dl.pokemoner.com Open in urlscan Pro
176.123.8.49 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
Submission: On February 18 via manual (February 18th 2021, 4:45:36 am UTC) from PH

Summary HTTP 120 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 36 domains to perform 120 HTTP transactions. The main IP is 176.123.8.49, located in Chisinau, Moldova and belongs to ALEXHOST, MD. The main domain is dl.pokemoner.com.
TLS certificate: Issued by R3 on February 11th 2021. Valid for: 3 months.

This is the only time dl.pokemoner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	176.123.8.49 176.123.8.49	200019 (ALEXHOST) (ALEXHOST)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
21	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
11	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
17	172.67.39.17 172.67.39.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:60::a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	208.100.17.188 208.100.17.188	32748 (STEADFAST) (STEADFAST)
2 6	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
4 4	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
2 3	52.209.120.242 52.209.120.242	16509 (AMAZON-02) (AMAZON-02)
1 1	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
1	208.100.17.172 208.100.17.172	32748 (STEADFAST) (STEADFAST)
1 1	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.18.147.13 52.18.147.13	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
6 6	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	88.214.193.83 88.214.193.83	46636 (NATCOWEB) (NATCOWEB)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
1	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
2 3	88.221.62.154 88.221.62.154	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
120	30

2 176.123.8.49 (Chisinau, Moldova)

ASN200019 (ALEXHOST, MD)
PTR: mud-noire.greatdriven.net

dl.pokemoner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pokemoner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

b3u2w5c8.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.67.39.17 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:60::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5e6ns6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.188 (United States)

ASN32748 (STEADFAST, US)
PTR: ip188.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.218.208.246 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.62 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.150 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.209.120.242 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-120-242.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.151 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.172 (United States)

ASN32748 (STEADFAST, US)
PTR: ip172.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.63 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.147.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-147-13.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.47.23 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.79 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.193.83 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.236 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: proxy0394.eu3.dynfactory.com

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.221.62.154 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-62-154.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.109.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	youtube.com www.youtube.com	1 MB
21	stackpathcdn.com b3u2w5c8.stackpathcdn.com Failed	189 KB
17	infolinks.com resources.infolinks.com router.infolinks.com	270 KB
11	doubleclick.net 6 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	106 KB
10	pubmatic.com 10 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	6 KB
9	googlevideo.com r5---sn-4g5e6ns6.googlevideo.com	2 MB
7	gstatic.com fonts.gstatic.com www.gstatic.com	52 KB
6	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	7 KB
4	adnxs.com 4 redirects ib.adnxs.com	4 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	ytimg.com i.ytimg.com	422 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	ggpht.com yt3.ggpht.com	59 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	978 B
2	adform.net 2 redirects c1.adform.net	667 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	928 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	google.com www.google.com	13 KB
2	pokemoner.com dl.pokemoner.com www.pokemoner.com	174 KB
1	dyntrk.com gu.dyntrk.com	215 B
1	rfihub.com 1 redirects p.rfihub.com	721 B
1	ck-ie.com 1 redirects us.ck-ie.com	482 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	474 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	33across.com ssc-cms.33across.com	72 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	591 B
1	onetag-sys.com onetag-sys.com	818 B
1	tynt.com de.tynt.com	289 B
1	googleapis.com fonts.googleapis.com	1 KB
120	36

	Domain	Requested by
30	www.youtube.com	dl.pokemoner.com www.youtube.com
21	b3u2w5c8.stackpathcdn.com	dl.pokemoner.com
15	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
9	r5---sn-4g5e6ns6.googlevideo.com	www.youtube.com
6	image8.pubmatic.com	6 redirects
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	cm.g.doubleclick.net	4 redirects
4	ib.adnxs.com	4 redirects
4	i.ytimg.com	www.youtube.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	yt3.ggpht.com	www.youtube.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	c1.adform.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	sync.search.spotxchange.com	2 redirects
2	image4.pubmatic.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.1rx.io	2 redirects
2	eus.rubiconproject.com	router.infolinks.com eus.rubiconproject.com
2	www.gstatic.com	www.youtube.com
2	www.google.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	resources.infolinks.com	dl.pokemoner.com resources.infolinks.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	gu.dyntrk.com	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	us.ck-ie.com	1 redirects
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	ssc-cms.33across.com	router.infolinks.com
1	sync.targeting.unrulymedia.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	secure-assets.rubiconproject.com	1 redirects
1	www.pokemoner.com	dl.pokemoner.com
1	securepubads.g.doubleclick.net	b3u2w5c8.stackpathcdn.com
1	fonts.googleapis.com	dl.pokemoner.com
1	dl.pokemoner.com
120	47

This site contains links to these domains. Also see Links.

Domain
raboninco.com
pkmnerlink.com

Subject Issuer	Validity	Valid
dl.pokemoner.com R3	`2021-02-11` - `2021-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.stackpathcdn.com Go Daddy Secure Certificate Authority - G2	`2019-06-27` - `2021-06-27`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
pokemoner.com R3	`2021-02-11` - `2021-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-02-09` - `2021-04-20`	2 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
gu.dyntrk.com R3	`2021-02-09` - `2021-05-10`	3 months	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
Frame ID: 631069C4EE9F891829A455C6D709AA35
Requests: 33 HTTP requests in this frame

Frame: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
Frame ID: CD064EB72B938231C0F1611F0B903FF1
Requests: 43 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FcK1LSGJMoU
Frame ID: 883F0AF6EDA4CBE00B2F70A866190E4B
Requests: 17 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Frame ID: 0E4C5FA373B97A61943FB37584C27991
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Frame ID: 5374CB15D58AE4230B97D0E6D1A780D4
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: C2291CDA6BB87857D6998B3DF7F00F50
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Frame ID: 96B3E1329B0868957D1F9CF27BB7EFD7
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: A9E698E5051C73D270C104C25A96A33D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i
html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

120
Requests

99 %
HTTPS

25 %
IPv6

36
Domains

47
Subdomains

30
IPs

8
Countries

4447 kB
Transfer

9057 kB
Size

19
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://raboninco.com/4qV7
Title: Donate to me!

Search URL Search Domain Scan URL

URL: http://pkmnerlink.com/E3OzEf8MbOu3bm
Title: Primary Download (23.1 MB – Not Ads – pkmnerlink)

Search URL Search Domain Scan URL

URL: https://pkmnerlink.com/full?api=47f0e306384dc740b539de9d94b090c91b8bfda8&url=aHR0cHM6Ly93d3cudXAtNGV2ZXIub3JnL20xN2ljY2JlcTExNw==&type=2
Title: Primary Download(23.1 MB – Not Ads – up-4ever)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 43

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 73

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east

Request Chain 75

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

Request Chain 77

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=4364165372296136531

Request Chain 78

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7546414803 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7546414803 HTTP 302
https://sync.1rx.io/usersync/tradedesk/30c67702-a886-4e3a-a736-21e40aab728f HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e1da11d1-bc7e-4c2a-b67b-061ce1041834-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-e1da11d1-bc7e-4c2a-b67b-061ce1041834-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-e1da11d1-bc7e-4c2a-b67b-061ce1041834-003

Request Chain 80

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 82

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fdl.pokemoner.com%252F2019%252F06%252Fpokemon-omega-ruby-update-v1-4-for-citra.html&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fdl.pokemoner.com%25252F2019%25252F06%25252Fpokemon-omega-ruby-update-v1-4-for-citra.html%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fdl.pokemoner.com%2F2019%2F06%2Fpokemon-omega-ruby-update-v1-4-for-citra.html&pid=12306&adnxs_uid=4364165372296136531

Request Chain 84

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP1609d381-71a4-11eb-b56d-06da1a49f4f4 HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP1609d381-71a4-11eb-b56d-06da1a49f4f4&verify=true HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-ueQMNoN1l2ZlctNf71tfMV66jxhjum16~UP1609d381-71a4-11eb-b56d-06da1a49f4f4

Request Chain 85

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=c015a4c307c3d7119de2ca0b

Request Chain 86

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEU2Q0EwQTMtMDVDQy00RjBGLTg5REUtREFGNEMxNEQ3NDc2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DAA526256-18AB-4A08-959F-838AB8F1A0AC HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=AA526256-18AB-4A08-959F-838AB8F1A0AC

