urlscan.io logo urlscan.io
SecurityTrails logo

imig.yn.lt Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
URL: http://imig.yn.lt/top
Submission: On October 06 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 6 countries across 15 domains to perform 36 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is imig.yn.lt.
This is the only time imig.yn.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 54.36.158.42 16276 (OVH)
1 142.250.185.202 15169 (GOOGLE)
2 104.21.66.8 13335 (CLOUDFLAR...)
1 93.93.51.200 34655 (DOCLER-AS)
1 192.243.59.13 39572 (ADVANCEDH...)
1 2 104.21.68.54 13335 (CLOUDFLAR...)
8 178.33.123.218 16276 (OVH)
1 91.228.74.198 16509 (AMAZON-02)
2 2 104.18.5.207 13335 (CLOUDFLAR...)
1 6 104.18.4.207 13335 (CLOUDFLAR...)
1 172.104.29.90 63949 (LINODE-AP...)
5 172.66.43.174 13335 (CLOUDFLAR...)
1 31.192.112.221 48684 (VIKINGHOST)
1 2 18.66.97.52 16509 (AMAZON-02)
1 2 91.228.74.133 16509 (AMAZON-02)
1 66.254.122.32 29789 (REFLECTED)
1 172.66.40.82 13335 (CLOUDFLAR...)
1 142.250.185.131 15169 (GOOGLE)
36 18
2    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
imig.yn.lt
1    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
2    104.21.66.8 (None, )

ASN13335 (CLOUDFLARENET, US)
widget.supercounters.com
1    93.93.51.200 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
pt-static1.awestat.com
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl14439255.profitablegate.com
2    104.21.68.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.popmyads.com
popmyads.com
8    178.33.123.218 (France)

ASN16276 (OVH, FR)
PTR: d2.xtgem.com
xtgem.com
enif.images.xtstatic.com
cif.images.xtstatic.com
1    91.228.74.198 (United Kingdom)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
2    104.18.5.207 (None, )

ASN13335 (CLOUDFLARENET, US)
thcf2.redgifs.com
thcf8.redgifs.com
6    104.18.4.207 (None, )

ASN13335 (CLOUDFLARENET, US)
thumbs2.redgifs.com
thcf1.redgifs.com
1    172.104.29.90 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1848-90.members.linode.com
www.supercounters.com
5    172.66.43.174 (United States)

ASN13335 (CLOUDFLARENET, US)
creative.schjmp.com
go.schjmp.com
1    31.192.112.221 (Netherlands)

ASN48684 (VIKINGHOST, NL)
bngpt.com
2    18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    66.254.122.32 (United States)

ASN29789 (REFLECTED, US)
i.bcprm.com
1    172.66.40.82 (United States)

ASN13335 (CLOUDFLARENET, US)
go.schjmp.com
1    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
6 xtgem.com imig.yn.lt
5 thumbs2.redgifs.com imig.yn.lt
4 creative.schjmp.com imig.yn.lt
creative.schjmp.com
2 go.schjmp.com creative.schjmp.com
imig.yn.lt
2 pixel.quantserve.com 1 redirects imig.yn.lt
2 rules.quantcount.com 1 redirects imig.yn.lt
2 widget.supercounters.com imig.yn.lt
2 imig.yn.lt imig.yn.lt
1 fonts.gstatic.com fonts.googleapis.com
1 i.bcprm.com bngpt.com
1 bngpt.com imig.yn.lt
1 www.supercounters.com widget.supercounters.com
1 thcf8.redgifs.com 1 redirects
1 thcf1.redgifs.com 1 redirects
1 thcf2.redgifs.com 1 redirects
1 cif.images.xtstatic.com imig.yn.lt
1 enif.images.xtstatic.com imig.yn.lt
1 edge.quantserve.com imig.yn.lt
1 popmyads.com imig.yn.lt
1 cdn.popmyads.com 1 redirects
1 pl14439255.profitablegate.com imig.yn.lt
1 pt-static1.awestat.com imig.yn.lt
1 fonts.googleapis.com imig.yn.lt
36 23

This site contains links to these domains. Also see Links.

