ5vUmdkuJBxQbWd-E4aGZU6rhvA5g7TKaT2iekmX5HKXfH9nm9gfRf0xYaPerofPU7ECxFkdo36zgE0CBs7W50fm7qLNuEAva5oD7CVW-A==&abvar=28&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1830150&pb=601161fb5500376286c46c003593637c1663880387&psp=8dyMkYrJyNEE9pk5ofrQr3QJgVq_31Vn1REDEEzvj-mpUG4itFV5FAnQgmVrzv2FLKg_-RYeSMrIUaQKUbAQS1rt3hCcm7JMgWdtbZm-6VHz1r_CIEOJSbjErqnjj_7ftrHBT7-udWoCVa_yjiZi3sYcnUYw-d7KRSi4OmzCjQuB-h6Aa7yqk8AB2z0Qwlq9AB3oW2uPZLboLgCQ6vM2_KN62R6ngq5L_VlM29NLQl2wIMVDs0Ms8hrwAd01PtxAGANIrCujvuh82hzzI4qsVo7MdPgEMVkpmGplvETIz7B776M5FGXEW3nBUx5yAxG94cUa-icnHrJTBlElb_n6-pU_W_vFztwjPEsHJsw7iqhOdx9Z7javH1i7GN1xGQxqdvntZVX25MbY2DxjZhizHWXxwp1VsxQ4xlIF89IpV86lcNY8an1I8_XXKWANhAgLwSW-G_UxTKbBsBSdjjbhy0Xf1PVKsKo_5pC3cBIr3cBxs0J3pcs7Avrjvhm1SPUOFyR1faZz2lRg7fPma5HHxEyrSYg7tv_IX1OeE_D1Cioeg-OMC_ciN0UTGrBwW8_J9FNk_WTVTxdDOGtMdvmo8UpkoNdQnTxGQ5vUmdkuJBxQbWd-E4aGZU6rhvA5g7TKaT2iekmX5HKXfH9nm9gfRf0xYaPerofPU7ECxFkdo36zgE0CBs7W50fm7qLNuEAva5oD7CVW-A==&abvar=28&os=0 HTTP/1.1
Host: stagepopkek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=22092213593a8d0e0de73d4b7d8b6f3b3bbe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACH1gAAAAAAAAAAB; Path=/; Expires=Sat, 22 Oct 2022 18:59:48 GMT; Secure; SameSite=None
OACIBLOCK=ACH1gAAAAABjK%2BvQ; Path=/; Expires=Sat, 22 Oct 2022 18:59:48 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Fri, 23 Sep 2022 18:59:48 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=5qnL9wuu9B7538lFJTscxlOJt7f646IuE9q9EzhqthCGmgJEafd9ucvzeQN5bDoTkavUgiNE8leGmmT0RypiQzho_38kXDV2OL1KrRNN-LD6Gg1dFoP7DwEopVEftUjBM-42zXUg9Plo5Ci6NF7YSUoSzxujUjs5hqrtJpFdbHMGC3Ks_vPdV9dk4hajTsFDp2zlwb7t9WTQ7IBg-ZuFtlsZ8tnTbK2ZOAGEkLGcRAHqQFdKQ_w99sZjZ-cbwmUF-nWygvgF_iRnJeuHUvYfqiQd1_r4o71L0RSbbP9KYsuCMkPly099CUYs_29HIkAGywe1QxSz_W-7UYOrtHqqHbt4_XGHCpEVqPI0wuebwru4t1QgfDgAWxoFmTO9LWK-StI-_kyDYQ6vYgzZDxkKtrbLUmTPURHVagcccwG-JaQ4nqARRUD0YlZWonrFfN462pFEHVIbn18167ySdjsTVI4dvnHnSrrGyaUuoG30Cw1XhVhInnss2uIKkxiOxOQn1hCieivplmVCVIs65feOXqRgFNbcTcgAjrrorPbE8V45Spmy99ZvQXZ-45LeyUvFdQRNwGHh9FDtK4gCN_X8ccKE&cb=_cl2vgfpd6mje0mb74e2ztz&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=5qnL9wuu9B7538lFJTscxlOJt7f646IuE9q9EzhqthCGmgJEafd9ucvzeQN5bDoTkavUgiNE8leGmmT0RypiQzho_38kXDV2OL1KrRNN-LD6Gg1dFoP7DwEopVEftUjBM-42zXUg9Plo5Ci6NF7YSUoSzxujUjs5hqrtJpFdbHMGC3Ks_vPdV9dk4hajTsFDp2zlwb7t9WTQ7IBg-ZuFtlsZ8tnTbK2ZOAGEkLGcRAHqQFdKQ_w99sZjZ-cbwmUF-nWygvgF_iRnJeuHUvYfqiQd1_r4o71L0RSbbP9KYsuCMkPly099CUYs_29HIkAGywe1QxSz_W-7UYOrtHqqHbt4_XGHCpEVqPI0wuebwru4t1QgfDgAWxoFmTO9LWK-StI-_kyDYQ6vYgzZDxkKtrbLUmTPURHVagcccwG-JaQ4nqARRUD0YlZWonrFfN462pFEHVIbn18167ySdjsTVI4dvnHnSrrGyaUuoG30Cw1XhVhInnss2uIKkxiOxOQn1hCieivplmVCVIs65feOXqRgFNbcTcgAjrrorPbE8V45Spmy99ZvQXZ-45LeyUvFdQRNwGHh9FDtK4gCN_X8ccKE&cb=_cl2vgfpd6mje0mb74e2ztz&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=5qnL9wuu9B7538lFJTscxlOJt7f646IuE9q9EzhqthCGmgJEafd9ucvzeQN5bDoTkavUgiNE8leGmmT0RypiQzho_38kXDV2OL1KrRNN-LD6Gg1dFoP7DwEopVEftUjBM-42zXUg9Plo5Ci6NF7YSUoSzxujUjs5hqrtJpFdbHMGC3Ks_vPdV9dk4hajTsFDp2zlwb7t9WTQ7IBg-ZuFtlsZ8tnTbK2ZOAGEkLGcRAHqQFdKQ_w99sZjZ-cbwmUF-nWygvgF_iRnJeuHUvYfqiQd1_r4o71L0RSbbP9KYsuCMkPly099CUYs_29HIkAGywe1QxSz_W-7UYOrtHqqHbt4_XGHCpEVqPI0wuebwru4t1QgfDgAWxoFmTO9LWK-StI-_kyDYQ6vYgzZDxkKtrbLUmTPURHVagcccwG-JaQ4nqARRUD0YlZWonrFfN462pFEHVIbn18167ySdjsTVI4dvnHnSrrGyaUuoG30Cw1XhVhInnss2uIKkxiOxOQn1hCieivplmVCVIs65feOXqRgFNbcTcgAjrrorPbE8V45Spmy99ZvQXZ-45LeyUvFdQRNwGHh9FDtK4gCN_X8ccKE&cb=_cl2vgfpd6mje0mb74e2ztz&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2209221359e35fcdd146bf443bac85d02601; Path=/; Expires=Fri, 22 Sep 2023 18:59:48 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=qXTkZuGAGTr6aAfYuvPD95G5F27ZhWVshkHui_ukZkBJEpHH1J4IgVtC8UPz81GXBXmPZSkCykj60mRKuvq9hPaPj-NToufcZCNS241mgu5OldJHM-ETfJDTC7uzooSkmma9Aqlj6W8J3hmVkaM5wd8hrJccWCavOzOQteq4R8LMCINMAY7MNDi6GaZoRyvmk6gp0vE4pLqh3_-oVzLc-0MQu77ZGYa_UY7ZKTSuprYiDzqS6HrkHr430-_kUjT7epNjsu3nqsAM9ho7K0kuagR-pztTTn47F6OfV0LR5TmJ24UlJqEPJBH9EztXIi-X89qtFUkabH0BrE_-rX477sqUtQpopVJy5B_qcnkMXaI4xW7atIOWNUuamp6-mKmObvseeYcSksEjIHDltHOihi-ELkuhHOf3ONnF5A9agPdJAPknkhUUYehNyObLtnKtvDtMbngFP2QmvulFK4Sr1j4_PxpRHbThIN_AvkfTsTVo5z7xGChIX2tXYY-pz8TyHnDiB4Lo2F_EU4nH6MZg6RJXoD0cxc7wmTrKRdeAd7eMjuloMdVDE42sG8Cm9D6CCy8C4W3NmgaDgP96GRUPfofQ&cb=_clo1dsv1dtq5kdxy7gy7jh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 1.3 kB URL HTTP/2 limurol.com/ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=qXTkZuGAGTr6aAfYuvPD95G5F27ZhWVshkHui_ukZkBJEpHH1J4IgVtC8UPz81GXBXmPZSkCykj60mRKuvq9hPaPj-NToufcZCNS241mgu5OldJHM-ETfJDTC7uzooSkmma9Aqlj6W8J3hmVkaM5wd8hrJccWCavOzOQteq4R8LMCINMAY7MNDi6GaZoRyvmk6gp0vE4pLqh3_-oVzLc-0MQu77ZGYa_UY7ZKTSuprYiDzqS6HrkHr430-_kUjT7epNjsu3nqsAM9ho7K0kuagR-pztTTn47F6OfV0LR5TmJ24UlJqEPJBH9EztXIi-X89qtFUkabH0BrE_-rX477sqUtQpopVJy5B_qcnkMXaI4xW7atIOWNUuamp6-mKmObvseeYcSksEjIHDltHOihi-ELkuhHOf3ONnF5A9agPdJAPknkhUUYehNyObLtnKtvDtMbngFP2QmvulFK4Sr1j4_PxpRHbThIN_AvkfTsTVo5z7xGChIX2tXYY-pz8TyHnDiB4Lo2F_EU4nH6MZg6RJXoD0cxc7wmTrKRdeAd7eMjuloMdVDE42sG8Cm9D6CCy8C4W3NmgaDgP96GRUPfofQ&cb=_clo1dsv1dtq5kdxy7gy7jh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
Hash 4782ac8a5838cb42976bdb0394d09964
b8ab1d6a22281cec34e946f7b7930ec933f42767
920a9d33764047181b5b9a46661c53e8db089b2ab3996179b4b070bcdb72252b
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=qXTkZuGAGTr6aAfYuvPD95G5F27ZhWVshkHui_ukZkBJEpHH1J4IgVtC8UPz81GXBXmPZSkCykj60mRKuvq9hPaPj-NToufcZCNS241mgu5OldJHM-ETfJDTC7uzooSkmma9Aqlj6W8J3hmVkaM5wd8hrJccWCavOzOQteq4R8LMCINMAY7MNDi6GaZoRyvmk6gp0vE4pLqh3_-oVzLc-0MQu77ZGYa_UY7ZKTSuprYiDzqS6HrkHr430-_kUjT7epNjsu3nqsAM9ho7K0kuagR-pztTTn47F6OfV0LR5TmJ24UlJqEPJBH9EztXIi-X89qtFUkabH0BrE_-rX477sqUtQpopVJy5B_qcnkMXaI4xW7atIOWNUuamp6-mKmObvseeYcSksEjIHDltHOihi-ELkuhHOf3ONnF5A9agPdJAPknkhUUYehNyObLtnKtvDtMbngFP2QmvulFK4Sr1j4_PxpRHbThIN_AvkfTsTVo5z7xGChIX2tXYY-pz8TyHnDiB4Lo2F_EU4nH6MZg6RJXoD0cxc7wmTrKRdeAd7eMjuloMdVDE42sG8Cm9D6CCy8C4W3NmgaDgP96GRUPfofQ&cb=_clo1dsv1dtq5kdxy7gy7jh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=220922135996ad48a5bd3c4ff4bfa8070c98; Path=/; Expires=Fri, 22 Sep 2023 18:59:48 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=5qnL9wuu9B7538lFJTscxlOJt7f646IuE9q9EzhqthCGmgJEafd9ucvzeQN5bDoTkavUgiNE8leGmmT0RypiQzho_38kXDV2OL1KrRNN-LD6Gg1dFoP7DwEopVEftUjBM-42zXUg9Plo5Ci6NF7YSUoSzxujUjs5hqrtJpFdbHMGC3Ks_vPdV9dk4hajTsFDp2zlwb7t9WTQ7IBg-ZuFtlsZ8tnTbK2ZOAGEkLGcRAHqQFdKQ_w99sZjZ-cbwmUF-nWygvgF_iRnJeuHUvYfqiQd1_r4o71L0RSbbP9KYsuCMkPly099CUYs_29HIkAGywe1QxSz_W-7UYOrtHqqHbt4_XGHCpEVqPI0wuebwru4t1QgfDgAWxoFmTO9LWK-StI-_kyDYQ6vYgzZDxkKtrbLUmTPURHVagcccwG-JaQ4nqARRUD0YlZWonrFfN462pFEHVIbn18167ySdjsTVI4dvnHnSrrGyaUuoG30Cw1XhVhInnss2uIKkxiOxOQn1hCieivplmVCVIs65feOXqRgFNbcTcgAjrrorPbE8V45Spmy99ZvQXZ-45LeyUvFdQRNwGHh9FDtK4gCN_X8ccKE&cb=_cl2vgfpd6mje0mb74e2ztz&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=5qnL9wuu9B7538lFJTscxlOJt7f646IuE9q9EzhqthCGmgJEafd9ucvzeQN5bDoTkavUgiNE8leGmmT0RypiQzho_38kXDV2OL1KrRNN-LD6Gg1dFoP7DwEopVEftUjBM-42zXUg9Plo5Ci6NF7YSUoSzxujUjs5hqrtJpFdbHMGC3Ks_vPdV9dk4hajTsFDp2zlwb7t9WTQ7IBg-ZuFtlsZ8tnTbK2ZOAGEkLGcRAHqQFdKQ_w99sZjZ-cbwmUF-nWygvgF_iRnJeuHUvYfqiQd1_r4o71L0RSbbP9KYsuCMkPly099CUYs_29HIkAGywe1QxSz_W-7UYOrtHqqHbt4_XGHCpEVqPI0wuebwru4t1QgfDgAWxoFmTO9LWK-StI-_kyDYQ6vYgzZDxkKtrbLUmTPURHVagcccwG-JaQ4nqARRUD0YlZWonrFfN462pFEHVIbn18167ySdjsTVI4dvnHnSrrGyaUuoG30Cw1XhVhInnss2uIKkxiOxOQn1hCieivplmVCVIs65feOXqRgFNbcTcgAjrrorPbE8V45Spmy99ZvQXZ-45LeyUvFdQRNwGHh9FDtK4gCN_X8ccKE&cb=_cl2vgfpd6mje0mb74e2ztz&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=5qnL9wuu9B7538lFJTscxlOJt7f646IuE9q9EzhqthCGmgJEafd9ucvzeQN5bDoTkavUgiNE8leGmmT0RypiQzho_38kXDV2OL1KrRNN-LD6Gg1dFoP7DwEopVEftUjBM-42zXUg9Plo5Ci6NF7YSUoSzxujUjs5hqrtJpFdbHMGC3Ks_vPdV9dk4hajTsFDp2zlwb7t9WTQ7IBg-ZuFtlsZ8tnTbK2ZOAGEkLGcRAHqQFdKQ_w99sZjZ-cbwmUF-nWygvgF_iRnJeuHUvYfqiQd1_r4o71L0RSbbP9KYsuCMkPly099CUYs_29HIkAGywe1QxSz_W-7UYOrtHqqHbt4_XGHCpEVqPI0wuebwru4t1QgfDgAWxoFmTO9LWK-StI-_kyDYQ6vYgzZDxkKtrbLUmTPURHVagcccwG-JaQ4nqARRUD0YlZWonrFfN462pFEHVIbn18167ySdjsTVI4dvnHnSrrGyaUuoG30Cw1XhVhInnss2uIKkxiOxOQn1hCieivplmVCVIs65feOXqRgFNbcTcgAjrrorPbE8V45Spmy99ZvQXZ-45LeyUvFdQRNwGHh9FDtK4gCN_X8ccKE&cb=_cl2vgfpd6mje0mb74e2ztz&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22092213591b72c00a5d114b4e8c8b677f02; Path=/; Expires=Fri, 22 Sep 2023 18:59:48 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
95.211.229.247200 OK 14 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (30284), with no line terminators
Hash 7b8fb17b279f1e27e05cbf0c3d57ba78
a7fb8955afad1d609590922f5a6fd5a74ae10fc6
6dee7aae37f71a5e15919f9d629771a078f02b912731d2a2291211d343ebc973
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 365