Request Chain 87

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUE1MjYyNTYtMThBQi00QTA4LTk1OUYtODM4QUI4RjFBMEFD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DAA526256-18AB-4A08-959F-838AB8F1A0AC HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=AA526256-18AB-4A08-959F-838AB8F1A0AC

Request Chain 88

https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D HTTP 302
https://router.infolinks.com/dyn/bizzc-usync?uid=4e42123fce38789612b4874d31f3ab695fa4315da8390bf163a6d8a9c24cd49a

Request Chain 90

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=1875819617220103417

Request Chain 91

https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=16348dbe-71a4-11eb-b812-107c10e92006 HTTP 302
https://router.infolinks.com/dyn/sx-usync?uid=16348d84-71a4-11eb-b812-107c10e92006

Request Chain 92

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-n199F3R1l2Z8O0dcNbIgnI07_nI7UecMeNZ5cGY-

Request Chain 102

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YC3w2EePZARMNYLe0U9ecwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOtSuprM58oBJzw594EneJQ&google_cver=1

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YC3w2EePZARMNYLe0U9ecwAABHUAAAAB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDeqyNtXD_tOCjBq2Q1y0m0&google_cver=1

Request Chain 105

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YC3w2EePZARMNYLe0U9ecwAABHUAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YC3w2EePZARMNYLe0U9ecwAABHUAAAAB&dcc=t

Request Chain 106

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2767710718063186030&expiration=1614833112

Request Chain 108

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6669099121962311753&uid=Q6669099121962311753&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 109

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YC3w2EePZARMNYLe0U9ecwAA%261141 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YC3w2EePZARMNYLe0U9ecwAA%261141

120 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request pokemon-omega-ruby-update-v1-4-for-citra.html Show response
dl.pokemoner.com/2019/06/ 54 KB
16 KB 230ms
78ms Document
text/html 176.123.8.49
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

176.123.8.49 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),

Reverse DNS

mud-noire.greatdriven.net

Software

Apache/2.4.37 (centos) OpenSSL/1.1.1c mod_fcgid/2.3.9 PHP/7.2.24 / PHP/7.4.13

Resource Hash

d97cd63d22c6ff6812f27088d666066294e39e007741b4947dbbf279c30a8f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Host: dl.pokemoner.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 04:45:11 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1c mod_fcgid/2.3.9 PHP/7.2.24
X-Powered-By: PHP/7.4.13
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 17 Feb 2021 18:33:31 GMT
Cache-Control: max-age=0
Expires: Thu, 18 Feb 2021 04:45:11 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16292
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET generatepress.woff2
b3u2w5c8.stackpathcdn.com/wp-content/themes/generatepress/assets/fonts/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 24ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&display=swap

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63e971626cb7961fb014906a5476a7353bba89331013e001bb16b4a6ac5ce93f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 03:40:35 GMT
server: ESF
date: Thu, 18 Feb 2021 04:45:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Feb 2021 04:45:11 GMT

GET
H2 200 style.min.css
b3u2w5c8.stackpathcdn.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 92ms
27ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.1

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 13:04:19 GMT
server: fbs
etag: "1612962259"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds258.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 7855

GET
H2 200 font-awesome.min-46040e227678b972422e4eeb836e8a38.css
b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/assets/fonts/awesome/assets/v4/css/ 18 KB
4 KB 92ms
28ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/assets/fonts/awesome/assets/v4/css/font-awesome.min-46040e227678b972422e4eeb836e8a38.css

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

6a04f704f1ff8f018568020f67b9a9a4eb47a0c1029358b195de73feefd36153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 10:24:55 GMT
server: fbs
etag: "1613471095"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds064.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 3990

GET
H2 200 animate.min.css
b3u2w5c8.stackpathcdn.com/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/ 17 KB
3 KB 96ms
33ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/animate.min.css?ver=1.1.3

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 07 Nov 2017 18:05:29 GMT
server: fbs
etag: "1510077929"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds001.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 2621

GET
H2 200 spr_columns-73016bfee111d3ddf7dbfad5e7736409.css
b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/ 1 KB
492 B 96ms
34ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/spr_columns-73016bfee111d3ddf7dbfad5e7736409.css

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

cfb829354040f367c2c97ee3716d87f194c6d2a23ecfdd4901d7c22e3b8be3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 10:24:55 GMT
server: fbs
etag: "1613471095"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds236.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 396

GET
H2 200 all.min.css
b3u2w5c8.stackpathcdn.com/wp-content/themes/generatepress/assets/css/ 31 KB
7 KB 98ms
37ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/themes/generatepress/assets/css/all.min.css?ver=3.0.2

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

73bbc5206f991d8a603fe956c759d27cc4185cac74373f507b4e2dbf4764047c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Sat, 21 Nov 2020 16:56:28 GMT
server: fbs
etag: "1605977788"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds220.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 6798

GET
H2 200 font-icons.min-2df21c8df4608d1e1b9acc244befb995.css
b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/ 3 KB
866 B 98ms
38ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-icons.min-2df21c8df4608d1e1b9acc244befb995.css

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

dd4993e5c6015cb663a4ff917d77897ed71deda6eedaed515b41326305b3ed72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 10:24:55 GMT
server: fbs
etag: "1613471095"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds250.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 770

GET
H2 200 font-awesome.min-d9b9eb0ccd70557f6f08716563ccbd00.css
b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/ 30 KB
7 KB 103ms
44ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-awesome.min-d9b9eb0ccd70557f6f08716563ccbd00.css

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

4f61525c435935afe56cf850326d30eddbac45d82f9ec281cc2554eb570efff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 10:24:55 GMT
server: fbs
etag: "1613471095"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds056.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 6976

GET
H2 200 style-71e52ef4bc4a285b6c9b675e1302ce7b.css
b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress-child/ 3 KB
1014 B 105ms
47ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress-child/style-71e52ef4bc4a285b6c9b675e1302ce7b.css

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

38276b3c1055b8020b788afdd1c824704dbe1ff5f0b9e375d7a4da1cfa8db6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 10:24:55 GMT
server: fbs
etag: "1613471095"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds213.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 918

GET
H2 200 style.css
b3u2w5c8.stackpathcdn.com/wp-content/themes/generatepress/ 2 KB
1 KB 101ms
44ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/themes/generatepress/style.css?ver=5.6.1

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

e6ab7ae1e01d6076ece634d1ce4aab6c1da47c51877e97ace9d03486c6ab326e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Sat, 21 Nov 2020 16:56:28 GMT
server: fbs
etag: "1605977788"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds032.lo4.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 1045

GET
H2 200 jquery.min.js Show response
b3u2w5c8.stackpathcdn.com/wp-includes/js/jquery/ 87 KB
30 KB 104ms
49ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 13:04:20 GMT
server: fbs
etag: "1612962260"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds247.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 30916

GET
H2 200 jquery-migrate.min.js Show response
b3u2w5c8.stackpathcdn.com/wp-includes/js/jquery/ 11 KB
4 KB 26ms
26ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 13:04:20 GMT
server: fbs
etag: "1612962260"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds247.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 4169

GET
H2 200 full-page-script-5a8f9466ce938e286708961f89a44640.js Show response
b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress-child/js/ 2 KB
856 B 26ms
26ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress-child/js/full-page-script-5a8f9466ce938e286708961f89a44640.js

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

30a3754e02cc0b4a7b85fcee6c75431e62f5ab2b64912f328d3a70e27aa72572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 10:24:55 GMT
server: fbs
etag: "1613471095"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds081.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 760

GET
H2 200 gpt-8512220525ce16fad389e1496b7e9273.js Show response
b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/tag/js/ 56 KB
19 KB 30ms
28ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/tag/js/gpt-8512220525ce16fad389e1496b7e9273.js

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

dd78dd39662b24e26a0298d4fcf17c897e802280517b7ee108ac13595c8a69ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 10:24:55 GMT
server: fbs
etag: "1613471095"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds072.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 19419

GET
H2 200 site-c190521181df437c8d79c396958258a6.js Show response
b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/s/pokemoner.com/ 286 KB
86 KB 30ms
29ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/s/pokemoner.com/site-c190521181df437c8d79c396958258a6.js