Domain
camnude.chaturbate.com
aweptjmp.com
xtgem.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
redgifs.com
Cloudflare Inc ECC CA-3		 2020-11-26 -
2021-11-25		 a year crt.sh
bngpt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-19 -
2022-04-18		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
i.bcprm.com
GoGetSSL RSA DV CA		 2021-06-18 -
2022-06-18		 a year crt.sh
*.xtgem.com
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://imig.yn.lt/top
Frame ID: 4CA2026962F54DB725F5C0D2130B65E1
Requests: 23 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: B2708DA23C4F0E9D1D597848FA2BC2F4
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: 93D77A271EE043A7B315AAF32B14C035
Requests: 1 HTTP requests in this frame

Frame: https://creative.schjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&b=dc31aa93.gif&path=%2F&language=en
Frame ID: F29EC75792319F132EC93EC03FC3BB94
Requests: 1 HTTP requests in this frame

Frame: https://creative.schjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&b=dc31aa93.gif&path=%2F&language=en
Frame ID: 92512E084DA88C753ED9F36461A0F95A
Requests: 1 HTTP requests in this frame

Frame: https://creative.schjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&b=dc31aa93.gif&path=%2F&language=en
Frame ID: 9F76610AE73C15A4DE3A477733BAA5A1
Requests: 6 HTTP requests in this frame

Frame: https://bngpt.com/promo.php?c=324479&type=referral_model_banner&size=728x90&name=bongacams2
Frame ID: 36EC71306CE0C428A6B8D34B4F5D5F4E
Requests: 2 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9pbWlnLnluLmx0XC90b3AiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJpbWlnLnluLmx0IiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Frame ID: FCF7F85942FC388D196FACC9D7C06707
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TOP CAM

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

36
Requests

47 %
HTTPS

0 %
IPv6

15
Domains

23
Subdomains

18
IPs

6
Countries

6307 kB
Transfer

6674 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://cdn.popmyads.com/pma.js HTTP 301
  • https://popmyads.com/x/pma
Request Chain 11
  • https://thcf2.redgifs.com/CleverJealousIndigobunting-mobile.mp4 HTTP 301
  • https://thumbs2.redgifs.com/CleverJealousIndigobunting-mobile.mp4
Request Chain 12
  • https://thcf1.redgifs.com/WarpedSeparateFerret-mobile.mp4 HTTP 301
  • https://thumbs2.redgifs.com/WarpedSeparateFerret-mobile.mp4
Request Chain 13
  • https://thcf8.redgifs.com/InfinitePoshDamselfly-mobile.mp4 HTTP 301
  • https://thumbs2.redgifs.com/InfinitePoshDamselfly-mobile.mp4
Request Chain 19
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 20
  • http://pixel.quantserve.com/pixel;r=1906288930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fimig.yn.lt%2Ftop;uht=2;fpan=1;fpa=P0-1323894588-1633495068707;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=yn.lt;je=0;sr=1600x1200x24;dst=0;et=1633495068707;tzo=0;ogl= HTTP 301
  • https://pixel.quantserve.com/pixel;r=1906288930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fimig.yn.lt%2Ftop;uht=2;fpan=1;fpa=P0-1323894588-1633495068707;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=yn.lt;je=0;sr=1600x1200x24;dst=0;et=1633495068707;tzo=0;ogl=

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set top
imig.yn.lt/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
9192e19b16486ee6f5a1acc0839f65b96b5ceec08e0e05033221ffa057168f4b