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:48 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
limurol.com/ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=qXTkZuGAGTr6aAfYuvPD95G5F27ZhWVshkHui_ukZkBJEpHH1J4IgVtC8UPz81GXBXmPZSkCykj60mRKuvq9hPaPj-NToufcZCNS241mgu5OldJHM-ETfJDTC7uzooSkmma9Aqlj6W8J3hmVkaM5wd8hrJccWCavOzOQteq4R8LMCINMAY7MNDi6GaZoRyvmk6gp0vE4pLqh3_-oVzLc-0MQu77ZGYa_UY7ZKTSuprYiDzqS6HrkHr430-_kUjT7epNjsu3nqsAM9ho7K0kuagR-pztTTn47F6OfV0LR5TmJ24UlJqEPJBH9EztXIi-X89qtFUkabH0BrE_-rX477sqUtQpopVJy5B_qcnkMXaI4xW7atIOWNUuamp6-mKmObvseeYcSksEjIHDltHOihi-ELkuhHOf3ONnF5A9agPdJAPknkhUUYehNyObLtnKtvDtMbngFP2QmvulFK4Sr1j4_PxpRHbThIN_AvkfTsTVo5z7xGChIX2tXYY-pz8TyHnDiB4Lo2F_EU4nH6MZg6RJXoD0cxc7wmTrKRdeAd7eMjuloMdVDE42sG8Cm9D6CCy8C4W3NmgaDgP96GRUPfofQ&cb=_clo1dsv1dtq5kdxy7gy7jh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=qXTkZuGAGTr6aAfYuvPD95G5F27ZhWVshkHui_ukZkBJEpHH1J4IgVtC8UPz81GXBXmPZSkCykj60mRKuvq9hPaPj-NToufcZCNS241mgu5OldJHM-ETfJDTC7uzooSkmma9Aqlj6W8J3hmVkaM5wd8hrJccWCavOzOQteq4R8LMCINMAY7MNDi6GaZoRyvmk6gp0vE4pLqh3_-oVzLc-0MQu77ZGYa_UY7ZKTSuprYiDzqS6HrkHr430-_kUjT7epNjsu3nqsAM9ho7K0kuagR-pztTTn47F6OfV0LR5TmJ24UlJqEPJBH9EztXIi-X89qtFUkabH0BrE_-rX477sqUtQpopVJy5B_qcnkMXaI4xW7atIOWNUuamp6-mKmObvseeYcSksEjIHDltHOihi-ELkuhHOf3ONnF5A9agPdJAPknkhUUYehNyObLtnKtvDtMbngFP2QmvulFK4Sr1j4_PxpRHbThIN_AvkfTsTVo5z7xGChIX2tXYY-pz8TyHnDiB4Lo2F_EU4nH6MZg6RJXoD0cxc7wmTrKRdeAd7eMjuloMdVDE42sG8Cm9D6CCy8C4W3NmgaDgP96GRUPfofQ&cb=_clo1dsv1dtq5kdxy7gy7jh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1830156/?pb=fbd8a74b79a280527d81b77243e340241663880388&psp=qXTkZuGAGTr6aAfYuvPD95G5F27ZhWVshkHui_ukZkBJEpHH1J4IgVtC8UPz81GXBXmPZSkCykj60mRKuvq9hPaPj-NToufcZCNS241mgu5OldJHM-ETfJDTC7uzooSkmma9Aqlj6W8J3hmVkaM5wd8hrJccWCavOzOQteq4R8LMCINMAY7MNDi6GaZoRyvmk6gp0vE4pLqh3_-oVzLc-0MQu77ZGYa_UY7ZKTSuprYiDzqS6HrkHr430-_kUjT7epNjsu3nqsAM9ho7K0kuagR-pztTTn47F6OfV0LR5TmJ24UlJqEPJBH9EztXIi-X89qtFUkabH0BrE_-rX477sqUtQpopVJy5B_qcnkMXaI4xW7atIOWNUuamp6-mKmObvseeYcSksEjIHDltHOihi-ELkuhHOf3ONnF5A9agPdJAPknkhUUYehNyObLtnKtvDtMbngFP2QmvulFK4Sr1j4_PxpRHbThIN_AvkfTsTVo5z7xGChIX2tXYY-pz8TyHnDiB4Lo2F_EU4nH6MZg6RJXoD0cxc7wmTrKRdeAd7eMjuloMdVDE42sG8Cm9D6CCy8C4W3NmgaDgP96GRUPfofQ&cb=_clo1dsv1dtq5kdxy7gy7jh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2209221359e9434b92190e4f83b828eca825; Path=/; Expires=Fri, 22 Sep 2023 18:59:48 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=49862
date: Thu, 22 Sep 2022 18:59:48 GMT
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2019/03/cropped-logo-1-192x192.png
89.187.169.3200 OK 14 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2019/03/cropped-logo-1-192x192.png
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 80be0fc0bc6070c0fc35dac841cfaa91
880a3ac0c09bf6f366b132d3fd3ffc81542eabec
8169f41602e127c6f71a922933236b55913fcb4a64aec8bfbc18632d9479643c
GET /wp-content/uploads/2019/03/cropped-logo-1-192x192.png HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/png
content-length: 14453
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 109
cache-control: public, max-age=604800
last-modified: Sun, 20 Sep 2020 13:42:17 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: HIT
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/20/2022 02:35:32
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: 4d8fb6b6433edb8cbe513d52ab911bab
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2019/03/cropped-logo-1-32x32.png
89.187.169.3200 OK 999 B URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2019/03/cropped-logo-1-32x32.png
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7abe4f00cac8c8436c7043603c33da63
a6c5e0f97c4a48ec3e044c3649e47321226855d1
9961515bf77886e00792298eb35b5806c561247af0863bd994b2e4dd1c5b5d3c
GET /wp-content/uploads/2019/03/cropped-logo-1-32x32.png HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: image/png
content-length: 999
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 109
cache-control: public, max-age=604800
last-modified: Sun, 20 Sep 2020 13:42:18 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: HIT
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/20/2022 02:35:32
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 77d8fb6b4c694a4021c831db8d5175f5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 21 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
Hash bdc830cb3245d38d5b98df6a8c4f9bd5
fbba5fa15d4aa0c88576275b14ea50447234b9ad
afea4359e398299cd3c50112a74b65631a8e4601b7693e3c5b5415cd9b0ea62e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 22 Sep 2022 18:41:09 GMT
expires: Thu, 22 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 1119
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11633
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 18:59:49 GMT
Connection: keep-alive
v1.addthisedge.com/live/boost/ra-5c9e4743b7689009/_ate.track.config_resp
23.38.200.123200 OK 561 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-5c9e4743b7689009/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with very long lines (1714), with no line terminators
Hash a4fc95a7e3b5e1a97e1d5a030b247768
82c050d176574cf027fdc996cf83d0e5986fe96b
e9e867d3a0e4c1b6b646af245cb0aebb02253de2d36ea97aa262d3be852c31f0
GET /live/boost/ra-5c9e4743b7689009/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 561
etag: -370586224--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=19, s-maxage=86400
date: Thu, 22 Sep 2022 18:59:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e5m6NaDUH_3GPDkxbk6iKhffSJzyYMA97Illy7mtg9um3jcYBR6TXQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:11:23 GMT
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
age: 74906
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:03 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 74626
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: 59e98571-f927-44b3-b088-29ec1e4cc3bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYxD-FnIIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202ee6-14e47d9a3ae47d0f607033a8;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:19:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 55e0txtcytlUpcNWSLrHWN3FC1t4dMHGTrHGhNV7YFIhOz6c45UcCQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 15:04:27 GMT
age: 14122
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hp-WIGb9M8tEmNGOVjx6UQKx9E4-1oJmka0a6seG7inahqYByPmRAg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 77127
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Thu, 22 Sep 2022 18:59:49 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -3bQG5Av1EDxj7_3i8MktwjlPSEU8WDdxt5M6TsrWaodLWgSf3vdEA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 77127
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=632cb0a2f6c2efab&bkl=0&bl=1&pdt=658&sid=632cb0a2f6c2efab&pub=ra-5c9e4743b7689009&rev=v8.28.8-wp&ln=en&pc=wprp&cb=0&ab=-&dp=ytboob.com&fp=fashion-week-topless-models%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663873187186&wpv=wprp-2.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Related%20Posts%20by%20AddThis%22%2C%22plugin_version%22%3A%222.2.7%22%2C%22plugin_mode%22%3A%22AddThis%22%2C%22anonymous_profile_id%22%3A%22wp-3b12683414a871b4891813e10ef18c8b%22%2C%22page_info%22%3A%7B%22template%22%3A%22posts%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=632cb0a28a74c2a6000&skipb=1&callback=addthis.cbs.jsonp__44624068035436370
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=632cb0a2f6c2efab&bkl=0&bl=1&pdt=658&sid=632cb0a2f6c2efab&pub=ra-5c9e4743b7689009&rev=v8.28.8-wp&ln=en&pc=wprp&cb=0&ab=-&dp=ytboob.com&fp=fashion-week-topless-models%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663873187186&wpv=wprp-2.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Related%20Posts%20by%20AddThis%22%2C%22plugin_version%22%3A%222.2.7%22%2C%22plugin_mode%22%3A%22AddThis%22%2C%22anonymous_profile_id%22%3A%22wp-3b12683414a871b4891813e10ef18c8b%22%2C%22page_info%22%3A%7B%22template%22%3A%22posts%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=632cb0a28a74c2a6000&skipb=1&callback=addthis.cbs.jsonp__44624068035436370
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 97350afbb4c3d8b477212be101699931
4fba5aa216b74941285127d1a3678153d06bf1af
e9d5e751f7895875735dac029c0273b6ae968aa96880ecf3695ba075964861ec