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

23660eccf0bd249016776aa465acb8d45971d38ce9954b2802158a0c5876cac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 10:24:56 GMT
server: fbs
etag: "1613471096"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds241.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 87404

GET
H2 200 infolinks_main-e82a9357d5dfd5486ed1e2e0a97a9547.js Show response
b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/js/ 3 KB
2 KB 44ms
43ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/js/infolinks_main-e82a9357d5dfd5486ed1e2e0a97a9547.js

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

c24ed6b4868df519b5aeb4e6ee97ae6144737cc417f402f19e93434702f2fc9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 10:24:56 GMT
server: fbs
etag: "1613471096"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds020.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 1777

GET
H2 200 core.min.js Show response
b3u2w5c8.stackpathcdn.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 44ms
43ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

5be7f1c5aafff9458c12362747e1ad99ea6b891b82995622e2f448427ece1480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 13:04:20 GMT
server: fbs
etag: "1612962260"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds241.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 6875

GET
H2 200 spr_inViewport-fcda16cc499c81515c98cd6330d0f6b5.js Show response
b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/js/ 360 B
353 B 45ms
44ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/js/spr_inViewport-fcda16cc499c81515c98cd6330d0f6b5.js

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

749465d389587e1e1c28f0044cbe3b0fa1dc84da3aa83f68a127b2984c389e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 10:24:56 GMT
server: fbs
etag: "1613471096"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds066.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 257

GET
H2 200 parallax.min.js Show response
b3u2w5c8.stackpathcdn.com/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/js/ 7 KB
2 KB 45ms
44ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/js/parallax.min.js?ver=1.1.3

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

70d6fd02b5462a15e479da3064af714710a9afaaaa724e49bc202cb8ccc994fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Tue, 07 Nov 2017 11:44:07 GMT
server: fbs
etag: "1510055047"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds062.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 2324

GET
H2 200 main.min.js Show response
b3u2w5c8.stackpathcdn.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 46ms
45ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.2

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Sat, 21 Nov 2020 16:56:28 GMT
server: fbs
etag: "1605977788"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds227.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 1765

GET
H2 200 lazyload.min.js Show response
b3u2w5c8.stackpathcdn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 46ms
45ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 08:50:24 GMT
server: fbs
etag: "1613119824"
vary: Accept-Encoding
x-hw: 1613623511.cds056.lo4.hn,1613623511.cds084.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 2704

GET
H2 200 o1OtQKhlixU Show response
www.youtube.com/embed/ Frame CD06 51 KB
22 KB 55ms
54ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c70a1579ba03863bfb783035a6fab815758a4dafd78e8699f70db1d0a1b7d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Feb 2021 04:45:11 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=l3pODYDhjso; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=juC4HDB1nqc; Domain=.youtube.com; Expires=Tue, 17-Aug-2021 04:45:11 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+893; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8277d3b312f84417a05400643587eaa0982065618af9e1cafc8f72316e6fd1e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dl.pokemoner.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 22:00:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 24272
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 17 Feb 2022 22:00:39 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dl.pokemoner.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 519576
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:35 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dl.pokemoner.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 519573
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:38 GMT

GET
H2 200 FcK1LSGJMoU Show response
www.youtube.com/embed/ Frame 883F 51 KB
22 KB 53ms
53ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/FcK1LSGJMoU

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee5832a0f557ebf0438864ece3c5b1ff633269eebbfe3abe5e9eb54d036eace5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/FcK1LSGJMoU
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Feb 2021 04:45:11 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=OHrVLLn9DfU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=D59tknNBlCU; Domain=.youtube.com; Expires=Tue, 17-Aug-2021 04:45:11 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+114; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1733.015-3.011/ 580 KB
186 KB 74ms
38ms Script
application/javascript 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1733.015-3.011/ice.js
Requested by: Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eebf69bec9791eaad8c406b0cf494cb89de9eb62eb4d8375aee2ae874f048c3

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 623518e3984e0b2f-AMS
date: Thu, 18 Feb 2021 04:45:11 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Sat, 30 Jan 2021 06:54:27 GMT
server: cloudflare
age: 4110
etag: W/"9101b-5ba189788e39b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 08550de23e00000b2fff3b0000000001
expires: Sat, 20 Mar 2021 03:36:41 GMT

GET
H2 200 pubads_impl_2021021001.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
102 KB 86ms
31ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js

Requested by

Host: b3u2w5c8.stackpathcdn.com
URL: https://b3u2w5c8.stackpathcdn.com/wp-content/cache/min/1/tag/js/gpt-8512220525ce16fad389e1496b7e9273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

c11fb9ac4922e75ae9e0a017f41ae36febd8a185834b7bb608e9049ebe68da62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 15:07:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103470
x-xss-protection: 0
expires: Thu, 18 Feb 2021 04:45:11 GMT

GET
H/1.1 200
OK 656px-Omega_Ruby_EN_boxart.jpg
www.pokemoner.com/wp-content/uploads/2016/01/ 157 KB
157 KB 221ms
64ms Image
image/jpeg 176.123.8.49
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pokemoner.com/wp-content/uploads/2016/01/656px-Omega_Ruby_EN_boxart.jpg

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

176.123.8.49 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),

Reverse DNS

mud-noire.greatdriven.net

Software

Apache/2.4.37 (centos) OpenSSL/1.1.1c mod_fcgid/2.3.9 PHP/7.2.24 /

Resource Hash

77424461fa75ef9d152cd049b4c01ad73d89660087d55c0e331f7f2e36f28096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 04:45:11 GMT
Last-Modified: Sat, 21 Nov 2020 16:47:06 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1c mod_fcgid/2.3.9 PHP/7.2.24
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 160569
Expires: Fri, 18 Jun 2021 04:45:11 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/6eebf7aa/ Frame CD06 340 KB
51 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0651e9a718a6ce3d030e0086532dad8caf7571b961e311fda509a47d0ba4bd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 129489
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52099
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:47:02 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/ Frame CD06 157 KB
57 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f003001a164fc40eb7a767dcb8f36dce6ba51e3f6852f38f9400322dfa59f252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 14291
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58426
x-xss-protection: 0
expires: Fri, 18 Feb 2022 00:47:00 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame CD06 1 MB
493 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37555d2a8631f6c69e94303caf2b0f844327688c004f02e7549f15834558c263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 129463
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504129
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:47:28 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/ Frame CD06 8 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 23:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 17772
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 17 Feb 2022 23:48:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CD06 10 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 519573
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:38 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/6eebf7aa/ Frame 883F 340 KB
51 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FcK1LSGJMoU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0651e9a718a6ce3d030e0086532dad8caf7571b961e311fda509a47d0ba4bd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 129489
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52099
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:47:02 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/ Frame 883F 157 KB
57 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FcK1LSGJMoU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f003001a164fc40eb7a767dcb8f36dce6ba51e3f6852f38f9400322dfa59f252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 14291
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58426
x-xss-protection: 0
expires: Fri, 18 Feb 2022 00:47:00 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame 883F 1 MB
493 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FcK1LSGJMoU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37555d2a8631f6c69e94303caf2b0f844327688c004f02e7549f15834558c263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 129463
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504129
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:47:28 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/ Frame 883F 8 KB
3 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FcK1LSGJMoU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 23:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 17772
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 17 Feb 2022 23:48:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 883F 10 KB
11 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FcK1LSGJMoU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 519573
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:38 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CD06
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
1 KB

54ms
41ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c3eea12a7b2e63bd35dedf66cecf80e468c2238e64c803732ad619f035e1f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 Feb 2021 04:45:11 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CD06 29 B
407 B 25ms
5ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:30:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 880
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 18 Feb 2021 04:45:31 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 883F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
298 B

55ms
42ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FcK1LSGJMoU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

761dbe686d6a7c2aede21ce7b9de9aab802c872487644f21577c2e1795bf41f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 Feb 2021 04:45:11 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 883F 29 B
394 B 32ms
19ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:30:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 880
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 18 Feb 2021 04:45:31 GMT