Request headers

Host
imig.yn.lt
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 06 Oct 2021 04:37:40 GMT
Vary
Host,Accept-Encoding
Set-Cookie
_xta_uid=19970365b1bcb44b157655fcd8f07dad; expires=Fri, 06-Oct-2023 04:37:48 GMT; Max-Age=63072000; path=/; domain=.yn.lt; httponly _xta_vid=60bad8971382f1214fa0305ca4540946-1633495068; expires=Wed, 06-Oct-2021 05:07:48 GMT; Max-Age=1800; path=/; domain=.yn.lt; httponly
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding
gzip
Content-Length
4415
Content-Type
text/html; charset=utf-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
xtgem_template.css
imig.yn.lt/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://imig.yn.lt/xtgem_template.css?v=1595147999
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
0b39f870702d05863e8ad3e519312445e96f77edcfb99b8bc126934aeb9b19b9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
imig.yn.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://imig.yn.lt/top
Cookie
_xta_uid=19970365b1bcb44b157655fcd8f07dad; _xta_vid=60bad8971382f1214fa0305ca4540946-1633495068
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:35:57 GMT
Content-Encoding
gzip
Age
110
Vary
Host,Accept-Encoding
X-Cache
HIT
Content-Type
text/css;charset=UTF-8
Connection
close
Accept-Ranges
bytes
Content-Length
3847
X-Cache-Hits
25
css
fonts.googleapis.com/ 		371 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Rochester
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
ec44ed53115ff86444a4b2e62dc09387119fe0ca66af386cbbda1c8367b87f0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 06 Oct 2021 04:37:48 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
Expires
Wed, 06 Oct 2021 04:37:48 GMT
online_i.js
widget.supercounters.com/ssl/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widget.supercounters.com/ssl/online_i.js
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
104.21.66.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
5115
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified
Tue, 11 Jul 2017 06:49:04 GMT
Server
cloudflare
ETag
W/"596474e0-109e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETvfoDePyn%2BceXT%2B6Q4eHXKL1yjt0euVLY81Zjao0ogMvskreGC%2FhUTha9HP8TRs3%2BvWWTVUnxnWS3c%2FNkIks7GF1LuAaXb77p28oWK0zEiShFBscIxa9U0EDd1hqZD1oYxpQubgePvRW10%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
699c3252b8b127b4-PRG
728xx90.gif
pt-static1.awestat.com/npt/banner/gif/girl_2/ 		272 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pt-static1.awestat.com/npt/banner/gif/girl_2/728xx90.gif?sid=a33c91b8&psid=djsilver&pstool=211_3&psprogram=revs&campaign_id=
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
80bde97e1368fe8c246f0db64d7743a70388a8f6adbf219a602d328d97593e60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
Last-Modified
Thu, 12 Aug 2021 12:18:31 GMT
Server
unknown
ETag
"61151197-43e07"
X-Cache-Status
R-HIT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
278023
6681482ac079a3a43337440e3bd22456.js
pl14439255.profitablegate.com/66/81/48/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pl14439255.profitablegate.com/66/81/48/6681482ac079a3a43337440e3bd22456.js
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 06 Oct 2021 04:37:48 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pma
popmyads.com/x/
Redirect Chain
  • https://cdn.popmyads.com/pma.js
  • https://popmyads.com/x/pma
88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/x/pma
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.68.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
f73eb854ba041fae2c2ff7bae977b44e7849ce7988bc965d7d5861d32c969011

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfKZczghqbiQlad0OJbnZ3MzE8tx%2Bh4hQceNoNXKfqy4FCaiTubxms32PoU%2FJsB0u%2BNXZdn8tzktTRc0BYfukEP1DyDPjK1GPCLQXlcXeRVc4zo49BXabUAnrbmcetQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
699c32531cc7411a-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 06 Oct 2021 04:37:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1106
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLy9gwgBRS5bZ7LcwhGlFlMTm%2BcrtXJre8CqXNs4V1MJhZhMWNhYkn7KniGtrh7ozjvXEjfspraTJzIM1gK0Ip2HQo8escEt9nekVv8LHr00uRqWDxHcK%2BJOwzgAGWH5NuRO"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://popmyads.com/x/pma
cache-control
max-age=14400
cf-ray
699c3252ecb0411a-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
xtgem-forums.jpg
xtgem.com/images/forum/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/forum/xtgem-forums.jpg
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
12af88849dcd3b09838185efbbaa7eae7231159ace07004afc5793d80378c34f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:37:39 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
9
ETag
"20c8-59774aa04e000"
X-Cache
HIT
Content-Type
image/jpeg
Expires
Fri, 05 Nov 2021 04:37:39 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
8392
X-Cache-Hits
2
page_templates_simple.js
xtgem.com/js/ 		982 B
802 B 		Script
General
Check archive.org
Download Go to
Full URL
http://xtgem.com/js/page_templates_simple.js
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
5b3002cada011b91348a429587aa8197d10f3557b68a485195a2dcc1ffcacc6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"3d6-59774aa04e000-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/javascript
Expires
Fri, 05 Nov 2021 04:37:48 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
409
X-Cache-Hits
0
quant.js
edge.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
Content-Encoding
gzip
Etag
"XUylRaJiJNdi08iU32oNYQ=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Expires
Wed, 13 Oct 2021 04:37:48 GMT
tp.gif
enif.images.xtstatic.com/ Frame B270 		42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
enif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://imig.yn.lt/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Fri, 05 Nov 2021 04:37:48 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
tp.gif
cif.images.xtstatic.com/ Frame 93D7 		42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
cif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://imig.yn.lt/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Fri, 05 Nov 2021 04:37:48 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
CleverJealousIndigobunting-mobile.mp4
thumbs2.redgifs.com/
Redirect Chain
  • https://thcf2.redgifs.com/CleverJealousIndigobunting-mobile.mp4
  • https://thumbs2.redgifs.com/CleverJealousIndigobunting-mobile.mp4
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://thumbs2.redgifs.com/CleverJealousIndigobunting-mobile.mp4
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.4.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Toilet Tissue
Resource Hash
3dea23a246ddcf32439cf56104fe5651f8768f40e494d38fe1d96fcbb6ce705f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
cf-cache-status
HIT
server
cloudflare
age
3600186
x-powered-by
Toilet Tissue
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-2091551/2091552
cache-control
public, max-age=31536000
cf-ray
699c32533ea22b35-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
2091552
expires
Thu, 06 Oct 2022 04:37:48 GMT