GET /live/red_lojson/300lo.json?si=632cb0a2f6c2efab&bkl=0&bl=1&pdt=658&sid=632cb0a2f6c2efab&pub=ra-5c9e4743b7689009&rev=v8.28.8-wp&ln=en&pc=wprp&cb=0&ab=-&dp=ytboob.com&fp=fashion-week-topless-models%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663873187186&wpv=wprp-2.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Related%20Posts%20by%20AddThis%22%2C%22plugin_version%22%3A%222.2.7%22%2C%22plugin_mode%22%3A%22AddThis%22%2C%22anonymous_profile_id%22%3A%22wp-3b12683414a871b4891813e10ef18c8b%22%2C%22page_info%22%3A%7B%22template%22%3A%22posts%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=632cb0a28a74c2a6000&skipb=1&callback=addthis.cbs.jsonp__44624068035436370 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Thu, 22 Sep 2022 18:59:49 GMT
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01POW4DMQz8Sj6wAk+Rcp20CeDAD9Ae6hIXSWEDfHy4ayCwptBgNBwNCYgmaBPRC8pJ20k8GpYGRaigSrx/nEMw7r/z9TqX5foVIi6KwVBNKMwZXFKESiKh4KFo5gCRzxUNKVCDAxKknJ5kBQCZMQzi7XKOy+draq1ZeoMyGm6kkHz/PQhCksNtj+Cti1UdhtDQOo0xb6abwXAfc++78bktPFCQvR7h8I8JjysPxMH6z/17iXiyPNaqyfQYzR4pZc62LtW5ZgEaM6/Nl7WzVM7FjbcV/wCEjjPkWAEAAA==
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01POW4DMQz8Sj6wAk+Rcp20CeDAD9Ae6hIXSWEDfHy4ayCwptBgNBwNCYgmaBPRC8pJ20k8GpYGRaigSrx/nEMw7r/z9TqX5foVIi6KwVBNKMwZXFKESiKh4KFo5gCRzxUNKVCDAxKknJ5kBQCZMQzi7XKOy+draq1ZeoMyGm6kkHz/PQhCksNtj+Cti1UdhtDQOo0xb6abwXAfc++78bktPFCQvR7h8I8JjysPxMH6z/17iXiyPNaqyfQYzR4pZc62LtW5ZgEaM6/Nl7WzVM7FjbcV/wCEjjPkWAEAAA==
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01POW4DMQz8Sj6wAk+Rcp20CeDAD9Ae6hIXSWEDfHy4ayCwptBgNBwNCYgmaBPRC8pJ20k8GpYGRaigSrx/nEMw7r/z9TqX5foVIi6KwVBNKMwZXFKESiKh4KFo5gCRzxUNKVCDAxKknJ5kBQCZMQzi7XKOy+draq1ZeoMyGm6kkHz/PQhCksNtj+Cti1UdhtDQOo0xb6abwXAfc++78bktPFCQvR7h8I8JjysPxMH6z/17iXiyPNaqyfQYzR4pZc62LtW5ZgEaM6/Nl7WzVM7FjbcV/wCEjjPkWAEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632cb0a53b6684.814907793915895090%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a53b6684.814907793915895090%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PPW7DMAyFr9ILWOCvSGVu1xZIkQPIjry1HtohAXj40g5QhG/gB+LxiSIgmqBNRC8oJ20n8WhYGhShgirx/nEOwbj/zts2l2X7CrZm5MFQTSjMGVxCBCqJhIKHMlc2D1Or5OiBGhyQIuX0JBUADIN4u5zj8vmag5ahgUGZCzdSSN6fDoGQZLjt+zy6WNXVEBpap3Wdh+kwWN3Xuffd+HwqPFSIrB7h8K8Jj5YFcVD/uX8vEU+Wx59qkh6reV+OMmdw6zR8LD56Y0e71lqVgTqiXh3+APxIkQBVAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PPW7DMAyFr9ILWOCvSGVu1xZIkQPIjry1HtohAXj40g5QhG/gB+LxiSIgmqBNRC8oJ20n8WhYGhShgirx/nEOwbj/zts2l2X7CrZm5MFQTSjMGVxCBCqJhIKHMlc2D1Or5OiBGhyQIuX0JBUADIN4u5zj8vmag5ahgUGZCzdSSN6fDoGQZLjt+zy6WNXVEBpap3Wdh+kwWN3Xuffd+HwqPFSIrB7h8K8Jj5YFcVD/uX8vEU+Wx59qkh6reV+OMmdw6zR8LD56Y0e71lqVgTqiXh3+APxIkQBVAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PPW7DMAyFr9ILWOCvSGVu1xZIkQPIjry1HtohAXj40g5QhG/gB+LxiSIgmqBNRC8oJ20n8WhYGhShgirx/nEOwbj/zts2l2X7CrZm5MFQTSjMGVxCBCqJhIKHMlc2D1Or5OiBGhyQIuX0JBUADIN4u5zj8vmag5ahgUGZCzdSSN6fDoGQZLjt+zy6WNXVEBpap3Wdh+kwWN3Xuffd+HwqPFSIrB7h8K8Jj5YFcVD/uX8vEU+Wx59qkh6reV+OMmdw6zR8LD56Y0e71lqVgTqiXh3+APxIkQBVAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632cb0a542a2a5.609569182508976009%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a542a2a5.609569182508976009%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QMW4DMQz7Sj9wB0mWLCtzu7ZAijzAF5y3NkM7JAAfX/m6xIJtgqBASkIiC8Ui8sJ6sjhpQ/AatKqsbIr3jzOU8fjdbrdtvd6+UL16BApVV4G3Qk2hSlW4wWhecVeFczSX1LChgLLESvKJViJWqQ1OeLuccfl8TTLCUwwh5DuNJ9TEdJ/dZe/q1YYzBXuXMbbdbXcarY2t9yl8DkowqYXARHXarm7eMokcWf5r4ePLQzhQ/3l8X4EnyTGaTGRHa0ZMKs0ihPtu0reyp1HMtRSyEWre2/A/YdBHilwBAAA=
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QMW4DMQz7Sj9wB0mWLCtzu7ZAijzAF5y3NkM7JAAfX/m6xIJtgqBASkIiC8Ui8sJ6sjhpQ/AatKqsbIr3jzOU8fjdbrdtvd6+UL16BApVV4G3Qk2hSlW4wWhecVeFczSX1LChgLLESvKJViJWqQ1OeLuccfl8TTLCUwwh5DuNJ9TEdJ/dZe/q1YYzBXuXMbbdbXcarY2t9yl8DkowqYXARHXarm7eMokcWf5r4ePLQzhQ/3l8X4EnyTGaTGRHa0ZMKs0ihPtu0reyp1HMtRSyEWre2/A/YdBHilwBAAA=
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01QMW4DMQz7Sj9wB0mWLCtzu7ZAijzAF5y3NkM7JAAfX/m6xIJtgqBASkIiC8Ui8sJ6sjhpQ/AatKqsbIr3jzOU8fjdbrdtvd6+UL16BApVV4G3Qk2hSlW4wWhecVeFczSX1LChgLLESvKJViJWqQ1OeLuccfl8TTLCUwwh5DuNJ9TEdJ/dZe/q1YYzBXuXMbbdbXcarY2t9yl8DkowqYXARHXarm7eMokcWf5r4ePLQzhQ/3l8X4EnyTGaTGRHa0ZMKs0ihPtu0reyp1HMtRSyEWre2/A/YdBHilwBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632cb0a54b8123.323867981377718538%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a54b8123.323867981377718538%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.w.org/images/core/emoji/14.0.0/svg/1f346.svg
192.0.77.48200 OK 432 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f346.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (432), with no line terminators
Hash f92a9f8821057c551982b659b268ed8e
6238f3b621be938ec83d96306647991cf8cec28f
6a51feacbc0c6653c8adf378b5bf03b10a82f8ff387674f6434d3ee9019416af
GET /images/core/emoji/14.0.0/svg/1f346.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/svg+xml
content-length: 432
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f445.svg
192.0.77.48200 OK 360 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f445.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (360), with no line terminators
Hash 0d16121d9eae5745be9da0c730557d30
3e1f809012606a4df721569e690553ee85606dbb
7ba3e8cfbd718c54aeaf8b78b8487552f08f520d1d0653a18860f46d428074e9
GET /images/core/emoji/14.0.0/svg/1f445.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/svg+xml
content-length: 360
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f1f3-1f1f4.svg
192.0.77.48200 OK 459 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f1f3-1f1f4.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (459), with no line terminators
Hash ce4def896435e73267187e77a8e32e76
8ead2971fd73d3b68fc601d823b62198916d04ea
b757b0ce5e1342e346d6ace2e11ac38252f5dd1d20a62c3b2e608a8254ceb292
GET /images/core/emoji/14.0.0/svg/1f1f3-1f1f4.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/svg+xml
content-length: 459
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PsW7DMAxEf6U/YONIkRKZuV1bIEU+wDKsrc3QDgnAjy/tAEV0gx4Ox5PIYJ7gE/MLyUn9JBZOs2MWnkkl3j/OIRT333699nm9foWIiVIU1CYczQpM0kRlkVBYKLVmQDTxUpksSKMEUqwlM0kzQAUeDfF2Ocfl8zU998ZBwVmNGyuS99eDEZKM215RtkVa1dEITm3hMfrWdGsYZqMvyx58/i0emslEjnL8a6LjyoM4aPm5f68RT5HHWjVJj9GsSCt7rKLXosyoQx2uo7sUpxXmuqr9AS/cQgJYAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PsW7DMAxEf6U/YONIkRKZuV1bIEU+wDKsrc3QDgnAjy/tAEV0gx4Ox5PIYJ7gE/MLyUn9JBZOs2MWnkkl3j/OIRT333699nm9foWIiVIU1CYczQpM0kRlkVBYKLVmQDTxUpksSKMEUqwlM0kzQAUeDfF2Ocfl8zU998ZBwVmNGyuS99eDEZKM215RtkVa1dEITm3hMfrWdGsYZqMvyx58/i0emslEjnL8a6LjyoM4aPm5f68RT5HHWjVJj9GsSCt7rKLXosyoQx2uo7sUpxXmuqr9AS/cQgJYAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PsW7DMAxEf6U/YONIkRKZuV1bIEU+wDKsrc3QDgnAjy/tAEV0gx4Ox5PIYJ7gE/MLyUn9JBZOs2MWnkkl3j/OIRT333699nm9foWIiVIU1CYczQpM0kRlkVBYKLVmQDTxUpksSKMEUqwlM0kzQAUeDfF2Ocfl8zU998ZBwVmNGyuS99eDEZKM215RtkVa1dEITm3hMfrWdGsYZqMvyx58/i0emslEjnL8a6LjyoM4aPm5f68RT5HHWjVJj9GsSCt7rKLXosyoQx2uo7sUpxXmuqr9AS/cQgJYAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632cb0a54f0bd2.576512531148330996%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a54f0bd2.576512531148330996%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PMW7DMAz8Sj9g40iRopS5XVsgRR4gu/bWZmiGBLjHVzI6hDfweCCPpEJ1Qp1UX8ROXk9WWGWumE1nceP7x5kmfNyW63WZ1+s3zYq5MCGHKaMkFGNKNecsdBS65polM1zMNBWKMxEd6slssBkQBvh2OfPy+dqFWkMpFHRj3AXoxdhNBa1z3IdB2ppF9j0EVaLpvi9b+BbYS9mX1kbj8604IDOk/yDUf2FgkiP1AA/Wfh8/K/nUYoasGEN+jPY7utR9muWWRVYJ/5K1ViBW32ogy7ol2/4Ay5TAfFYBAAA=
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PMW7DMAz8Sj9g40iRopS5XVsgRR4gu/bWZmiGBLjHVzI6hDfweCCPpEJ1Qp1UX8ROXk9WWGWumE1nceP7x5kmfNyW63WZ1+s3zYq5MCGHKaMkFGNKNecsdBS65polM1zMNBWKMxEd6slssBkQBvh2OfPy+dqFWkMpFHRj3AXoxdhNBa1z3IdB2ppF9j0EVaLpvi9b+BbYS9mX1kbj8604IDOk/yDUf2FgkiP1AA/Wfh8/K/nUYoasGEN+jPY7utR9muWWRVYJ/5K1ViBW32ogy7ol2/4Ay5TAfFYBAAA=
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01PMW7DMAz8Sj9g40iRopS5XVsgRR4gu/bWZmiGBLjHVzI6hDfweCCPpEJ1Qp1UX8ROXk9WWGWumE1nceP7x5kmfNyW63WZ1+s3zYq5MCGHKaMkFGNKNecsdBS65polM1zMNBWKMxEd6slssBkQBvh2OfPy+dqFWkMpFHRj3AXoxdhNBa1z3IdB2ppF9j0EVaLpvi9b+BbYS9mX1kbj8604IDOk/yDUf2FgkiP1AA/Wfh8/K/nUYoasGEN+jPY7utR9muWWRVYJ/5K1ViBW32ogy7ol2/4Ay5TAfFYBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632cb0a54d97b7.071810221925736200%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a54d97b7.071810221925736200%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PMW7DMAxFr9ILWCApUqQyt2sLpMgBLMfeWg/NkAD/8JXcDtEf9PlBPZFCIhPVSeSF9WT1pIHKqVJSSWyK948zlPG4tX1vadm/oBpqjEzFVeCRKbSHVDgERgGTUgsXuLGq5AI2ZFCXWFYdLhExnPB2OePy+dqDWl3AYOpgujNRL8bfEIJ2T/cByOusXmxzpso+y7a11W112iK2Ns+j8XlWOjT2sQGR/2Bo4uPqh3C4+efxvQBPLX9Lle7seNoRPRqcJWJZpJE1L43DWGzlfF2vquwRv9XXMXtWAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PMW7DMAxFr9ILWCApUqQyt2sLpMgBLMfeWg/NkAD/8JXcDtEf9PlBPZFCIhPVSeSF9WT1pIHKqVJSSWyK948zlPG4tX1vadm/oBpqjEzFVeCRKbSHVDgERgGTUgsXuLGq5AI2ZFCXWFYdLhExnPB2OePy+dqDWl3AYOpgujNRL8bfEIJ2T/cByOusXmxzpso+y7a11W112iK2Ns+j8XlWOjT2sQGR/2Bo4uPqh3C4+efxvQBPLX9Lle7seNoRPRqcJWJZpJE1L43DWGzlfF2vquwRv9XXMXtWAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PMW7DMAxFr9ILWCApUqQyt2sLpMgBLMfeWg/NkAD/8JXcDtEf9PlBPZFCIhPVSeSF9WT1pIHKqVJSSWyK948zlPG4tX1vadm/oBpqjEzFVeCRKbSHVDgERgGTUgsXuLGq5AI2ZFCXWFYdLhExnPB2OePy+dqDWl3AYOpgujNRL8bfEIJ2T/cByOusXmxzpso+y7a11W112iK2Ns+j8XlWOjT2sQGR/2Bo4uPqh3C4+efxvQBPLX9Lle7seNoRPRqcJWJZpJE1L43DWGzlfF2vquwRv9XXMXtWAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632cb0a54eb3a9.666793684210274038%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a54eb3a9.666793684210274038%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02OQW7DQAhFr9IL2AIGBsi63bZSqhzA43h2bRbtopH+4Tt2pKogwRfiwxMSmSgnkSfWk+VJA8lz0qwysyle385Qxv273W5tXm8fqF49E4Wqq8CjUChKUaZKYC0wEndVOGe4lAo2FNBIsTLmQ81ErFIDTni5nHF5fx7DTBcwhDDq/niXOjT97O6yLerVujMl+yK9t81tc+oRvS3LvvgflGBSy2AiquMtz8IR+/2D5ZETH20E4VDL1/1zBf4WHrywwzXoVMdBhF23Fq3UiFWtRU/pYU25V83I6y9Nytw1VwEAAA==