GET
H2 200 d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Show response
www.google.com/js/bg/ Frame CD06 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 02:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 8584
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6215
x-xss-protection: 0
expires: Fri, 18 Feb 2022 02:22:07 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame CD06 29 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51acacfa29a4836037ad7a3484b636a8d1adf06f44189818d07970054f4cb23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 02:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 6677
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9707
x-xss-protection: 0
expires: Fri, 18 Feb 2022 02:53:54 GMT

POST
H3-Q050 200 player Show response
www.youtube.com/youtubei/v1/ Frame CD06 90 KB
20 KB 83ms
82ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d4a1f82f822b817587f63c06ac401d5c10e5cca7594ad345460efea75cd9b4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210214.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Goog-Visitor-Id: CgtqdUM0SERCMW5xYyjX4beBBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20323
x-xss-protection: 0
expires: Thu, 18 Feb 2021 04:45:11 GMT

GET
DATA 200
OK truncated
/ Frame CD06 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnj2M6Rg_Ea31NS_8qMpUzMjyqj6NDNvlWKFqZrOTQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CD06 5 KB
6 KB 27ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnj2M6Rg_Ea31NS_8qMpUzMjyqj6NDNvlWKFqZrOTQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f5de44db5dd1fb15a0464d21d48311b316e96fa7de1a9ca820d0a406fc82522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 02:19:17 GMT
x-content-type-options: nosniff
age: 8754
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5453
x-xss-protection: 0
server: fife
etag: "v373"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Feb 2021 05:50:15 GMT

GET
DATA 200
OK truncated
/ Frame CD06 198 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 732904ab52c039ec58e18bf77e3a59668cd8942e39699cf6986ef08eeca6ce87

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.011/ 247 KB
79 KB 28ms
28ms Script
application/javascript 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.011/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1733.015-3.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe995e4a77e0247cc060ddf1418dce41f899f5e06b83d096c797c7c47b32c70b

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 623518e55b7f0b2f-AMS
date: Thu, 18 Feb 2021 04:45:11 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 19 Jan 2021 10:12:08 GMT
server: cloudflare
age: 5161
etag: W/"3db96-5b93e12351505"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 08550de35800000b2f56260000000001
expires: Sat, 20 Mar 2021 03:19:10 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 0E4C 9 KB
2 KB 139ms
138ms Document
text/html 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1733.015-3.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 730fc5ab4a6f736c63ec286d6cd8f53020160b3ff7291876fd30591cedd12e2a

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=3100725&wsid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d6ee19f17bb2ca77e8b77f14bbe6242581613623511; expires=Sat, 20-Mar-21 04:45:11 GMT; path=/; domain=.infolinks.com; HttpOnly; SameSite=Lax
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 08550de36e00000b2f541c3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 623518e57bbc0b2f-AMS
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
101 B 127ms
127ms Script
text/plain 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3100725&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1733.015-3.011/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 623518e58bc10b2f-AMS
content-length: 0
cf-request-id: 08550de37000000b2fe0af3000000001

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame 883F 95 KB
31 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6109e8fab058603a1e83d35427f0f994937d00b9e19bc79e6cc919e01d4f3280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 24951
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32155
x-xss-protection: 0
expires: Thu, 17 Feb 2022 21:49:20 GMT

GET
H3-Q050 200 d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Show response
www.google.com/js/bg/ Frame 883F 14 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 02:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 8584
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6215
x-xss-protection: 0
expires: Fri, 18 Feb 2022 02:22:07 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame 883F 29 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51acacfa29a4836037ad7a3484b636a8d1adf06f44189818d07970054f4cb23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 02:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 6677
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9707
x-xss-protection: 0
expires: Fri, 18 Feb 2022 02:53:54 GMT

GET
DATA 200
OK truncated
/ Frame 883F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 AAUvwnj2M6Rg_Ea31NS_8qMpUzMjyqj6NDNvlWKFqZrOTQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 883F 5 KB
6 KB 26ms
13ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnj2M6Rg_Ea31NS_8qMpUzMjyqj6NDNvlWKFqZrOTQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FcK1LSGJMoU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f5de44db5dd1fb15a0464d21d48311b316e96fa7de1a9ca820d0a406fc82522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 02:19:17 GMT
x-content-type-options: nosniff
age: 8754
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5453
x-xss-protection: 0
server: fife
etag: "v373"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Feb 2021 05:50:15 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/FcK1LSGJMoU/ Frame 883F 160 KB
161 KB 37ms
17ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/FcK1LSGJMoU/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FcK1LSGJMoU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b90f034cb435bf117c9fcadffb3bc33eca236a437f2b1c091e8d3664124962fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:11 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1469535564"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164200
x-xss-protection: 0
expires: Thu, 18 Feb 2021 06:45:11 GMT

POST
H3-Q050 204 qoe
www.youtube.com/api/stats/ Frame CD06 0
158 B 14ms
14ms Other
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=zXVNKiRmmKhjL_Ld&ei=1_AtYIf1M6qDx_AP__-qyAo&el=embedded&docid=o1OtQKhlixU&ns=yt&fexp=23857949%2C23940248%2C23969934%2C23976578%2C23983296%2C23992809%2C23999568%2C24000883&cl=357483374&seq=1&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210214.0.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&vps=0.000:N,0.199:N&afs=0.199:251::i&vfs=0.199:243:243::r&view=0.199:280:158&bwe=0.199:130000&bat=0.199:1:1&vis=0.199:0&cmt=0.199:0.000&bh=0.199:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:11 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame CD06 90 KB
91 KB 64ms
48ms XHR
video/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1613645111&ei=1_AtYIf1M6qDx_AP__-qyAo&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APx7Umah7tfCBoE0_VFnj7Z36dpAsA4uI4TGiYHwP9EM&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Ai&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5edns6&ms=au%2Crdu&mv=m&mvi=5&pl=41&initcwndbps=883750&vprv=1&mime=video%2Fwebm&ns=p4FURgtpw4gYVoMLe4nBSYAF&gir=yes&clen=14682987&dur=831.633&lmt=1613016772682282&mt=1613623028&fvip=5&keepalive=yes&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=r26DKKLw6mFB3Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPTQZf4DqUs1nPOxjb9al19FA5bdb7WqoaN_KPf2lPacAiBkQScXsqDl4Tli3LrgvMg1gqtjo4BPKZf81vnYgCbVJg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgC1gAU77RQvNG1wSQRdgM2oh044gmxqCur5qHAlx02qICIE5bCDR1c3OYbbu0EZ0Po6YZgYXmH33jb6nMh3GQgPl-&alr=yes&cpn=zXVNKiRmmKhjL_Ld&cver=1.20210214.0.0&range=0-92491&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fbf959f1cb1f0b832d38cd88d29dc2adc7e4223f750cb36df2efd4e278859289

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 04:45:12 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 92492
Last-Modified: Thu, 11 Feb 2021 04:12:52 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Thu, 18 Feb 2021 04:45:12 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame CD06 66 KB
67 KB 44ms
30ms XHR
audio/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1613645111&ei=1_AtYIf1M6qDx_AP__-qyAo&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APx7Umah7tfCBoE0_VFnj7Z36dpAsA4uI4TGiYHwP9EM&itag=251&source=youtube&requiressl=yes&mh=Ai&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5edns6&ms=au%2Crdu&mv=m&mvi=5&pl=41&initcwndbps=883750&vprv=1&mime=audio%2Fwebm&ns=p4FURgtpw4gYVoMLe4nBSYAF&gir=yes&clen=11247300&dur=831.661&lmt=1612985257942922&mt=1613623028&fvip=5&keepalive=yes&c=WEB_EMBEDDED_PLAYER&txp=5411222&n=r26DKKLw6mFB3Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgCUkD4cNJr6FpU_VNxTI3w6keGJUqyg0PyVubtK5KKAICIQD5tdn2iM-1ejKufHqOP5yynbYORhwQ7Dm23mAHJEyvBA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgC1gAU77RQvNG1wSQRdgM2oh044gmxqCur5qHAlx02qICIE5bCDR1c3OYbbu0EZ0Po6YZgYXmH33jb6nMh3GQgPl-&alr=yes&cpn=zXVNKiRmmKhjL_Ld&cver=1.20210214.0.0&range=0-67219&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0f80499cdd85d60147379378cbed83e183a38cd2ca2d5eb4b8da2955642e957a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 04:45:12 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 67220
Last-Modified: Wed, 10 Feb 2021 19:27:37 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 18 Feb 2021 04:45:12 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame CD06 95 KB
31 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6109e8fab058603a1e83d35427f0f994937d00b9e19bc79e6cc919e01d4f3280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 24952
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32155
x-xss-protection: 0
expires: Thu, 17 Feb 2022 21:49:20 GMT