Redirect headers

date
Wed, 06 Oct 2021 04:37:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://thumbs2.redgifs.com/CleverJealousIndigobunting-mobile.mp4
cache-control
max-age=3600
cf-ray
699c32532d5c4333-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 06 Oct 2021 05:37:48 GMT
WarpedSeparateFerret-mobile.mp4
thumbs2.redgifs.com/
Redirect Chain
  • https://thcf1.redgifs.com/WarpedSeparateFerret-mobile.mp4
  • https://thumbs2.redgifs.com/WarpedSeparateFerret-mobile.mp4
191 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://thumbs2.redgifs.com/WarpedSeparateFerret-mobile.mp4
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.4.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Toilet Tissue
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
cf-cache-status
HIT
server
cloudflare
age
14339866
x-powered-by
Toilet Tissue
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-1841830/1841831
cache-control
public, max-age=31536000
cf-ray
699c32533ea62b35-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1841831
expires
Thu, 06 Oct 2022 04:37:48 GMT

Redirect headers

date
Wed, 06 Oct 2021 04:37:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://thumbs2.redgifs.com/WarpedSeparateFerret-mobile.mp4
cache-control
max-age=3600
cf-ray
699c32532e7b2b35-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 06 Oct 2021 05:37:48 GMT
InfinitePoshDamselfly-mobile.mp4
thumbs2.redgifs.com/
Redirect Chain
  • https://thcf8.redgifs.com/InfinitePoshDamselfly-mobile.mp4
  • https://thumbs2.redgifs.com/InfinitePoshDamselfly-mobile.mp4
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://thumbs2.redgifs.com/InfinitePoshDamselfly-mobile.mp4
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.4.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Toilet Tissue
Resource Hash
61a9b9cf6719cd70c210ba1f58094b7a13be08a5eedd5076f807c12fecc2b580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
cf-cache-status
HIT
server
cloudflare
age
14333760
x-powered-by
Toilet Tissue
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-1785448/1785449
cache-control
public, max-age=31536000
cf-ray
699c32532e852b35-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1785449
expires
Thu, 06 Oct 2022 04:37:48 GMT

Redirect headers

date
Wed, 06 Oct 2021 04:37:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://thumbs2.redgifs.com/InfinitePoshDamselfly-mobile.mp4
cache-control
max-age=3600
cf-ray
699c3253199a4e2b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 06 Oct 2021 05:37:48 GMT
fc.php
www.supercounters.com/ 		29 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.supercounters.com/fc.php?id=1400646&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&ref=&url=http%3A%2F%2Fimig.yn.lt%2Ftop&sw=1600&sh=1200&rand=26
Requested by
Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/online_i.js
Protocol
HTTP/1.1
Server
172.104.29.90 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1848-90.members.linode.com
Software
nginx/1.20.1 / PHP/7.4.13
Resource Hash
4708741bf9b89d29cde22552f2aadc0eca12b18168b8c178f83ecf719941b401

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Connection
keep-alive
X-Powered-By
PHP/7.4.13
Transfer-Encoding
chunked
Content-Type
application/x-javascript
wrapper
creative.schjmp.com/widgets/ Frame F29E 		0
0
wrapper
creative.schjmp.com/widgets/ Frame 9251 		0
0
wrapper
creative.schjmp.com/widgets/ Frame 9F76 		709 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.schjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&b=dc31aa93.gif&path=%2F&language=en
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.43.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ebc3e94200d1099acee7956b4bd228abeb1db8afbb656f7b245cc6eedf29b34

Request headers

:method
GET
:authority
creative.schjmp.com
:scheme
https
:path
/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&b=dc31aa93.gif&path=%2F&language=en
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://imig.yn.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
content-type
text/html
last-modified
Tue, 05 Oct 2021 07:05:04 GMT
expires
Wed, 06 Oct 2021 04:37:58 GMT
cache-control
max-age=10
pragma
public
report-to
{ "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
699c325319df6967-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
promo.php
bngpt.com/ Frame 36EC 		152 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bngpt.com/promo.php?c=324479&type=referral_model_banner&size=728x90&name=bongacams2
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
31.192.112.221 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
1ecf34e8537319020de6e11fde401c6121d1fe3456dcc1b2dba56e594649feee
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