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02OQW7DQAhFr9IL2AIGBsi63bZSqhzA43h2bRbtopH+4Tt2pKogwRfiwxMSmSgnkSfWk+VJA8lz0qwysyle385Qxv273W5tXm8fqF49E4Wqq8CjUChKUaZKYC0wEndVOGe4lAo2FNBIsTLmQ81ErFIDTni5nHF5fx7DTBcwhDDq/niXOjT97O6yLerVujMl+yK9t81tc+oRvS3LvvgflGBSy2AiquMtz8IR+/2D5ZETH20E4VDL1/1zBf4WHrywwzXoVMdBhF23Fq3UiFWtRU/pYU25V83I6y9Nytw1VwEAAA==
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02OQW7DQAhFr9IL2AIGBsi63bZSqhzA43h2bRbtopH+4Tt2pKogwRfiwxMSmSgnkSfWk+VJA8lz0qwysyle385Qxv273W5tXm8fqF49E4Wqq8CjUChKUaZKYC0wEndVOGe4lAo2FNBIsTLmQ81ErFIDTni5nHF5fx7DTBcwhDDq/niXOjT97O6yLerVujMl+yK9t81tc+oRvS3LvvgflGBSy2AiquMtz8IR+/2D5ZETH20E4VDL1/1zBf4WHrywwzXoVMdBhF23Fq3UiFWtRU/pYU25V83I6y9Nytw1VwEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632cb0a5527e36.238237513227841358%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a5527e36.238237513227841358%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22143.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PQW4DMQj8Sj+wFmAwJuf22kqp8gB7s761e2gPjcTjizeKFI8Mo9Ew2AREC9hC9IJ8EjtxdcNkkJgSCvv7x9kZ/fbb972ndf9yVpGinqEok2vNUNmZoRBWF4iLhgWLK+esJuQonh0CJJl5sgSAruBvl7NfPl9DMNMwOoFHnUsn5eDwNyfz1liLDEUw1EZj9E1lUxi1jt7aND4/Eu5IKjXP2IcQWPBoccAP1n5u36v7k+X4DU0mx2hEhBQ5GcRWFVVU1muxXJoyirWtr3aF+g8yN8EcTwEAAA==
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PQW4DMQj8Sj+wFmAwJuf22kqp8gB7s761e2gPjcTjizeKFI8Mo9Ew2AREC9hC9IJ8EjtxdcNkkJgSCvv7x9kZ/fbb972ndf9yVpGinqEok2vNUNmZoRBWF4iLhgWLK+esJuQonh0CJJl5sgSAruBvl7NfPl9DMNMwOoFHnUsn5eDwNyfz1liLDEUw1EZj9E1lUxi1jt7aND4/Eu5IKjXP2IcQWPBoccAP1n5u36v7k+X4DU0mx2hEhBQ5GcRWFVVU1muxXJoyirWtr3aF+g8yN8EcTwEAAA==
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01PQW4DMQj8Sj+wFmAwJuf22kqp8gB7s761e2gPjcTjizeKFI8Mo9Ew2AREC9hC9IJ8EjtxdcNkkJgSCvv7x9kZ/fbb972ndf9yVpGinqEok2vNUNmZoRBWF4iLhgWLK+esJuQonh0CJJl5sgSAruBvl7NfPl9DMNMwOoFHnUsn5eDwNyfz1liLDEUw1EZj9E1lUxi1jt7aND4/Eu5IKjXP2IcQWPBoccAP1n5u36v7k+X4DU0mx2hEhBQ5GcRWFVVU1muxXJoyirWtr3aF+g8yN8EcTwEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22632cb0a5512d18.89357779675007144%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a5512d18.89357779675007144%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QMW7DMAz8Sj9gg6RIicrcrg2QIg+QHGtrPTRDA9zjS3sIogPIg3Q8khISmahOIm+sJ6sndVSeK80qM5vi83yBMh73vm19XrZvlMyWCYlyUUHxRK5QpSzsMHJozSw5npiEkxPYkEABsaR6sEL4uF5w/XoHzbUWAUMIEfeGO+UA/e3atDYt2Ub4VS5NxuhrsbXQcB+9tV34OiDBSiIFMyWX8C/m4R6gJyY+UhzCwdrv42cBXiTHSrIzO0oNHFfR7EYtvqCRqljvdek36W1tdXhuTcz/AWPpIDxUAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QMW7DMAz8Sj9gg6RIicrcrg2QIg+QHGtrPTRDA9zjS3sIogPIg3Q8khISmahOIm+sJ6sndVSeK80qM5vi83yBMh73vm19XrZvlMyWCYlyUUHxRK5QpSzsMHJozSw5npiEkxPYkEABsaR6sEL4uF5w/XoHzbUWAUMIEfeGO+UA/e3atDYt2Ub4VS5NxuhrsbXQcB+9tV34OiDBSiIFMyWX8C/m4R6gJyY+UhzCwdrv42cBXiTHSrIzO0oNHFfR7EYtvqCRqljvdek36W1tdXhuTcz/AWPpIDxUAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01QMW7DMAz8Sj9gg6RIicrcrg2QIg+QHGtrPTRDA9zjS3sIogPIg3Q8khISmahOIm+sJ6sndVSeK80qM5vi83yBMh73vm19XrZvlMyWCYlyUUHxRK5QpSzsMHJozSw5npiEkxPYkEABsaR6sEL4uF5w/XoHzbUWAUMIEfeGO+UA/e3atDYt2Ub4VS5NxuhrsbXQcB+9tV34OiDBSiIFMyWX8C/m4R6gJyY+UhzCwdrv42cBXiTHSrIzO0oNHFfR7EYtvqCRqljvdek36W1tdXhuTcz/AWPpIDxUAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22632cb0a5500395.61571284492150515%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a5500395.61571284492150515%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PTU4DMQyFr8IFJvJfEqdr2IJU1AMk02QHXcCCSu/wJLOo6ifZT5Y/2RYS2ahsIi9sp1hO5igcCgWTwNHw/nGGMe6/7XZrYb99IYkmZiilbILsSm5QV2NnRHJo4ViST8yzOhs4QkFTEtVsuUBEkyW8Xc64fL7OTilZwBDCzGvrspMF/S1Ue7Wc4shMhXOVMVrPsWca7qPVugafr6RDHDQnhUzRQxsfZQbhcPXn/r0DTyNmlDgvKD5QRo+0M893R21mtQsLqe6S9No89+s/JycdG00BAAA=
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PTU4DMQyFr8IFJvJfEqdr2IJU1AMk02QHXcCCSu/wJLOo6ifZT5Y/2RYS2ahsIi9sp1hO5igcCgWTwNHw/nGGMe6/7XZrYb99IYkmZiilbILsSm5QV2NnRHJo4ViST8yzOhs4QkFTEtVsuUBEkyW8Xc64fL7OTilZwBDCzGvrspMF/S1Ue7Wc4shMhXOVMVrPsWca7qPVugafr6RDHDQnhUzRQxsfZQbhcPXn/r0DTyNmlDgvKD5QRo+0M893R21mtQsLqe6S9No89+s/JycdG00BAAA=
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PTU4DMQyFr8IFJvJfEqdr2IJU1AMk02QHXcCCSu/wJLOo6ifZT5Y/2RYS2ahsIi9sp1hO5igcCgWTwNHw/nGGMe6/7XZrYb99IYkmZiilbILsSm5QV2NnRHJo4ViST8yzOhs4QkFTEtVsuUBEkyW8Xc64fL7OTilZwBDCzGvrspMF/S1Ue7Wc4shMhXOVMVrPsWca7qPVugafr6RDHDQnhUzRQxsfZQbhcPXn/r0DTyNmlDgvKD5QRo+0M893R21mtQsLqe6S9No89+s/JycdG00BAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632cb0a55489e4.827955111919198501%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a55489e4.827955111919198501%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OO05EMQy8Chd4kX+J462hBWnRHiCJXjp4BRS7kg+P82jWlpPRaMYeAqINbCN6Qblku0h1w2SQhBJm8fePqwv647cfR0/j+PKiRc2coaiQa2Wo4lxZsKJnqDGkKuKKVpWYHLOzQzRlDj5QAkDR4gr+drv67fM1ODMNrRN4vOvughIY7svMewtLnopgqI3m7LvmXWHWOntrS/icEzxTYXAEKHEVE2tZ2+iM8t8bnl8U+Inaz+N7uD9JRKCgLlM+rRExqNiDBcccfUQQMhTiiMVzjEqt9b3OP+Ra2DNbAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OO05EMQy8Chd4kX+J462hBWnRHiCJXjp4BRS7kg+P82jWlpPRaMYeAqINbCN6Qblku0h1w2SQhBJm8fePqwv647cfR0/j+PKiRc2coaiQa2Wo4lxZsKJnqDGkKuKKVpWYHLOzQzRlDj5QAkDR4gr+drv67fM1ODMNrRN4vOvughIY7svMewtLnopgqI3m7LvmXWHWOntrS/icEzxTYXAEKHEVE2tZ2+iM8t8bnl8U+Inaz+N7uD9JRKCgLlM+rRExqNiDBcccfUQQMhTiiMVzjEqt9b3OP+Ra2DNbAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OO05EMQy8Chd4kX+J462hBWnRHiCJXjp4BRS7kg+P82jWlpPRaMYeAqINbCN6Qblku0h1w2SQhBJm8fePqwv647cfR0/j+PKiRc2coaiQa2Wo4lxZsKJnqDGkKuKKVpWYHLOzQzRlDj5QAkDR4gr+drv67fM1ODMNrRN4vOvughIY7svMewtLnopgqI3m7LvmXWHWOntrS/icEzxTYXAEKHEVE2tZ2+iM8t8bnl8U+Inaz+N7uD9JRKCgLlM+rRExqNiDBcccfUQQMhTiiMVzjEqt9b3OP+Ra2DNbAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632cb0a5565417.989855583078741776%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a5565417.989855583078741776%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OS05DMRC7Chd40XwzSdewBamoB8gryQ66gAWVfHiSJxYdSzOWNZYtJLJR3USe2E5eT1ZQOVVKJond8Pp2hjHuP/vttqfr7RMW7jmglMMEUZSKQYsaF4ZTgXPlzBlhqlGdwA4FTYir2WKJiBGEl8sZl/fnKdQaAoYQ5l6hi9rk9Luc2ptF9hFMlaPJGHsP70GjlLG3th4fS9IBThp5loP8CwsbH2cO4WDt+/51BR5ezChzLJMfVgVPaWZ4rkWKWZjLR+PRmHrpg3dXadzlDzEmfhBPAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OS05DMRC7Chd40XwzSdewBamoB8gryQ66gAWVfHiSJxYdSzOWNZYtJLJR3USe2E5eT1ZQOVVKJond8Pp2hjHuP/vttqfr7RMW7jmglMMEUZSKQYsaF4ZTgXPlzBlhqlGdwA4FTYir2WKJiBGEl8sZl/fnKdQaAoYQ5l6hi9rk9Luc2ptF9hFMlaPJGHsP70GjlLG3th4fS9IBThp5loP8CwsbH2cO4WDt+/51BR5ezChzLJMfVgVPaWZ4rkWKWZjLR+PRmHrpg3dXadzlDzEmfhBPAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OS05DMRC7Chd40XwzSdewBamoB8gryQ66gAWVfHiSJxYdSzOWNZYtJLJR3USe2E5eT1ZQOVVKJond8Pp2hjHuP/vttqfr7RMW7jmglMMEUZSKQYsaF4ZTgXPlzBlhqlGdwA4FTYir2WKJiBGEl8sZl/fnKdQaAoYQ5l6hi9rk9Luc2ptF9hFMlaPJGHsP70GjlLG3th4fS9IBThp5loP8CwsbH2cO4WDt+/51BR5ezChzLJMfVgVPaWZ4rkWKWZjLR+PRmHrpg3dXadzlDzEmfhBPAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22632cb0a5559ff2.62748941656998141%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a5559ff2.62748941656998141%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/379728/b3ce69a50c097954ee85a6f0bde8c4784d5a2b78.webp
185.76.9.14200 OK 9.6 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/379728/b3ce69a50c097954ee85a6f0bde8c4784d5a2b78.webp
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 85eb3bf2f52bcbe7eb3b5ff4f014d0f8
b3ce69a50c097954ee85a6f0bde8c4784d5a2b78
532fe805bc910e1c03546876735a63895f695ec6ab0a479a69b8c18a8980d96b
GET /library/379728/b3ce69a50c097954ee85a6f0bde8c4784d5a2b78.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/webp
content-length: 9598
last-modified: Sun, 12 Jun 2022 09:12:56 GMT
etag: "62a5ae18-257e"
expires: Sat, 01 Jul 2023 11:25:39 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688305477