GET
H3-Q050 200 captions.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame CD06 53 KB
20 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09b7ca5876858319e46f90cda21fbadc331d8f74ee3422fa2461fcdd7c115f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 129077
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19892
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:53:55 GMT

GET
H3-Q050 200 endscreen.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame CD06 26 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77d1dac940214c4dfb2ea59277bacd2fa91d08106331e55a9d17f71203c26a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 25907
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7432
x-xss-protection: 0
expires: Thu, 17 Feb 2022 21:33:25 GMT

GET
H3-Q050 200 annotations_module.js Show response
www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/ Frame CD06 66 KB
21 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bcd45111afa22e62cea850cf2e8f84ce1db1982f34cff1f06761a8b23c423f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 01:13:47 GMT
server: sffe
age: 129299
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21196
x-xss-protection: 0
expires: Wed, 16 Feb 2022 16:50:13 GMT

POST
H3-Q050 200 next Show response
www.youtube.com/youtubei/v1/ Frame CD06 66 KB
6 KB 175ms
175ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c98ad506e6e3529029801bc45b7aeb028945b7885f3f6541536b6a28d330f5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210214.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Goog-Visitor-Id: CgtqdUM0SERCMW5xYyjX4beBBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5884
x-xss-protection: 0
expires: Thu, 18 Feb 2021 04:45:12 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame CD06 0
36 B 6ms
6ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?GupYtg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 883F 0
13 B 6ms
5ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?79_MqQ
Requested by: Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 883F 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/FcK1LSGJMoU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Thu, 18 Feb 2021 04:45:12 GMT

GET
H3-Q050 200 videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame CD06 87 KB
88 KB 14ms
7ms XHR
video/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c68163174e427e9848277784fd9bc3c3f3d47786f5cbed7401b65c9fb77234ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89409
client-protocol: quic
last-modified: Thu, 11 Feb 2021 04:12:52 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 18 Feb 2021 04:45:12 GMT

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CD06 4 KB
2 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 06:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Thu, 18 Feb 2021 04:45:12 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5374
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east

291 B
559 B

71ms
23ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 18 Feb 2021 04:45:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Date: Thu, 18 Feb 2021 04:45:12 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 / Show response
de.tynt.com/deb/ Frame C229 75 B
289 B 341ms
112ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0

Response headers

cache-control: max-age=86400
expires: Fri, 19 Feb 2021 04:45:12 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Thu, 18 Feb 2021 04:45:11 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 96B3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

2 KB
3 KB

31ms
31ms

Document
text/html

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 54ae3a72b56281dc46d94afa904569b1baf2abf47049fc93168a3e88c035859a

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YC3w2EePZARMNYLe0U9ecwAA; CMPS=3164
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0

Response headers

Server: Apache
Content-Type: text/html
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1667
Expires: Thu, 18 Feb 2021 04:45:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
Connection: keep-alive
Set-Cookie: CMID=YC3w2EePZARMNYLe0U9ecwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Feb 2022 04:45:12 GMT CMPS=3164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 19 May 2021 04:45:12 GMT CMPRO=1141;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 19 May 2021 04:45:12 GMT CMST=YC3w2GAt8NgA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 19 Feb 2021 04:45:12 GMT CMRUM3=c4602df0d805a0&27602df0d80b40&f1602df0d805a00&1f602df0d805a00&6f602df0d805a0&e6602df0d827600&2d602df0d805a0&dd602df0d827600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Feb 2022 04:45:12 GMT

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 18 Feb 2021 04:45:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
Connection: keep-alive
Set-Cookie: CMID=YC3w2EePZARMNYLe0U9ecwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Feb 2022 04:45:12 GMT CMPS=3164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 19 May 2021 04:45:12 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame A9E6 2 KB
818 B 76ms
24ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=598ce3ddaee8c90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 0E4C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=4364165372296136531

35 B
214 B

124ms
124ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=4364165372296136531
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 623518e848f30b2f-AMS
content-length: 35
cf-request-id: 08550de52c00000b2fe8861000000001
expires: Tue, 18 Feb 2020 04:45:12 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.151:80
AN-X-Request-Uuid: 7fff1d6d-09af-4a2b-8de1-4a9874b9c5de
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=4364165372296136531
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 0E4C
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7546414803
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7546414803
https://sync.1rx.io/usersync/tradedesk/30c67702-a886-4e3a-a736-21e40aab728f
https://sync.targeting.unrulymedia.com/csync/RX-e1da11d1-bc7e-4c2a-b67b-061ce1041834-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-e1da11d1-bc7e-4c2a-b67b-061ce1041834-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-e1da11d1-bc7e-4c2a-b67b-061ce1041834-003

35 B
230 B

123ms
123ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-e1da11d1-bc7e-4c2a-b67b-061ce1041834-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 623518ea5cbf0b2f-AMS
content-length: 35
cf-request-id: 08550de67c00000b2f4d1dc000000001
expires: Tue, 18 Feb 2020 04:45:12 GMT

Redirect headers

Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: Tengine
ETag: RXe1da11d1bc7e4c2ab67b061ce1041834003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://router.infolinks.com/dyn/r1-usync?uid=RX-e1da11d1-bc7e-4c2a-b67b-061ce1041834-003
Connection: keep-alive
Content-Type: text/html

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 0E4C 0
72 B 336ms
110ms Image
text/plain 208.100.17.172
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.172 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip172.208-100-17.static.steadfastdns.net
Software: 33XP004 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-33x-status: 2000208
date: Thu, 18 Feb 2021 04:45:12 GMT
server: 33XP004

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 0E4C
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
204 B

125ms
124ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 623518e9ebe50b2f-AMS
content-length: 35
cf-request-id: 08550de63400000b2fb6077000000001
expires: Tue, 18 Feb 2020 04:45:12 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 0E4C 0
474 B 73ms
17ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 0E4C
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fdl.pokemoner.com%252F2019%252F06%252Fpokemon-omega-ruby-update-v1-4-for-citra.html&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fdl.pokemoner.com%25252F2019%25252F06%25252Fpokemon-omega-ruby-update-v1-4-for-citra.html%26...
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fdl.pokemoner.com%2F2019%2F06%2Fpokemon-omega-ruby-update-v1-4-for-citra.html&pid=12306&adnxs_uid=4364165372296136531

95 B
945 B

133ms
34ms

Image
image/png

52.18.147.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fdl.pokemoner.com%2F2019%2F06%2Fpokemon-omega-ruby-update-v1-4-for-citra.html&pid=12306&adnxs_uid=4364165372296136531

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.147.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-147-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 18 Feb 2021 04:45:12 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Thu, 18 Feb 2021 04:45:12 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid: 3dd6d0af-704e-4861-94bb-bd6acea415f8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fdl.pokemoner.com%2F2019%2F06%2Fpokemon-omega-ruby-update-v1-4-for-citra.html&pid=12306&adnxs_uid=4364165372296136531
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 0E4C 42 B
233 B 288ms
94ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 0E4C
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP1609d381-71a4-11eb-b56d-06da1a49f4f4
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP1609d381-71a4-11eb-b56d-06da1a49f4f4&verify=true
https://router.infolinks.com/dyn/outh-usync?uid=y-ueQMNoN1l2ZlctNf71tfMV66jxhjum16~UP1609d381-71a4-11eb-b56d-06da1a49f4f4

35 B
258 B

125ms
124ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-ueQMNoN1l2ZlctNf71tfMV66jxhjum16~UP1609d381-71a4-11eb-b56d-06da1a49f4f4
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 623518e8fa2c0b2f-AMS
content-length: 35
cf-request-id: 08550de59a00000b2f6fa10000000001
expires: Tue, 18 Feb 2020 04:45:12 GMT