:method
GET
:authority
bngpt.com
:scheme
https
:path
/promo.php?c=324479&type=referral_model_banner&size=728x90&name=bongacams2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://imig.yn.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/

Response headers

server
nginx
date
Wed, 06 Oct 2021 04:37:49 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
expires
Wed, 06 Oct 2021 04:37:48 GMT
cache-control
no-cache public
x-bcs
ded7015
strict-transport-security
max-age=0;
content-encoding
gzip
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
3 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 03:19:12 GMT
via
1.1 9015971351bc982a04ee209a022bb1f9.cloudfront.net (CloudFront)
age
4770
x-edge-origin-shield-skipped
0
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
content-length
3
last-modified
Sat, 04 Mar 2017 19:40:53 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
3PquzC-ZizvZgPwQG1pmFSiZociVeWBa06JZlWruDmMXjh_Q7C51xw==

Redirect headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
Via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
KpGdZ3vjcnt5-MstOFGbwmQKNQjVA_4GaEg9jtJDwzp07uYI_O9Tyg==
pixel;r=1906288930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fimig.yn.lt%2Ftop;uht=2;fpan=1;fpa=P0-1323894588-1633495068707;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=yn.lt;je=0...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=1906288930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fimig.yn.lt%2Ftop;uht=2;fpan=1;fpa=P0-1323894588-1633495068707;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;...
  • https://pixel.quantserve.com/pixel;r=1906288930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fimig.yn.lt%2Ftop;uht=2;fpan=1;fpa=P0-1323894588-1633495068707;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447...
35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1906288930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fimig.yn.lt%2Ftop;uht=2;fpan=1;fpa=P0-1323894588-1633495068707;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=yn.lt;je=0;sr=1600x1200x24;dst=0;et=1633495068707;tzo=0;ogl=
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 04:37:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel;r=1906288930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fimig.yn.lt%2Ftop;uht=2;fpan=1;fpa=P0-1323894588-1633495068707;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=yn.lt;je=0;sr=1600x1200x24;dst=0;et=1633495068707;tzo=0;ogl=
Date
Wed, 06 Oct 2021 04:37:48 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Thu, 07 Oct 2021 04:37:48 GMT
index.7f9e5c9fd64a611b927e.js
creative.schjmp.com/widgets/wrapper/ Frame 9F76 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.schjmp.com/widgets/wrapper/index.7f9e5c9fd64a611b927e.js
Requested by
Host: creative.schjmp.com
URL: https://creative.schjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&b=dc31aa93.gif&path=%2F&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.43.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3d1acfbd967be56996e9a38261b9913cf35bf1358ba67ae376b6d55d6a9513

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creative.schjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&b=dc31aa93.gif&path=%2F&language=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Oct 2021 07:10:22 GMT
server
cloudflare
etag
W/"615bfa5e-1b0c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPGyYnyhyx0FFx4OTa69qwmlTuXIp5NTPQTOLhaAvucw2Q3n1U7tAyhn5Z6OOCml98d4DsKCQnO0q7IjB%2FHwJoMJo6nRVkch84%2BoLuQ27Hr6Ez2vniHHeEc%2FabKm1%2FFHHcv%2F%2FNfy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
699c32537aa06967-FRA
expires
Wed, 06 Oct 2021 04:37:58 GMT
WarpedSeparateFerret-mobile.mp4
thumbs2.redgifs.com/ 		39 KB
39 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://thumbs2.redgifs.com/WarpedSeparateFerret-mobile.mp4
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.4.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Toilet Tissue
Resource Hash
669f5bc3dcd5ea72336bb5d4c4ef9c245c91969c17782a37e154e04f052c0666

Request headers

Referer
http://imig.yn.lt/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=1802240-