server: CDN77-Turbo
x-77-nzt: AblMCQ2OK8r/4GRsAA
x-77-nzt-ray: Jlo/1hb+gyk
x-cache: HIT
x-age: 7103712
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/676799/e6b37a342b7f9f52955204fb467a456d07cdbd4a.jpg
185.76.9.14200 OK 26 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/676799/e6b37a342b7f9f52955204fb467a456d07cdbd4a.jpg
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 314bcd4331908cbfa418f46b4cad7cdc
e6b37a342b7f9f52955204fb467a456d07cdbd4a
af1239a1443d757bbd7ffa6bee10752a848ba47b381038563ed0e9c0dbe33d48
GET /library/676799/e6b37a342b7f9f52955204fb467a456d07cdbd4a.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/jpeg
content-length: 26414
last-modified: Tue, 23 Mar 2021 10:37:35 GMT
etag: "6059c4ef-672e"
expires: Fri, 30 Jun 2023 11:23:20 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195231
server: CDN77-Turbo
x-77-nzt: AblMCQ1xTo7/hhNuAA
x-77-nzt-ray: HtD1wfIfrhc
x-cache: HIT
x-age: 7213958
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/623611/b15895baaf99a97c8834ba6bec7f8db1fef4fe99.jpg
185.76.9.14200 OK 23 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/623611/b15895baaf99a97c8834ba6bec7f8db1fef4fe99.jpg
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 441547a9707a39c963c3711eb1bde65f
b15895baaf99a97c8834ba6bec7f8db1fef4fe99
62aecdb0f6d107e9245712c74358f209336d3d33a6c90857b44bc10e3fc9b8c6
GET /library/623611/b15895baaf99a97c8834ba6bec7f8db1fef4fe99.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/jpeg
content-length: 22647
last-modified: Mon, 25 May 2020 13:39:38 GMT
etag: "5ecbca9a-5877"
expires: Fri, 30 Jun 2023 11:55:59 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195206
server: CDN77-Turbo
x-77-nzt: AblMCQ1s8iD/nxNuAA
x-77-nzt-ray: 6zFkczeU01Q
x-cache: HIT
x-age: 7213983
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/475567/b02a4e7c60116eb6ab673a98c95e8547fb1fcb7e.jpg
185.76.9.14200 OK 23 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/475567/b02a4e7c60116eb6ab673a98c95e8547fb1fcb7e.jpg
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 0218fde94a8b193f44b891088bfa4ba2
b02a4e7c60116eb6ab673a98c95e8547fb1fcb7e
ceedb17a60e83c765f7252dcffacc02538ae1bc7ba3efa7e492542d655a52c32
GET /library/475567/b02a4e7c60116eb6ab673a98c95e8547fb1fcb7e.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/jpeg
content-length: 23055
last-modified: Fri, 03 Jul 2020 08:30:09 GMT
etag: "5efeec91-5a0f"
expires: Fri, 30 Jun 2023 18:46:52 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195228
server: CDN77-Turbo
x-77-nzt: AblMCQ2iOVr/iRNuAA
x-77-nzt-ray: JnaYtYHzR9w
x-cache: HIT
x-age: 7213961
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PQW4DMQj8Sj+wFmCwcc7ttZVS5QHerX1rc2gOjTSPL7u5xCPBCAYGC4ks1BaRF9aTtZM6GqdGSSWxKd4/zlDG/bZer2vart+oha0QMpWqguqZXJE9KzvDyKGtsJRoMQnnomBDBgXEsurBKuHtcsbl8xWUWqsChhAi7oY75QD97do8utZiM/Y1rl3mXEe1UWm6z7X3Xfh8IMFqprBlyh6LU65xhEIO5wcWPlI8wsH67/1nA54kqlS47kOGR+QohZkOim/6l49mWxCXyXPjTmzbsN7/AWK2BYdUAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PQW4DMQj8Sj+wFmCwcc7ttZVS5QHerX1rc2gOjTSPL7u5xCPBCAYGC4ks1BaRF9aTtZM6GqdGSSWxKd4/zlDG/bZer2vart+oha0QMpWqguqZXJE9KzvDyKGtsJRoMQnnomBDBgXEsurBKuHtcsbl8xWUWqsChhAi7oY75QD97do8utZiM/Y1rl3mXEe1UWm6z7X3Xfh8IMFqprBlyh6LU65xhEIO5wcWPlI8wsH67/1nA54kqlS47kOGR+QohZkOim/6l49mWxCXyXPjTmzbsN7/AWK2BYdUAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01PQW4DMQj8Sj+wFmCwcc7ttZVS5QHerX1rc2gOjTSPL7u5xCPBCAYGC4ks1BaRF9aTtZM6GqdGSSWxKd4/zlDG/bZer2vart+oha0QMpWqguqZXJE9KzvDyKGtsJRoMQnnomBDBgXEsurBKuHtcsbl8xWUWqsChhAi7oY75QD97do8utZiM/Y1rl3mXEe1UWm6z7X3Xfh8IMFqprBlyh6LU65xhEIO5wcWPlI8wsH67/1nA54kqlS47kOGR+QohZkOim/6l49mWxCXyXPjTmzbsN7/AWK2BYdUAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22632cb0a55a9ec9.34705967866675523%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a55a9ec9.34705967866675523%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OQWoDMQz8Sj+wRpJlS865uTaQkgfYy/rW7qE9JDCPr70EGg1oRmIGSUhkobKIvLGeUjmpo3AoFFQCJ8XH5QplPH7bvrew7l9wElVFpGwqMI/kY/Ko7IxEjiTMOTpMtUiMGZwQQQOS4kgODnReEoxwvl1x+3wHhVJMwBDC6PPqlDo03Wc0blUtp25Mha1K722ztBl1995qncbXL+kAh2h5fAV5LiYWPmgU4VD15/G9Ai8WVcpsM/QfZZSt12y1ZWnZWiNN4lWb97VvHkX/ADb9d8ZNAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OQWoDMQz8Sj+wRpJlS865uTaQkgfYy/rW7qE9JDCPr70EGg1oRmIGSUhkobKIvLGeUjmpo3AoFFQCJ8XH5QplPH7bvrew7l9wElVFpGwqMI/kY/Ko7IxEjiTMOTpMtUiMGZwQQQOS4kgODnReEoxwvl1x+3wHhVJMwBDC6PPqlDo03Wc0blUtp25Mha1K722ztBl1995qncbXL+kAh2h5fAV5LiYWPmgU4VD15/G9Ai8WVcpsM/QfZZSt12y1ZWnZWiNN4lWb97VvHkX/ADb9d8ZNAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OQWoDMQz8Sj+wRpJlS865uTaQkgfYy/rW7qE9JDCPr70EGg1oRmIGSUhkobKIvLGeUjmpo3AoFFQCJ8XH5QplPH7bvrew7l9wElVFpGwqMI/kY/Ko7IxEjiTMOTpMtUiMGZwQQQOS4kgODnReEoxwvl1x+3wHhVJMwBDC6PPqlDo03Wc0blUtp25Mha1K722ztBl1995qncbXL+kAh2h5fAV5LiYWPmgU4VD15/G9Ai8WVcpsM/QfZZSt12y1ZWnZWiNN4lWb97VvHkX/ADb9d8ZNAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22632cb0a55a69f6.09781007641049912%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a55a69f6.09781007641049912%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
185.76.9.14200 OK 27 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash c1c75724467e05b05d3f47c4192d595a
be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1
e3274a14bb5b75548d26cd44215aef5395348223ed43c262cb17c3783f88c132
GET /library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/jpeg
content-length: 27027
last-modified: Thu, 03 Mar 2022 12:22:54 GMT
etag: "6220b31e-6993"
expires: Tue, 12 Sep 2023 00:42:58 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1694772188
server: CDN77-Turbo
x-77-nzt: AblMCQ0KYbn/SbgJAA
x-77-nzt-ray: 1fi/GaZRm2E
x-cache: HIT
x-age: 637001
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ytboob.com/wp-admin/admin-ajax.php
185.178.208.169200 OK 19 kB URL HTTP/2 ytboob.com/wp-admin/admin-ajax.php
IP 185.178.208.169:0
Hash 6b832b23d9aaca57385ddb1834814504
38837547a2c4c8d5282e031d7a4b17607fbbe77b
e53f0edaf86ef33346ac1e9be4410262a0cced28068c8c45c44db6613d809f8a
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: ytboob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 48
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/fashion-week-topless-models/
Cookie: __ddg1_=SQQhMNuYp1zfWdxJzclF; _ga_B9HWGDSQ07=GS1.1.1663873186.1.0.1663873186.0.0.0; _ga=GA1.1.1819822229.1663873187; __atuvc=1%7C38; __atuvs=632cb0a28a74c2a6000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://ytboob.com
access-control-allow-credentials: true
x-robots-tag: noindex
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/723662/2f1981ac788817c3e8f84363b5aca5438789927e.webp
185.76.9.14200 OK 3.9 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/723662/2f1981ac788817c3e8f84363b5aca5438789927e.webp
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 680114464ec16305f73b0f6f88a8071c
2f1981ac788817c3e8f84363b5aca5438789927e
82d69e9f5ed5b94dda8415de0e0818546a175868a4c5e5f53ebc8736fea991bf
GET /library/723662/2f1981ac788817c3e8f84363b5aca5438789927e.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/webp
content-length: 3904
last-modified: Thu, 04 Nov 2021 11:57:01 GMT
etag: "6183ca8d-f40"
expires: Fri, 30 Jun 2023 18:56:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688259870
server: CDN77-Turbo
x-77-nzt: AblMCQ3ivVD/BxdtAA
x-77-nzt-ray: d7tEPq0nmUM
x-cache: HIT
x-age: 7149319
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/475567/8d426f816cbaeff1b5b985f59529c8fac01088a4.jpg
185.76.9.14200 OK 19 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/475567/8d426f816cbaeff1b5b985f59529c8fac01088a4.jpg
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 600a2563a9ff954ee2d89bb3fb028018
8d426f816cbaeff1b5b985f59529c8fac01088a4
c8b0a6e6d79b601ba5e1035656e4950f7905e76fb619e71332a9843efb4d8eaa
GET /library/475567/8d426f816cbaeff1b5b985f59529c8fac01088a4.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/jpeg
content-length: 18683
last-modified: Wed, 21 Aug 2019 03:50:42 GMT
etag: "5d5cbf92-48fb"
expires: Fri, 30 Jun 2023 14:44:03 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195213
server: CDN77-Turbo
x-77-nzt: AblMCQ3s5WD/mBNuAA
x-77-nzt-ray: FKNS4m7EIHQ
x-cache: HIT
x-age: 7213976
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
q.addthis.com/feeds/1.0/views2.json?pubid=ra-5c9e4743b7689009&domain=ytboob.com&limit=50&callback=_ate.cbs.fds_ra5c9e4743b7689009views2json0
23.38.200.123200 OK 5.0 kB URL HTTP/2 q.addthis.com/feeds/1.0/views2.json?pubid=ra-5c9e4743b7689009&domain=ytboob.com&limit=50&callback=_ate.cbs.fds_ra5c9e4743b7689009views2json0
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (35162), with no line terminators