Redirect headers

Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/outh-usync?uid=y-ueQMNoN1l2ZlctNf71tfMV66jxhjum16~UP1609d381-71a4-11eb-b56d-06da1a49f4f4
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 0E4C
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=c015a4c307c3d7119de2ca0b

35 B
394 B

125ms
125ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=c015a4c307c3d7119de2ca0b
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 623518e838d50b2f-AMS
content-length: 35
cf-request-id: 08550de52100000b2fd2337000000001
expires: Tue, 18 Feb 2020 04:45:12 GMT

Redirect headers

Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=c015a4c307c3d7119de2ca0b
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 0E4C
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEU2Q0EwQTMtMDVDQy00RjBGLTg5REUtREFGNEMxNEQ3NDc2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DAA526256-18AB-4A08-959F-838AB8F1A0AC
https://router.infolinks.com/dyn/pbm-usync?uid=AA526256-18AB-4A08-959F-838AB8F1A0AC

0
263 B

125ms
125ms

Image
text/html

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=AA526256-18AB-4A08-959F-838AB8F1A0AC
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:13 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 623518ebaf320b2f-AMS
content-length: 0
cf-request-id: 08550de74a00000b2ffc95f000000001
expires: Tue, 18 Feb 2020 04:45:12 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/pbm-usync?uid=AA526256-18AB-4A08-959F-838AB8F1A0AC
Date: Thu, 18 Feb 2021 04:45:15 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Content-Length: 402
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 0E4C
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUE1MjYyNTYtMThBQi00QTA4LTk1OUYtODM4QUI4RjFBMEFD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DAA526256-18AB-4A08-959F-838AB8F1A0AC
https://router.infolinks.com/dyn/pbm-usync?uid=AA526256-18AB-4A08-959F-838AB8F1A0AC

0
230 B

125ms
125ms

Image
text/html

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=AA526256-18AB-4A08-959F-838AB8F1A0AC
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:13 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 623518ebcf670b2f-AMS
content-length: 0
cf-request-id: 08550de76000000b2f4e2cc000000001
expires: Tue, 18 Feb 2020 04:45:12 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/pbm-usync?uid=AA526256-18AB-4A08-959F-838AB8F1A0AC
Date: Thu, 18 Feb 2021 04:45:12 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 403
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

bizzc-usync
router.infolinks.com/dyn/ Frame 0E4C
Redirect Chain

https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D
https://router.infolinks.com/dyn/bizzc-usync?uid=4e42123fce38789612b4874d31f3ab695fa4315da8390bf163a6d8a9c24cd49a

35 B
390 B

127ms
126ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/bizzc-usync?uid=4e42123fce38789612b4874d31f3ab695fa4315da8390bf163a6d8a9c24cd49a
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:13 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 623518ec58580b2f-AMS
content-length: 35
cf-request-id: 08550de7b700000b2f638bb000000001
expires: Tue, 18 Feb 2020 04:45:13 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://router.infolinks.com/dyn/bizzc-usync?uid=4e42123fce38789612b4874d31f3ab695fa4315da8390bf163a6d8a9c24cd49a
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 0E4C 0
61 B 139ms
139ms Image
text/plain 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 623518e90a560b2f-AMS
content-length: 0
cf-request-id: 08550de5a900000b2f5b8f2000000001

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 0E4C
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=1875819617220103417

35 B
254 B

124ms
124ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=1875819617220103417
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 623518eb1e420b2f-AMS
content-length: 35
cf-request-id: 08550de6f100000b2ff7065000000001
expires: Tue, 18 Feb 2020 04:45:12 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=1875819617220103417
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sx-usync
router.infolinks.com/dyn/ Frame 0E4C
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=16348dbe-71a4-11eb-b812-107c10e92006
https://router.infolinks.com/dyn/sx-usync?uid=16348d84-71a4-11eb-b812-107c10e92006

35 B
312 B

124ms
124ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sx-usync?uid=16348d84-71a4-11eb-b812-107c10e92006
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 623518ea0c110b2f-AMS
content-length: 35
cf-request-id: 08550de64700000b2f6d294000000001
expires: Tue, 18 Feb 2020 04:45:12 GMT

Redirect headers

Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sx-usync?uid=16348d84-71a4-11eb-b812-107c10e92006
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 125
Connection: keep-alive
Content-Length: 0

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 0E4C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://router.infolinks.com/dyn/VR-usync?uid=y-n199F3R1l2Z8O0dcNbIgnI07_nI7UecMeNZ5cGY-

35 B
232 B

130ms
130ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-n199F3R1l2Z8O0dcNbIgnI07_nI7UecMeNZ5cGY-
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3100725&wsid=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 623518e9ebdd0b2f-AMS
content-length: 35
cf-request-id: 08550de63100000b2ff7055000000001
expires: Tue, 18 Feb 2020 04:45:12 GMT

Redirect headers

Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/VR-usync?uid=y-n199F3R1l2Z8O0dcNbIgnI07_nI7UecMeNZ5cGY-
Connection: keep-alive
Content-Length: 0

GET
H3-Q050 200 videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame CD06 64 KB
64 KB 7ms
7ms XHR
audio/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1613645111&ei=1_AtYIf1M6qDx_AP__-qyAo&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APx7Umah7tfCBoE0_VFnj7Z36dpAsA4uI4TGiYHwP9EM&itag=251&source=youtube&requiressl=yes&mh=Ai&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5edns6&ms=au%2Crdu&mv=m&mvi=5&pl=41&initcwndbps=883750&vprv=1&mime=audio%2Fwebm&ns=p4FURgtpw4gYVoMLe4nBSYAF&gir=yes&clen=11247300&dur=831.661&lmt=1612985257942922&mt=1613623028&fvip=5&keepalive=yes&c=WEB_EMBEDDED_PLAYER&txp=5411222&n=r26DKKLw6mFB3Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgCUkD4cNJr6FpU_VNxTI3w6keGJUqyg0PyVubtK5KKAICIQD5tdn2iM-1ejKufHqOP5yynbYORhwQ7Dm23mAHJEyvBA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgC1gAU77RQvNG1wSQRdgM2oh044gmxqCur5qHAlx02qICIE5bCDR1c3OYbbu0EZ0Po6YZgYXmH33jb6nMh3GQgPl-&alr=yes&cpn=zXVNKiRmmKhjL_Ld&cver=1.20210214.0.0&range=67220-132755&rn=4&rbuf=4099

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

98bcac2e6330a1cdbf945812afa50f8539c1068b41988680ca087d44d1a8a663

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Wed, 10 Feb 2021 19:27:37 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 18 Feb 2021 04:45:12 GMT

GET
DATA 200
OK truncated
/ Frame CD06 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 AAUvwnj2M6Rg_Ea31NS_8qMpUzMjyqj6NDNvlWKFqZrOTQ=s400-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CD06 47 KB
47 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnj2M6Rg_Ea31NS_8qMpUzMjyqj6NDNvlWKFqZrOTQ=s400-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

054ed0acfab6b8490594e40973aeab27860612d145c4b3883c0416c0b6da3c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 00:52:33 GMT
x-content-type-options: nosniff
age: 13959
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48244
x-xss-protection: 0
server: fife
etag: "v373"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 15 Feb 2021 01:29:34 GMT

GET
H3-Q050 200 maxresdefault.jpg
i.ytimg.com/vi/-7WRrgK7RYQ/ Frame CD06 167 KB
167 KB 40ms
26ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/-7WRrgK7RYQ/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

123b56fe0a0e2aafe90244979fa682efa54984e48f82b8b1e6cc7813654695b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:43:08 GMT
x-content-type-options: nosniff
server: sffe
age: 124
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 171255
x-xss-protection: 0
expires: Thu, 18 Feb 2021 06:43:08 GMT

GET
H3-Q050 200 maxresdefault.webp
i.ytimg.com/vi_webp/pQhNp40Mv_I/ Frame CD06 80 KB
80 KB 35ms
21ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/pQhNp40Mv_I/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d784df9ae0fb53699967020a2155d2f6c876b61d1001d3d089a03cb9b3a09bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:11:22 GMT
x-content-type-options: nosniff
server: sffe
age: 2030
etag: "1612602293"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81766
x-xss-protection: 0
expires: Thu, 18 Feb 2021 06:11:22 GMT