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
cf-cache-status
HIT
server
cloudflare
age
14339866
x-powered-by
Toilet Tissue
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 1802240-1841830/1841831
cache-control
public, max-age=31536000
cf-ray
699c3253afaf4309-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
39591
expires
Thu, 06 Oct 2022 04:37:48 GMT
en.gif
i.bcprm.com/referral_model_banners/728x90/bongacams2/ Frame 36EC 		294 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bcprm.com/referral_model_banners/728x90/bongacams2/en.gif
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=324479&type=referral_model_banner&size=728x90&name=bongacams2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.32 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
dcfb23748c133176043ff7b8cafc9ba7e324795a107bb140fd8730bef870b4f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
last-modified
Tue, 18 Jun 2019 13:46:22 GMT
content-type
image/gif
cache-control
max-age=2592000
x-cdn-diag
fra1-11055-5-26282-h-0-0---;11052-9-5287----0-0-1
accept-ranges
bytes
content-length
301244
expires
Sat, 23 Jan 2021 11:15:27 GMT
config
go.schjmp.com/ Frame 9F76 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.schjmp.com/config?url=https%3A%2F%2Fcreative.schjmp.com%2Fwidgets%2Fwrapper%3FuserId%3D347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154%26b%3Ddc31aa93.gif%26path%3D%252F%26language%3Den
Requested by
Host: creative.schjmp.com
URL: https://creative.schjmp.com/widgets/wrapper/index.7f9e5c9fd64a611b927e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8f8fd21d3d4a44597aa1a449847557902f2093ea715c5aa8bcbf19263dc40b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creative.schjmp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 04:35:58 GMT
x-backend
ds5453
age
110
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tukO6qvj30hVyebY3fJAOD%2Fr4kyEQzxG6%2FrE3PJFMNREUjDAHzkAwBEQtOEqiVhh43cqvjdpu0UBgYHm5344M%2Bp0ayr0Y6HemZt2Ass37PPh0g%2Fv%2BPSAouBO13LC2oA"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
699c3253e9184e4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
WarpedSeparateFerret-mobile.mp4
thumbs2.redgifs.com/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://thumbs2.redgifs.com/WarpedSeparateFerret-mobile.mp4
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.4.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Toilet Tissue
Resource Hash
24176b8d263b27161182e72c4ab73cb122e1c9701d4c1d68e9e9139ff26492ab

Request headers

Referer
http://imig.yn.lt/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=98304-

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
cf-cache-status
HIT
server
cloudflare
age
14339866
x-powered-by
Toilet Tissue
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 98304-1841830/1841831
cache-control
public, max-age=31536000
cf-ray
699c3253dffb4309-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1743527
expires
Thu, 06 Oct 2022 04:37:48 GMT
dc31aa93.gif
creative.schjmp.com/b/ Frame 9F76 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative.schjmp.com/b/dc31aa93.gif
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d342aab466d60013bee55f18d3515cf1fe7321964983471ebc9cc44d01ec49e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creative.schjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&b=dc31aa93.gif&path=%2F&language=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
attachment
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30656
last-modified
Tue, 05 Oct 2021 07:05:05 GMT
server
cloudflare
etag
"615bf921-77c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHo40UAK1wiH5PWdK6LVjtJ%2Bo8qVSdOfEt3z02xA2fWsHYoipPB6eVJEhBvXoFv45jpKHNbMJN5IMJDwXEZmby%2FQyP3c4kr15%2F2uMdvor6ls6rc7%2BGNz5qofnP7AjlLx6WEfpnbo"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
699c32544af63233-FRA
expires
Wed, 06 Oct 2021 04:37:58 GMT
e61c1c.png
widget.supercounters.com/images/online/ 		568 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widget.supercounters.com/images/online/e61c1c.png
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
104.21.66.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3101
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
568
last-modified
Fri, 27 Aug 2021 14:45:52 GMT
Server
cloudflare
etag
"6128faa0-238"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vb6ildRXAtHVynM41BhU9BqwXuj2IumBNckWUFDOPUUgNMeS28veGMW7JIaWf3VhRVmQ1OeweOlTLG2owwzu6kbXqhyyKvv5E1OJxDhrLfdTEZLxsX6vVw0my3W1NOVk%2BEgKz7c1T4PkUTc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
699c3254595a27b4-PRG
Cookie set __xt_authbar
xtgem.com/ Frame FCF7 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9pbWlnLnluLmx0XC90b3AiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJpbWlnLnluLmx0IiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
296e9313c342778e1931f1d1bd40e3e53c57676adca488bb2f8f577ffbe4da9a