Hash 2e6ded7fb4fde0fc2801bf5da5f29219
8761ef36df0139ceeb3f98b3e3db841ec3e1a574
f159858d7a0b0a516d4917d8c27278e644008b0440dbc388697f733c222c77a8
GET /feeds/1.0/views2.json?pubid=ra-5c9e4743b7689009&domain=ytboob.com&limit=50&callback=_ate.cbs.fds_ra5c9e4743b7689009views2json0 HTTP/1.1
Host: q.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript;charset=UTF-8
surrogate-key: ra-5c9e4743b7689009
cache-tag: ra-5c9e4743b7689009
cache-control: max-age=0, s-maxage=3600
last-modified: Thu, 22 Sep 2022 18:45:28 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 5027
date: Thu, 22 Sep 2022 18:59:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/761560/771e048f48d57ab18957b79c7862c02549cea69e.jpg
185.76.9.14200 OK 27 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/761560/771e048f48d57ab18957b79c7862c02549cea69e.jpg
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 4c86247366dde65dd79e7c774aa25676
771e048f48d57ab18957b79c7862c02549cea69e
bbbe68837112811c2545bad669f590a42206e90e1ea97a1c162f182f0708bc1a
GET /library/761560/771e048f48d57ab18957b79c7862c02549cea69e.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/jpeg
content-length: 26597
last-modified: Thu, 03 Mar 2022 12:22:53 GMT
etag: "6220b31d-67e5"
expires: Fri, 08 Sep 2023 21:22:30 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1694771855
server: CDN77-Turbo
x-77-nzt: AblMCQ0ap8H/lrkJAA
x-77-nzt-ray: esdknDlnyVI
x-cache: HIT
x-age: 637334
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/676799/69de0359a701f5e50de85549f099c8b5332ee52c.jpg
185.76.9.14200 OK 22 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/676799/69de0359a701f5e50de85549f099c8b5332ee52c.jpg
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash d4b9732fd542e3a185a10dd918050880
69de0359a701f5e50de85549f099c8b5332ee52c
8de3226c3deb48795f20ac0c838efafee55911dbd9d1704046e6366223eb39ec
GET /library/676799/69de0359a701f5e50de85549f099c8b5332ee52c.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/jpeg
content-length: 22261
last-modified: Mon, 24 Jan 2022 19:06:03 GMT
etag: "61eef89b-56f5"
expires: Fri, 30 Jun 2023 18:49:17 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195247
server: CDN77-Turbo
x-77-nzt: AblMCQ1u8PT/dhNuAA
x-77-nzt-ray: n5oC40O62xU
x-cache: HIT
x-age: 7213942
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f493.svg
192.0.77.48200 OK 36 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f493.svg
IP 192.0.77.48:0
Hash 6041a724e12773f56f299eb3d15acc4a
013b9d9c65ce42c44d2fb87cd7ca9281bc1b4de1
afb389979dcc5778c530973f54ecceaa6cd669d66a220b65c1c3bd5739d985f4
GET /images/core/emoji/14.0.0/svg/1f493.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4
185.76.9.14206 Partial Content 22 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 7aab39bd95f3b8fe10a021cef327eee8
8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5
0405eb10aa1fce693abb9d60fbfbb1f82f07b6a72692d0addf003449d11b79eb
GET /library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: video/mp4
content-length: 21956
last-modified: Fri, 29 Jul 2022 16:34:04 GMT
etag: "62e40bfc-55c4"
expires: Sat, 29 Jul 2023 16:45:10 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1690649128
server: CDN77-Turbo
x-77-nzt: AblMCQ0cilf//aFIAA
x-77-nzt-ray: Z6DfRiJ/SKU
x-cache: HIT
x-age: 4760061
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-21955/21956
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PS2oEMQxEr5ILtNHXlmafbQIDOYD7410yi2QxAzp85A6BUWFUWPKjTEC0gC9ELygX9YtYOBaHIlRQJd7eryEYj5/1dlvLdvuMRlwrBUNtQtGMwSREoKJTKFgooxBLNNUqpBaowQEpUhaZrgCosbpzRWXi5EC8flzPg4E5p4RSJPM+uXgGCbKQ9HCfND66tKqjITi2TmOsR9OjwTAba+9z8Tk4/KkAAueM/i9SC54tC+J0/fvxtUU8rUzp+Sjz5XezubGL8U7usM+qfJBuezvcRh39F/I/rdJdAQAA
95.211.229.247200 OK 1.7 kB URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PS2oEMQxEr5ILtNHXlmafbQIDOYD7410yi2QxAzp85A6BUWFUWPKjTEC0gC9ELygX9YtYOBaHIlRQJd7eryEYj5/1dlvLdvuMRlwrBUNtQtGMwSREoKJTKFgooxBLNNUqpBaowQEpUhaZrgCosbpzRWXi5EC8flzPg4E5p4RSJPM+uXgGCbKQ9HCfND66tKqjITi2TmOsR9OjwTAba+9z8Tk4/KkAAueM/i9SC54tC+J0/fvxtUU8rUzp+Sjz5XezubGL8U7usM+qfJBuezvcRh39F/I/rdJdAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 7033ab45ed225123d68e1052da43fbeb
613f09ed3dd144551f5d4e71aea8a64cd290d3c4
4729f3c442a6d4daa2623194da8cf292ee33ba2d8571e2b60f6c09a7865b38af
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PS2oEMQxEr5ILtNHXlmafbQIDOYD7410yi2QxAzp85A6BUWFUWPKjTEC0gC9ELygX9YtYOBaHIlRQJd7eryEYj5/1dlvLdvuMRlwrBUNtQtGMwSREoKJTKFgooxBLNNUqpBaowQEpUhaZrgCosbpzRWXi5EC8flzPg4E5p4RSJPM+uXgGCbKQ9HCfND66tKqjITi2TmOsR9OjwTAba+9z8Tk4/KkAAueM/i9SC54tC+J0/fvxtUU8rUzp+Sjz5XezubGL8U7usM+qfJBuezvcRh39F/I/rdJdAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632cb0a54b8123.323867981377718538%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a54b8123.323867981377718538%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 18:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://ytboob.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632cb0a54b8123.323867981377718538%22%3B%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632cb0a54b8123.323867981377718538%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Sat, 21 Sep 2024 18:59:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/676799/cd5710823e62b921a06dc0045d7f2b1b663076c9.jpg
185.76.9.14200 OK 19 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/676799/cd5710823e62b921a06dc0045d7f2b1b663076c9.jpg
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash e14b72a35908bf1d0aa5be9f877917e1
cd5710823e62b921a06dc0045d7f2b1b663076c9
ace2d7b48d4ce56f5df3d44e08dacb1ee3251c631af636a3ca793005309a31b3
GET /library/676799/cd5710823e62b921a06dc0045d7f2b1b663076c9.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/jpeg
content-length: 18726
last-modified: Fri, 29 May 2020 12:09:23 GMT
etag: "5ed0fb73-4926"
expires: Fri, 30 Jun 2023 18:47:20 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195208
server: CDN77-Turbo
x-77-nzt: AblMCQ2byp7/nRNuAA
x-77-nzt-ray: z7N/kEpqkuo
x-cache: HIT
x-age: 7213981
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/448451/e1854b9c9aacd74ca5a5ba971fbcee29dec61d1f.mp4
185.76.9.14206 Partial Content 20 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/448451/e1854b9c9aacd74ca5a5ba971fbcee29dec61d1f.mp4
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 3ea9b335bfa30f346ba6640b0d59d75a
e1854b9c9aacd74ca5a5ba971fbcee29dec61d1f
26fcff889cf6cd649f461ac43376b5f1a6e53b64ee2a36e6f9e5d8390052a31b
GET /library/448451/e1854b9c9aacd74ca5a5ba971fbcee29dec61d1f.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: video/mp4
content-length: 19553
last-modified: Tue, 09 Aug 2022 11:14:51 GMT
etag: "62f241ab-4c61"
expires: Wed, 09 Aug 2023 11:38:13 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1691581121
server: CDN77-Turbo
x-77-nzt: AblMCQ2b/Br/ZGk6AA
x-77-nzt-ray: 3A3HYZzHurY
x-cache: HIT
x-age: 3828068
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-19552/19553
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4
185.76.9.14206 Partial Content 12 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 96ad52c24f7c0e4db3bf8e6c12b35a4d
b55663983b553c9f9adb0e1ada3af807a55715ec
f31922b7651e0582b68857a63239cc02dc53c0e30565fa5d11b74bf43e85527a
GET /library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: video/mp4
content-length: 12161
last-modified: Tue, 09 Aug 2022 11:14:51 GMT
etag: "62f241ab-2f81"
expires: Wed, 09 Aug 2023 11:37:35 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1691581143
server: CDN77-Turbo
x-77-nzt: AblMCQ3vNyL/Tmk6AA
x-77-nzt-ray: SjIiGw4KzPE
x-cache: HIT
x-age: 3828046
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-12160/12161
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1a35ad623c9566f856784c035cafcfe5
d8285c7497a9665514373d337a214bcd8d810dcd
2128003121c194bebce6a1cea5946b6c0f3b16380409d1df7ea4f16922f90544
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4183
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:49 GMT
Last-Modified: Thu, 22 Sep 2022 17:50:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
s.w.org/images/core/emoji/14.0.0/svg/1f444.svg
192.0.77.48200 OK 6.3 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f444.svg
IP 192.0.77.48:0
Hash 386eddfcfd2d4c7b1ba1a54a321524a3
6417282d5c67ce4e3f2abf70f705a27157ffdd95
57bbefdf8e417d1380a9585892d1cd858de712ec418376b201779e4665660132
GET /images/core/emoji/14.0.0/svg/1f444.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1a35ad623c9566f856784c035cafcfe5
d8285c7497a9665514373d337a214bcd8d810dcd
2128003121c194bebce6a1cea5946b6c0f3b16380409d1df7ea4f16922f90544
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4183