GET
H3-Q050 204 playback
www.youtube.com/api/stats/ Frame CD06 0
21 B 16ms
15ms Image
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=zXVNKiRmmKhjL_Ld&docid=o1OtQKhlixU&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fo1OtQKhlixU%3Fcontrols%3D1%26autoplay%3D1%26mute%3D1&cmt=0.013&ei=1_AtYIf1M6qDx_AP__-qyAo&fmt=243&fs=0&rt=0.484&of=XgaT62fk8cU_1MyGPgQVRg&euri=https%3A%2F%2Fdl.pokemoner.com%2F2019%2F06%2Fpokemon-omega-ruby-update-v1-4-for-citra.html&lact=508&cl=357483374&mos=1&vm=CAEQARgEKixBZGdzSDd2dUwzVHEwMXBQRmtmNVlmc2RlNVBSeU11cU12dUlvWGdFUEdjPToyQU9HdF9PS21QY1NDLVJQY0cwd21SeHlweHp3cFhqM0dTdmdCQ3JxQmtiajJzOWVYVWc&volume=100&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210214.0.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=DE&len=831.661&fexp=23857949%2C23940248%2C23969934%2C23976578%2C23983296%2C23992809%2C23999568%2C24000883&rtn=3&afmt=251&size=280%3A158&inview=0

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 ptracking
www.youtube.com/ Frame CD06 0
229 B 69ms
69ms Image
video/x-flv 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=o1OtQKhlixU&cpn=zXVNKiRmmKhjL_Ld&ei=1_AtYIf1M6qDx_AP__-qyAo&ptk=youtube_single&oid=UQtDxDBB_eMNYHoDK1_pfA&ptchn=VX_8_sbJIBjQ9KdVo3zDww&pltype=content

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: YouTube Frontend Proxy
date: Thu, 18 Feb 2021 04:45:12 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: no-cache
content-type: video/x-flv
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H3-Q050 200 videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame CD06 206 KB
206 KB 6ms
6ms XHR
video/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

43ebac44950bd4d1a37cc2fd2ff3ebf5418bfbc8e591f6a75dbfc84d8f1bfa83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 210731
client-protocol: quic
last-modified: Thu, 11 Feb 2021 04:12:52 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 18 Feb 2021 04:45:12 GMT

GET
H3-Q050 200 videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame CD06 132 KB
132 KB 6ms
6ms XHR
audio/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1613645111&ei=1_AtYIf1M6qDx_AP__-qyAo&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APx7Umah7tfCBoE0_VFnj7Z36dpAsA4uI4TGiYHwP9EM&itag=251&source=youtube&requiressl=yes&mh=Ai&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5edns6&ms=au%2Crdu&mv=m&mvi=5&pl=41&initcwndbps=883750&vprv=1&mime=audio%2Fwebm&ns=p4FURgtpw4gYVoMLe4nBSYAF&gir=yes&clen=11247300&dur=831.661&lmt=1612985257942922&mt=1613623028&fvip=5&keepalive=yes&c=WEB_EMBEDDED_PLAYER&txp=5411222&n=r26DKKLw6mFB3Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgCUkD4cNJr6FpU_VNxTI3w6keGJUqyg0PyVubtK5KKAICIQD5tdn2iM-1ejKufHqOP5yynbYORhwQ7Dm23mAHJEyvBA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgC1gAU77RQvNG1wSQRdgM2oh044gmxqCur5qHAlx02qICIE5bCDR1c3OYbbu0EZ0Po6YZgYXmH33jb6nMh3GQgPl-&alr=yes&cpn=zXVNKiRmmKhjL_Ld&cver=1.20210214.0.0&range=132756-268312&rn=6&rbuf=8198

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

834086994f56ab79c0940f59fdd5698ec7e527a28f2d3f1884207123f2c1134d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:12 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135557
client-protocol: quic
last-modified: Wed, 10 Feb 2021 19:27:37 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 18 Feb 2021 04:45:12 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 96B3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YC3w2EePZARMNYLe0U9ecwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOtSuprM58oBJzw594EneJQ&google_cver=1

43 B
1003 B

32ms
32ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOtSuprM58oBJzw594EneJQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 18 Feb 2021 04:45:12 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOtSuprM58oBJzw594EneJQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 96B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YC3w2EePZARMNYLe0U9ecwAABHUAAAAB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDeqyNtXD_tOCjBq2Q1y0m0&google_cver=1

43 B
315 B

26ms
25ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDeqyNtXD_tOCjBq2Q1y0m0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 18 Feb 2021 04:45:12 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDeqyNtXD_tOCjBq2Q1y0m0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 96B3 70 B
265 B 101ms
33ms Image
image/gif 52.209.120.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=39&gdpr=1&cm_user_id=YC3w2EePZARMNYLe0U9ecwAA&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.120.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-120-242.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 96B3
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YC3w2EePZARMNYLe0U9ecwAABHUAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YC3w2EePZARMNYLe0U9ecwAABHUAAAAB&dcc=t

43 B
433 B

103ms
103ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YC3w2EePZARMNYLe0U9ecwAABHUAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YC3w2EePZARMNYLe0U9ecwAABHUAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 96B3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2767710718063186030&expiration=1614833112

43 B
995 B

52ms
30ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2767710718063186030&expiration=1614833112
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 18 Feb 2021 04:45:12 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2767710718063186030&expiration=1614833112
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1 200
OK us.php
gu.dyntrk.com/adx/ie/ Frame 96B3 0
215 B 99ms
31ms Image
text/plain 51.178.20.140
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS: proxy0394.eu3.dynfactory.com
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 96B3
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6669099121962311753&uid=Q6669099121962311753&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

23ms
23ms

Image
image/gif

88.221.62.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.62.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-62-154.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Thu, 18 Feb 2021 04:45:12 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2

200

tpid=YC3w2EePZARMNYLe0U9ecwAA%261141
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 96B3
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YC3w2EePZARMNYLe0U9ecwAA%261141
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YC3w2EePZARMNYLe0U9ecwAA%261141

49 B
714 B

44ms
44ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YC3w2EePZARMNYLe0U9ecwAA%261141
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.145
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YC3w2EePZARMNYLe0U9ecwAA%261141
cache-control: no-cache
x-server: 10.45.22.215
content-length: 0
expires: 0

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame 96B3 35 B
330 B 124ms
123ms Image
image/gif 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YC3w2EePZARMNYLe0U9ecwAA%261141
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 623518e869240b2f-AMS
content-length: 35
cf-request-id: 08550de53e00000b2fe0b1c000000001
expires: Tue, 18 Feb 2020 04:45:12 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5374 31 KB
10 KB 25ms
25ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5c5a22c704da51d236b29ae32a979a1a8f06969896795c03807774f6de684507

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 04:45:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23879
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9309
Expires: Thu, 18 Feb 2021 11:23:11 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5374 284 B
536 B 94ms
23ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/jpg

GET
H2 200 close-button.png
b3u2w5c8.stackpathcdn.com/wp-content/plugins/ad-inserter-pro/css/images/ 1 KB
2 KB 25ms
25ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b3u2w5c8.stackpathcdn.com/wp-content/plugins/ad-inserter-pro/css/images/close-button.png

Requested by

Host: dl.pokemoner.com
URL: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs /

Resource Hash

669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dl.pokemoner.com/2019/06/pokemon-omega-ruby-update-v1-4-for-citra.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:13 GMT
last-modified: Fri, 12 Feb 2021 08:49:50 GMT
server: fbs
etag: "1613119790"
vary: Accept-Encoding
x-hw: 1613623513.cds056.lo4.hn,1613623513.cds018.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=10368000, public, public
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 1434