Request headers

Host
xtgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://imig.yn.lt/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
session=w3~ohns0jp67gcd4u14j20e9r5l04; expires=Thu, 07-Oct-2021 04:37:48 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly __template=web; expires=Fri, 05-Nov-2021 04:37:48 GMT; Max-Age=2592000; path=/ __lang=US; expires=Fri, 05-Nov-2021 04:37:49 GMT; Max-Age=2592000; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2730
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
content_bg.png
xtgem.com/template_images/CoffeBreak/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/template_images/CoffeBreak/content_bg.png
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/xtgem_template.css?v=1595147999
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
d10da26ef18985a2a71b79c05af3e7226d4103828ea728130ffb9bc8b3f56bbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"280d-59774aa04e000"
X-Cache
MISS
Content-Type
image/png
Expires
Fri, 05 Nov 2021 04:37:48 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
10253
X-Cache-Hits
0
header_bg.png
xtgem.com/template_images/CoffeBreak/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/template_images/CoffeBreak/header_bg.png
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/xtgem_template.css?v=1595147999
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
a5be7d64b13659767e240aba7e2fd5a8a776e176e5362cd054002d7e16eb5529

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"1d7a-59774aa04e000"
X-Cache
MISS
Content-Type
image/png
Expires
Fri, 05 Nov 2021 04:37:48 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
7546
X-Cache-Hits
0
6ae-4KCqVa4Zy6Fif-UC2FHX.woff2
fonts.gstatic.com/s/rochester/v11/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/rochester/v11/6ae-4KCqVa4Zy6Fif-UC2FHX.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Rochester
Protocol
HTTP/1.1
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
0f4f767aecb1f77e7b0e4936aa2f7afc8926371e18e38012be1472cf0283e406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://imig.yn.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 10:46:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Jul 2020 19:38:07 GMT
Server
sffe
Age
64270
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
19684
X-XSS-Protection
0
Expires
Wed, 05 Oct 2022 10:46:38 GMT
close2.png
xtgem.com/images/ 		564 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://imig.yn.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 04:37:48 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
0
ETag
"234-59774aa04e000"
X-Cache
MISS
Content-Type
image/png
Expires
Fri, 05 Nov 2021 04:37:48 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
X-Cache-Hits
0
eye.gif
go.schjmp.com/ Frame 9F76 		103 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.schjmp.com/eye.gif?e=dXNlcklkPTM0Nzc4MzQwN2JjYWZmZDQzOTA0NGUxYzlkNDc3ODdkZjA0NGRlOWRlZjIwOThlNDhkMWI5MjUwYTcxYzkxNTQmcGF0aD0lMkYmbGFuZ3VhZ2U9ZW4mYmFubmVyPTcyOHg5MCUyRmVuZ2xpc2glMkYyLmdpZiZtb2RlbHNDb3VudD0wJnJlZmVycmVyJmk9MA%3D%3D
Requested by
Host: imig.yn.lt
URL: http://imig.yn.lt/top
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creative.schjmp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend
ds9539
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucePdCYE%2BgYT7L0MGO7UMXkzTTNxCNmFy7fF%2BLPjcM8HRtgFJ76ydTFYjubHGLEgkfz3qoYQiQvu0BsDuVtW9WgnAPQW%2FzViacKNy%2BlPpuz2dmLF7c19CZMS%2FskIJRO7"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cf-ray
699c3254ab443233-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
103
server
cloudflare
dc31aa93.gif
creative.schjmp.com/b/ Frame 9F76 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative.schjmp.com/b/dc31aa93.gif
Requested by
Host: creative.schjmp.com
URL: https://creative.schjmp.com/widgets/wrapper/index.7f9e5c9fd64a611b927e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d342aab466d60013bee55f18d3515cf1fe7321964983471ebc9cc44d01ec49e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://creative.schjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&b=dc31aa93.gif&path=%2F&language=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 04:37:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-disposition
attachment
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30656
last-modified
Tue, 05 Oct 2021 07:05:05 GMT
server
cloudflare
etag
"615bf921-77c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQMI6LISpq8khTzCHvsbDCFExySw0gHJuCNEstiWe20PtL36lnd73db4v8QcIXcO5E3VhXY7j8Ujh21QsMTO6dWAuIjoY%2BXgXi7x%2BBxryXhEtPxwmgkfclxl7EXrFdmJLXCt5Rs8"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
699c3254ab453233-FRA
expires
Wed, 06 Oct 2021 04:37:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
creative.schjmp.com
URL
https://creative.schjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&b=dc31aa93.gif&path=%2F&language=en
Domain
creative.schjmp.com
URL
https://creative.schjmp.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&b=dc31aa93.gif&path=%2F&language=en

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster object| _qevents boolean| cookies object| sc_olimg_var function| sc_online_i function| sc_onlineimage function| ct_insert function| drawText_online function| errorMsg function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| pmauid string| pmawid string| fq function| U6CC function| S2aa function| A7RR function| b2aa function| E188 function| H8OO function| R9RR function| L8OO object| _0x1e41 function| _0x43b3 string| popns function| b133 object| PMAPOP number| realBrowser number| fqq function| __xt_onload_events function| __xt_mark_active_navigation number| len