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:49 GMT
Last-Modified: Thu, 22 Sep 2022 17:50:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ytboob.b-cdn.net/wp-content/uploads/2022/09/xe5mwu.jpg
89.187.169.3200 OK 13 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/09/xe5mwu.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, baseline, precision 8, 480x360, components 3\012- data
Hash 73b733598da29f401fabfc840d867cce
8087e28a62ec8c5b324fad6134e2cf1b7e57297c
aee6fa9f909d87c9f6f2c2e87d27141c7709a259f844e6f85864357c6e84c9d3
GET /wp-content/uploads/2022/09/xe5mwu.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/jpeg
content-length: 13236
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 264
cache-control: public, max-age=604800
last-modified: Wed, 14 Sep 2022 17:11:14 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: HIT
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/14/2022 17:15:39
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 1149e42d978c2568573fcbfce66a8e2e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-content/uploads/2022/08/wpsv16.jpg
89.187.169.3200 OK 87 kB URL HTTP/2 ytboob.b-cdn.net/wp-content/uploads/2022/08/wpsv16.jpg
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
File type JPEG image data, baseline, precision 8, 1280x720, components 3\012- data
Hash b3ed39de558155124542c6d7a1e99631
3bf8b7f9353552171a32008ecf499afc5855c548
d8ad2b82bae6a51749dc6c4bba6589875fb5b729f71c6aec53e8051e97f095de
GET /wp-content/uploads/2022/08/wpsv16.jpg HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/jpeg
content-length: 86978
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
age: 1982
cache-control: public, max-age=604800
last-modified: Tue, 16 Aug 2022 12:36:06 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: HIT
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/18/2022 08:19:48
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: cc45bb35cdea1f384f42ae19e9510ee7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-28527574-33&cid=1819822229.1663873187&jid=1489889993&gjid=341732779&_gid=194952644.1663873189&_u=YADAAUAAAAAAAC~&z=654662792
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-28527574-33&cid=1819822229.1663873187&jid=1489889993&gjid=341732779&_gid=194952644.1663873189&_u=YADAAUAAAAAAAC~&z=654662792
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-28527574-33&cid=1819822229.1663873187&jid=1489889993&gjid=341732779&_gid=194952644.1663873189&_u=YADAAUAAAAAAAC~&z=654662792 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://ytboob.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Sep 2022 18:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 27cf440e1ef1d08625520d69c959f117
7cc983442579bf8e81fba0e213d7165548789a81
2186379b395cce5ed5b905529a02b388b59ef346bfa15c84fb295ebc90976a5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2186379B395CCE5ED5B905529A02B388B59EF346BFA15C84FB295EBC90976A5F"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6917
Expires: Thu, 22 Sep 2022 20:55:06 GMT
Date: Thu, 22 Sep 2022 18:59:49 GMT
Connection: keep-alive
go.xlirdr.com/eye.gif?campaignId=videoA2&language=en&autoplay=onHover&thumbFit=cover&autoplayForce=1&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23ff0023&liveBadgeColor=%23bd0000&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4&modelsLimit=1&player=canvas&quality=original&stripcashR=0&linkToModel=ifOnlineNew&newModelsListAPI=0&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=canvas-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fytboob.com%2F&i=0&ib=1&filtersMatch=1
104.18.42.40200 OK 103 B URL HTTP/2 go.xlirdr.com/eye.gif?campaignId=videoA2&language=en&autoplay=onHover&thumbFit=cover&autoplayForce=1&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23ff0023&liveBadgeColor=%23bd0000&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4&modelsLimit=1&player=canvas&quality=original&stripcashR=0&linkToModel=ifOnlineNew&newModelsListAPI=0&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=canvas-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fytboob.com%2F&i=0&ib=1&filtersMatch=1
IP 104.18.42.40:0
Hash 8c99886486b9a004383cb4df29011c43
d79ca4754481fc59598bc08fcdf354900918bffe
bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c
GET /eye.gif?campaignId=videoA2&language=en&autoplay=onHover&thumbFit=cover&autoplayForce=1&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23ff0023&liveBadgeColor=%23bd0000&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4&modelsLimit=1&player=canvas&quality=original&stripcashR=0&linkToModel=ifOnlineNew&newModelsListAPI=0&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=canvas-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fytboob.com%2F&i=0&ib=1&filtersMatch=1 HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlirdr.com/
Cookie: __cflb=02DiuDfsBaY2bRYJiCddNhqGgfsRfgxdZ6WHKKgJDF6qa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/gif
content-length: 103
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74ed47aadb770b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04fcf7ddca845d2b087ec43ab5ff0d59
39060a9af77ba92e5db529ba7c79013d205c9423
1ae0d60b572f2075bddfe8ae2034ddd093150d0d18c72d967b3bb8c4abffb23e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-28527574-33&cid=1819822229.1663873187&jid=1489889993&_u=YADAAUAAAAAAAC~&z=1235643600
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-28527574-33&cid=1819822229.1663873187&jid=1489889993&_u=YADAAUAAAAAAAC~&z=1235643600
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-28527574-33&cid=1819822229.1663873187&jid=1489889993&_u=YADAAUAAAAAAAC~&z=1235643600 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 18:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-28527574-33&cid=1819822229.1663873187&jid=1489889993&_u=YADAAUAAAAAAAC~&z=1235643600
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-28527574-33&cid=1819822229.1663873187&jid=1489889993&_u=YADAAUAAAAAAAC~&z=1235643600
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-28527574-33&cid=1819822229.1663873187&jid=1489889993&_u=YADAAUAAAAAAAC~&z=1235643600 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 18:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
go.ytboob.live/api/models?gender=females%2Cfemale%2CmaleFemale&isNew=0&profileEthnicity=ethnicityAsian&broadcastHD=1&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls%2Fahegao%2Cgirls%2Fpregnant&language=en&forceClient=1&stripcashR=0&limit=6&fields=tags
88.208.29.90200 OK 72 kB URL HTTP/2 go.ytboob.live/api/models?gender=females%2Cfemale%2CmaleFemale&isNew=0&profileEthnicity=ethnicityAsian&broadcastHD=1&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls%2Fahegao%2Cgirls%2Fpregnant&language=en&forceClient=1&stripcashR=0&limit=6&fields=tags
IP 88.208.29.90:0
ASN #39572 DataWeb Global Group B.V.
Hash c0265c9ed56ff8530a965e6df3ee1e9b
3f6438dedd8c6b11e002b155daf1fa9afafee622
045ae2d68c5b152136f0deb40cfc9a54659b4e9c3619204d80f3f81371a3207a
GET /api/models?gender=females%2Cfemale%2CmaleFemale&isNew=0&profileEthnicity=ethnicityAsian&broadcastHD=1&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls%2Fahegao%2Cgirls%2Fpregnant&language=en&forceClient=1&stripcashR=0&limit=6&fields=tags HTTP/1.1
Host: go.ytboob.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=15768000
access-control-allow-origin: https://creative.xlirdr.com
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.ytboob.live/eye.gif?campaignId=belowVideo&targetDomain=ytboob.live&language=en&autoplay=onHover&thumbFit=cover&autoplayForce=1&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&titleText=Chat&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4&modelsLimit=6&player=canvas&quality=original&stripcashR=0&linkToModel=ifOnlineNew&newModelsListAPI=0&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=6&segment=canvas-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fytboob.com%2F&i=0&ib=1&filtersMatch=0
88.208.29.90200 OK 103 B URL HTTP/2 go.ytboob.live/eye.gif?campaignId=belowVideo&targetDomain=ytboob.live&language=en&autoplay=onHover&thumbFit=cover&autoplayForce=1&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&titleText=Chat&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4&modelsLimit=6&player=canvas&quality=original&stripcashR=0&linkToModel=ifOnlineNew&newModelsListAPI=0&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=6&segment=canvas-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fytboob.com%2F&i=0&ib=1&filtersMatch=0
IP 88.208.29.90:0
ASN #39572 DataWeb Global Group B.V.
Hash 8c99886486b9a004383cb4df29011c43
d79ca4754481fc59598bc08fcdf354900918bffe
bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c
GET /eye.gif?campaignId=belowVideo&targetDomain=ytboob.live&language=en&autoplay=onHover&thumbFit=cover&autoplayForce=1&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&titleText=Chat&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4&modelsLimit=6&player=canvas&quality=original&stripcashR=0&linkToModel=ifOnlineNew&newModelsListAPI=0&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=6&segment=canvas-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fytboob.com%2F&i=0&ib=1&filtersMatch=0 HTTP/1.1
Host: go.ytboob.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlirdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/gif
content-length: 103
strict-transport-security: max-age=15768000
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 18:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
creative.xlivrdr.com/widgets/Spot/lib-auto.js?autoplay=all&userId=e9312f9d6505eb00921da0ce35c4f7f4df0a1c7a482e0931e1acacfb8d45d5b8&tag=girls/teens&sourceId=videoslider
104.18.42.40200 OK 0 B URL HTTP/2 creative.xlivrdr.com/widgets/Spot/lib-auto.js?autoplay=all&userId=e9312f9d6505eb00921da0ce35c4f7f4df0a1c7a482e0931e1acacfb8d45d5b8&tag=girls/teens&sourceId=videoslider
IP 104.18.42.40:0
GET /widgets/Spot/lib-auto.js?autoplay=all&userId=e9312f9d6505eb00921da0ce35c4f7f4df0a1c7a482e0931e1acacfb8d45d5b8&tag=girls/teens&sourceId=videoslider HTTP/1.1
Host: creative.xlivrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 19 Sep 2022 11:32:37 GMT
etag: W/"63285355-436f1"
expires: Thu, 22 Sep 2022 18:59:48 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
set-cookie: __cflb=02DiuDfsBaY2bRYJiCddNhqGgfsRfgxdZ52eGvYzxhmrk; SameSite=None; Secure; path=/; expires=Fri, 23-Sep-22 17:59:47 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed479b08540b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stagepopkek.com/lv/esnk/1830151/code.js
62.122.171.6200 OK 0 B URL HTTP/2 stagepopkek.com/lv/esnk/1830151/code.js
IP 62.122.171.6:0
GET /lv/esnk/1830151/code.js HTTP/1.1
Host: stagepopkek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
ber2g8e3keley.com/get/1830156?zoneid=1830156&jp=_clbm55rcu0wbzg5bv30rok&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5738543127446108
62.122.171.6200 OK 0 B URL HTTP/2 ber2g8e3keley.com/get/1830156?zoneid=1830156&jp=_clbm55rcu0wbzg5bv30rok&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5738543127446108
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1830156?zoneid=1830156&jp=_clbm55rcu0wbzg5bv30rok&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5738543127446108 HTTP/1.1
Host: ber2g8e3keley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22092213594d38005adf0b48099db689f66b; Path=/; Expires=Fri, 22 Sep 2023 18:59:48 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f4e5.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f4e5.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f4e5.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-28527574-33
142.250.74.72200 OK 0 B URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-28527574-33
IP 142.250.74.72:0
GET /gtag/js?id=UA-28527574-33 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 18:59:47 GMT
expires: Thu, 22 Sep 2022 18:59:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43298
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%3FcampaignId%3DvideoA2%26gender%3Dfemale%252Cfemales%252CmaleFemale%26isNew%3D0%26broadcastHD%3D0%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%26language%3Den%26autoplay%3DonHover%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26thumbsMargin%3D0%26responsive%3D1%26hideButton%3D1%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3Dff0023%26liveBadgeColor%3Dbd0000%26userId%3D883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4
104.18.42.40200 OK 0 B URL HTTP/2 go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%3FcampaignId%3DvideoA2%26gender%3Dfemale%252Cfemales%252CmaleFemale%26isNew%3D0%26broadcastHD%3D0%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%26language%3Den%26autoplay%3DonHover%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26thumbsMargin%3D0%26responsive%3D1%26hideButton%3D1%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3Dff0023%26liveBadgeColor%3Dbd0000%26userId%3D883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4
IP 104.18.42.40:0
GET /config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fv4%2FUniversal%3FcampaignId%3DvideoA2%26gender%3Dfemale%252Cfemales%252CmaleFemale%26isNew%3D0%26broadcastHD%3D0%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%26language%3Den%26autoplay%3DonHover%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26thumbsMargin%3D0%26responsive%3D1%26hideButton%3D1%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3Dff0023%26liveBadgeColor%3Dbd0000%26userId%3D883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4 HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: application/json
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 18:38:36 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuDfsBaY2bRYJiCeRWUB3HBu9a5K9VHv9FyeacvgF6; SameSite=None; Secure; path=/; expires=Fri, 23-Sep-22 17:59:48 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed47a1e9c20b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.xlirdr.com/api/models?gender=female%2Cfemales%2CmaleFemale&isNew=0&broadcastHD=0&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls&language=en&forceClient=1&stripcashR=0&limit=1&fields=tags
104.18.42.40200 OK 0 B URL HTTP/2 go.xlirdr.com/api/models?gender=female%2Cfemales%2CmaleFemale&isNew=0&broadcastHD=0&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls&language=en&forceClient=1&stripcashR=0&limit=1&fields=tags
IP 104.18.42.40:0
GET /api/models?gender=female%2Cfemales%2CmaleFemale&isNew=0&broadcastHD=0&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls&language=en&forceClient=1&stripcashR=0&limit=1&fields=tags HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: application/json
access-control-allow-origin: https://creative.xlirdr.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
last-modified: Thu, 22 Sep 2022 13:01:13 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuDfsBaY2bRYJiCddNhqGgfsRfgxdZ6WHKKgJDF6qa; SameSite=None; Secure; path=/; expires=Fri, 23-Sep-22 17:59:49 GMT; HttpOnly
server: cloudflare
cf-ray: 74ed47aa2abe0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f618.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f618.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f618.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ytboob.b-cdn.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
89.187.169.3200 OK 0 B URL HTTP/2 ytboob.b-cdn.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 89.187.169.3:0
ASN #60068 Datacamp Limited
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: ytboob.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: application/javascript; charset=utf-8
server: BunnyCDN-DE-752
cdn-pullzone: 266985
cdn-uid: 7f8b1b31-4dc9-4eb7-9d7e-92c70ed52a62
cdn-requestcountrycode: NO
vary: Accept-Encoding
age: 0
cache-control: public, max-age=604800
content-encoding: br
etag: W/"60f9a3c3-15db1"
last-modified: Thu, 22 Jul 2021 16:58:43 GMT
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ddg-cache-status: MISS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/10/2022 19:28:59
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 175812313e0017d68cb290df1508b991
cdn-cache: HIT
X-Firefox-Spdy: h2
stagepopkek.com/get/1830150?zoneid=1830150&jp=_cl4k1h3djndbgo9lkw3t6i&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3486743313724058
62.122.171.6200 OK 0 B URL HTTP/2 stagepopkek.com/get/1830150?zoneid=1830150&jp=_cl4k1h3djndbgo9lkw3t6i&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3486743313724058
IP 62.122.171.6:0
GET /get/1830150?zoneid=1830150&jp=_cl4k1h3djndbgo9lkw3t6i&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3486743313724058 HTTP/1.1
Host: stagepopkek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22092213593a8d0e0de73d4b7d8b6f3b3bbe; Path=/; Expires=Fri, 22 Sep 2023 18:59:47 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
creative.xlirdr.com/widgets/v4/Universal?campaignId=videoA2&gender=female%2Cfemales%2CmaleFemale&isNew=0&broadcastHD=0&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls&language=en&autoplay=onHover&thumbFit=cover&hideLiveBadge=0&hideModelName=0&autoplayForce=1&playButton=0&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&thumbsMargin=0&responsive=1&hideButton=1&hideTitle=1&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=ff0023&liveBadgeColor=bd0000&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4
104.18.42.40200 OK 0 B URL HTTP/2 creative.xlirdr.com/widgets/v4/Universal?campaignId=videoA2&gender=female%2Cfemales%2CmaleFemale&isNew=0&broadcastHD=0&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls&language=en&autoplay=onHover&thumbFit=cover&hideLiveBadge=0&hideModelName=0&autoplayForce=1&playButton=0&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&thumbsMargin=0&responsive=1&hideButton=1&hideTitle=1&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=ff0023&liveBadgeColor=bd0000&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4
IP 104.18.42.40:0
GET /widgets/v4/Universal?campaignId=videoA2&gender=female%2Cfemales%2CmaleFemale&isNew=0&broadcastHD=0&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls&language=en&autoplay=onHover&thumbFit=cover&hideLiveBadge=0&hideModelName=0&autoplayForce=1&playButton=0&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&thumbsMargin=0&responsive=1&hideButton=1&hideTitle=1&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=ff0023&liveBadgeColor=bd0000&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4 HTTP/1.1
Host: creative.xlirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: text/html
last-modified: Mon, 19 Sep 2022 11:33:49 GMT
expires: Thu, 22 Sep 2022 18:59:47 GMT
cache-control: max-age=10
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
set-cookie: __cflb=02DiuDfsBaY2bRYJiCeScBLPeXxw9eeb8vpYPiXSj6bhe; SameSite=None; Secure; path=/; expires=Fri, 23-Sep-22 17:59:47 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed479ddc4c0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ytboob.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
185.178.208.169200 OK 0 B URL HTTP/2 ytboob.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 185.178.208.169:0
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: ytboob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/fashion-week-topless-models/
Cookie: __ddg1_=SQQhMNuYp1zfWdxJzclF; _ga_B9HWGDSQ07=GS1.1.1663873186.1.0.1663873186.0.0.0; _ga=GA1.1.1819822229.1663873187
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 28 May 2022 11:08:06 GMT
vary: Accept-Encoding
etag: W/"62920296-48b9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f975.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f975.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f975.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
go.xlirdr.com/thumbs/view
104.18.42.40200 OK 0 B URL HTTP/2 go.xlirdr.com/thumbs/view
IP 104.18.42.40:0
POST /thumbs/view HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://creative.xlirdr.com
Content-Length: 81
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: application/json
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToQvE4FPLng5Mz6amGAT9NT3YTLJ828qYEGUA8c; SameSite=None; Secure; path=/; expires=Fri, 23-Sep-22 17:59:49 GMT; HttpOnly
server: cloudflare
cf-ray: 74ed47abec990b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ber2g8e3keley.com/get/1830156?zoneid=1830156&jp=_clp7mf7xxerh6klrpsk1fr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990342941102661
62.122.171.6200 OK 0 B URL HTTP/2 ber2g8e3keley.com/get/1830156?zoneid=1830156&jp=_clp7mf7xxerh6klrpsk1fr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990342941102661
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1830156?zoneid=1830156&jp=_clp7mf7xxerh6klrpsk1fr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990342941102661 HTTP/1.1
Host: ber2g8e3keley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22092213598a37fbb1cacd48db8b8121bf13; Path=/; Expires=Fri, 22 Sep 2023 18:59:48 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
creative.xlirdr.com/widgets/v4/Universal?gender=females%2Cfemale%2CmaleFemale&isNew=0&campaignId=belowVideo&targetDomain=ytboob.live&profileEthnicity=ethnicityAsian&broadcastHD=1&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls%2Fahegao%2Cgirls%2Fpregnant&language=en&autoplay=onHover&thumbFit=cover&hideLiveBadge=0&hideModelName=0&autoplayForce=1&playButton=0&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&titleText=Chat%20&thumbsMargin=2&responsive=1&hideButton=0&hideTitle=1&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4
104.18.42.40200 OK 0 B URL HTTP/2 creative.xlirdr.com/widgets/v4/Universal?gender=females%2Cfemale%2CmaleFemale&isNew=0&campaignId=belowVideo&targetDomain=ytboob.live&profileEthnicity=ethnicityAsian&broadcastHD=1&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls%2Fahegao%2Cgirls%2Fpregnant&language=en&autoplay=onHover&thumbFit=cover&hideLiveBadge=0&hideModelName=0&autoplayForce=1&playButton=0&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&titleText=Chat%20&thumbsMargin=2&responsive=1&hideButton=0&hideTitle=1&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4
IP 104.18.42.40:0
GET /widgets/v4/Universal?gender=females%2Cfemale%2CmaleFemale&isNew=0&campaignId=belowVideo&targetDomain=ytboob.live&profileEthnicity=ethnicityAsian&broadcastHD=1&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls%2Fahegao%2Cgirls%2Fpregnant&language=en&autoplay=onHover&thumbFit=cover&hideLiveBadge=0&hideModelName=0&autoplayForce=1&playButton=0&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&titleText=Chat%20&thumbsMargin=2&responsive=1&hideButton=0&hideTitle=1&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&userId=883ee4693b12c73350adfa22359143ae01fc71f5f997aaaf2d5451cc318e19d4 HTTP/1.1
Host: creative.xlirdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: text/html
last-modified: Mon, 19 Sep 2022 11:33:49 GMT
expires: Thu, 22 Sep 2022 18:59:49 GMT
cache-control: max-age=10
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
set-cookie: __cflb=02DiuDfsBaY2bRYJiCeRWUB3HBu9a5K9VHBKjn5vzf1kg; SameSite=None; Secure; path=/; expires=Fri, 23-Sep-22 17:59:47 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed479ddc530b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stagepopkek.com/get/1830151?zoneid=1830151&jp=_cluvlkim8ra6tf8k44cxns&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=109043593193650
62.122.171.6200 OK 0 B URL HTTP/2 stagepopkek.com/get/1830151?zoneid=1830151&jp=_cluvlkim8ra6tf8k44cxns&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=109043593193650
IP 62.122.171.6:0
GET /get/1830151?zoneid=1830151&jp=_cluvlkim8ra6tf8k44cxns&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=109043593193650 HTTP/1.1
Host: stagepopkek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:47 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2209221359486fbe67e19544dcaed05a143e; Path=/; Expires=Fri, 22 Sep 2023 18:59:47 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f449.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f449.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f449.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f351.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f351.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f351.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytboob.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ytboob.com/wp-admin/admin-ajax.php
185.178.208.169200 OK 0 B URL HTTP/2 ytboob.com/wp-admin/admin-ajax.php
IP 185.178.208.169:0
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: ytboob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 51
Origin: https://ytboob.com
Connection: keep-alive
Referer: https://ytboob.com/fashion-week-topless-models/
Cookie: __ddg1_=SQQhMNuYp1zfWdxJzclF; _ga_B9HWGDSQ07=GS1.1.1663873186.1.0.1663873186.0.0.0; _ga=GA1.2.1819822229.1663873187; __atuvc=1%7C38; __atuvs=632cb0a28a74c2a6000; _gid=GA1.2.194952644.1663873189; _gat_gtag_UA_28527574_33=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 22 Sep 2022 18:59:49 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://ytboob.com
access-control-allow-credentials: true
x-robots-tag: noindex
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
content-encoding: gzip
X-Firefox-Spdy: h2