6 Cookies

Domain/Path Name / Value
.yn.lt/ Name: _xta_uid
Value: 19970365b1bcb44b157655fcd8f07dad
.yn.lt/ Name: _xta_vid
Value: 60bad8971382f1214fa0305ca4540946-1633495068
imig.yn.lt/ Name:
Value: test
.popmyads.com/ Name: __cf_bm
Value: 3yOQ2AvAeMg1BUU5FBZ1LKnTSwYHl0su8pY30SO81dg-1633495068-0-AddLa0aftMODlWkzOr/uelmXsdpvScMTvsgAZxCJEwK/4Pz8YzITK+GwKsKnPxtHDaPgdbL9Ii8HkSxl9XLDLsU=
.quantserve.com/ Name: mc
Value: 615d281c-baf7b-5adc1-5927a
.yn.lt/ Name: __qca
Value: P0-1323894588-1633495068707

1 Console Messages

Source Level URL
Text
network error URL: http://pl14439255.profitablegate.com/66/81/48/6681482ac079a3a43337440e3bd22456.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bngpt.com
cdn.popmyads.com
cif.images.xtstatic.com
creative.schjmp.com
edge.quantserve.com
enif.images.xtstatic.com
fonts.googleapis.com
fonts.gstatic.com
go.schjmp.com
i.bcprm.com
imig.yn.lt
pixel.quantserve.com
pl14439255.profitablegate.com
popmyads.com
pt-static1.awestat.com
rules.quantcount.com
thcf1.redgifs.com
thcf2.redgifs.com
thcf8.redgifs.com
thumbs2.redgifs.com
widget.supercounters.com
www.supercounters.com
xtgem.com
creative.schjmp.com
104.18.4.207
104.18.5.207
104.21.66.8
104.21.68.54
142.250.185.131
142.250.185.202
172.104.29.90
172.66.40.82
172.66.43.174
178.33.123.218
18.66.97.52
192.243.59.13
31.192.112.221
54.36.158.42
66.254.122.32
91.228.74.133
91.228.74.198
93.93.51.200
0b39f870702d05863e8ad3e519312445e96f77edcfb99b8bc126934aeb9b19b9
0f4f767aecb1f77e7b0e4936aa2f7afc8926371e18e38012be1472cf0283e406
12af88849dcd3b09838185efbbaa7eae7231159ace07004afc5793d80378c34f
1ecf34e8537319020de6e11fde401c6121d1fe3456dcc1b2dba56e594649feee
24176b8d263b27161182e72c4ab73cb122e1c9701d4c1d68e9e9139ff26492ab
296e9313c342778e1931f1d1bd40e3e53c57676adca488bb2f8f577ffbe4da9a
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9
2ebc3e94200d1099acee7956b4bd228abeb1db8afbb656f7b245cc6eedf29b34
3dea23a246ddcf32439cf56104fe5651f8768f40e494d38fe1d96fcbb6ce705f
4708741bf9b89d29cde22552f2aadc0eca12b18168b8c178f83ecf719941b401
4d342aab466d60013bee55f18d3515cf1fe7321964983471ebc9cc44d01ec49e
5b3002cada011b91348a429587aa8197d10f3557b68a485195a2dcc1ffcacc6f
61a9b9cf6719cd70c210ba1f58094b7a13be08a5eedd5076f807c12fecc2b580
669f5bc3dcd5ea72336bb5d4c4ef9c245c91969c17782a37e154e04f052c0666
6a8f8fd21d3d4a44597aa1a449847557902f2093ea715c5aa8bcbf19263dc40b
80bde97e1368fe8c246f0db64d7743a70388a8f6adbf219a602d328d97593e60
9192e19b16486ee6f5a1acc0839f65b96b5ceec08e0e05033221ffa057168f4b
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5be7d64b13659767e240aba7e2fd5a8a776e176e5362cd054002d7e16eb5529
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d10da26ef18985a2a71b79c05af3e7226d4103828ea728130ffb9bc8b3f56bbb
dcfb23748c133176043ff7b8cafc9ba7e324795a107bb140fd8730bef870b4f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec44ed53115ff86444a4b2e62dc09387119fe0ca66af386cbbda1c8367b87f0c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f73eb854ba041fae2c2ff7bae977b44e7849ce7988bc965d7d5861d32c969011
ff3d1acfbd967be56996e9a38261b9913cf35bf1358ba67ae376b6d55d6a9513