GET
H3-Q050 204 watchtime
www.youtube.com/api/stats/ Frame CD06 0
44 B 15ms
14ms Image
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=zXVNKiRmmKhjL_Ld&docid=o1OtQKhlixU&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fo1OtQKhlixU%3Fcontrols%3D1%26autoplay%3D1%26mute%3D1&cmt=2.492&ei=1_AtYIf1M6qDx_AP__-qyAo&fmt=243&fs=0&rt=3.001&of=XgaT62fk8cU_1MyGPgQVRg&euri=https%3A%2F%2Fdl.pokemoner.com%2F2019%2F06%2Fpokemon-omega-ruby-update-v1-4-for-citra.html&lact=3025&cl=357483374&state=playing&vm=CAEQARgEKixBZGdzSDd2dUwzVHEwMXBQRmtmNVlmc2RlNVBSeU11cU12dUlvWGdFUEdjPToyQU9HdF9PS21QY1NDLVJQY0cwd21SeHlweHp3cFhqM0dTdmdCQ3JxQmtiajJzOWVYVWc&volume=100&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210214.0.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=DE&len=831.661&rtn=13&afmt=251&idpj=-8&ldpj=-29&rti=3&muted=1&st=0&et=2.492

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:14 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 atr Show response
www.youtube.com/api/stats/ Frame CD06 0
46 B 16ms
16ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=zXVNKiRmmKhjL_Ld&docid=o1OtQKhlixU&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fo1OtQKhlixU%3Fcontrols%3D1%26autoplay%3D1%26mute%3D1&cmt=4.51&ei=1_AtYIf1M6qDx_AP__-qyAo&fmt=243&fs=0&rt=5.018&of=XgaT62fk8cU_1MyGPgQVRg&euri=https%3A%2F%2Fdl.pokemoner.com%2F2019%2F06%2Fpokemon-omega-ruby-update-v1-4-for-citra.html&lact=5042&cl=357483374&mos=1&vm=CAEQARgEKixBZGdzSDd2dUwzVHEwMXBQRmtmNVlmc2RlNVBSeU11cU12dUlvWGdFUEdjPToyQU9HdF9PS21QY1NDLVJQY0cwd21SeHlweHp3cFhqM0dTdmdCQ3JxQmtiajJzOWVYVWc&volume=100&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210214.0.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=DE&len=831.661&fexp=23857949%2C23940248%2C23969934%2C23976578%2C23983296%2C23992809%2C23999568%2C24000883&afmt=251

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
X-YouTube-Client-Version: 1.20210214.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1613623511708&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C280%2C158&vis=1&wgl=true&ca_type=image&bid=ANyPxKpr_m__WbdPmPJdj_HHhDz357dyFX-8DoN0WSGeFEupCmxJ-iSqB4E9-S0YW5U_bqg0AQcRNyWybM5lxxYCCnbIXRu-jg

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:16 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame CD06 149 KB
149 KB 6ms
6ms XHR
audio/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1613645111&ei=1_AtYIf1M6qDx_AP__-qyAo&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APx7Umah7tfCBoE0_VFnj7Z36dpAsA4uI4TGiYHwP9EM&itag=251&source=youtube&requiressl=yes&mh=Ai&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5edns6&ms=au%2Crdu&mv=m&mvi=5&pl=41&initcwndbps=883750&vprv=1&mime=audio%2Fwebm&ns=p4FURgtpw4gYVoMLe4nBSYAF&gir=yes&clen=11247300&dur=831.661&lmt=1612985257942922&mt=1613623028&fvip=5&keepalive=yes&c=WEB_EMBEDDED_PLAYER&txp=5411222&n=r26DKKLw6mFB3Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgCUkD4cNJr6FpU_VNxTI3w6keGJUqyg0PyVubtK5KKAICIQD5tdn2iM-1ejKufHqOP5yynbYORhwQ7Dm23mAHJEyvBA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgC1gAU77RQvNG1wSQRdgM2oh044gmxqCur5qHAlx02qICIE5bCDR1c3OYbbu0EZ0Po6YZgYXmH33jb6nMh3GQgPl-&alr=yes&cpn=zXVNKiRmmKhjL_Ld&cver=1.20210214.0.0&range=268313-420704&rn=7&rbuf=14139

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1521f8f809cc8c5926960ebfef033f9d4428c17699874b610fbcdd9aad88b944

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:17 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152392
client-protocol: quic
last-modified: Wed, 10 Feb 2021 19:27:37 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 18 Feb 2021 04:45:17 GMT

GET
H3-Q050 200 featured_channel.jpg
i.ytimg.com/an/VX_8_sbJIBjQ9KdVo3zDww/ Frame CD06 13 KB
14 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/VX_8_sbJIBjQ9KdVo3zDww/featured_channel.jpg?v=5b8fba2c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfdfbee0ab06732e2e1dc88ded995db6e81913b5b3f4cdf1986bf149566a7c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:03:57 GMT
x-content-type-options: nosniff
server: sffe
age: 2480
etag: "1536145964"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13801
x-xss-protection: 0
expires: Thu, 18 Feb 2021 06:03:57 GMT

GET
H3-Q050 200 videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame CD06 672 KB
672 KB 7ms
6ms XHR
video/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a251f490f2cf86fd57b5af9e85626f616f0c3fbb9f6b6129a240cca9500f8999

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 04:45:19 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 687627
client-protocol: quic
last-modified: Thu, 11 Feb 2021 04:12:52 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21292
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 18 Feb 2021 04:45:19 GMT

POST
H3-Q050 204 qoe
www.youtube.com/api/stats/ Frame CD06 0
46 B 14ms
14ms Other
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=zXVNKiRmmKhjL_Ld&ei=1_AtYIf1M6qDx_AP__-qyAo&el=embedded&docid=o1OtQKhlixU&ns=yt&fexp=23857949%2C23940248%2C23969934%2C23976578%2C23983296%2C23992809%2C23999568%2C24000883&cl=357483374&seq=2&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210214.0.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&ctmp=loudness:-1.300&cmt=0.482:0.013,1.232:0.724,10.000:9.493&vps=0.482:PL,10.000:PL&user_intent=0.206&bwm=10.000:1500964:0.628&bwe=10.000:10034810&bat=10.000:1:1&bh=10.000:20.541&df=10.000:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:21 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 883F 28 B
174 B 18ms
18ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/FcK1LSGJMoU
X-YouTube-Client-Version: 1.20210214.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtENTl0a25OQmxDVSjX4beBBg%3D%3D
X-YouTube-Ad-Signals: dt=1613623511668&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1020%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKpvjK9U9VbZn8zGtxwFnDLRlZSEK4_RAdtRMuhzCiE0OW084P40Dxqk3KMyKJGaAFj7xfp_f_kIiaX1FN0py7BKczYimQ

Response headers

date: Thu, 18 Feb 2021 04:45:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 18 Feb 2021 04:45:22 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CD06 28 B
148 B 18ms
18ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
X-YouTube-Client-Version: 1.20210214.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtqdUM0SERCMW5xYyjX4beBBg%3D%3D
X-YouTube-Ad-Signals: dt=1613623511649&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C280%2C158&vis=1&wgl=true&ca_type=image&bid=ANyPxKpr_m__WbdPmPJdj_HHhDz357dyFX-8DoN0WSGeFEupCmxJ-iSqB4E9-S0YW5U_bqg0AQcRNyWybM5lxxYCCnbIXRu-jg

Response headers

date: Thu, 18 Feb 2021 04:45:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 18 Feb 2021 04:45:22 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5e6ns6.googlevideo.com/ Frame CD06 265 KB
266 KB 6ms
6ms XHR
audio/webm 2a00:1450:4001:60::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1613645111&ei=1_AtYIf1M6qDx_AP__-qyAo&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-APx7Umah7tfCBoE0_VFnj7Z36dpAsA4uI4TGiYHwP9EM&itag=251&source=youtube&requiressl=yes&mh=Ai&mm=31%2C29&mn=sn-4g5e6ns6%2Csn-4g5edns6&ms=au%2Crdu&mv=m&mvi=5&pl=41&initcwndbps=883750&vprv=1&mime=audio%2Fwebm&ns=p4FURgtpw4gYVoMLe4nBSYAF&gir=yes&clen=11247300&dur=831.661&lmt=1612985257942922&mt=1613623028&fvip=5&keepalive=yes&c=WEB_EMBEDDED_PLAYER&txp=5411222&n=r26DKKLw6mFB3Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgCUkD4cNJr6FpU_VNxTI3w6keGJUqyg0PyVubtK5KKAICIQD5tdn2iM-1ejKufHqOP5yynbYORhwQ7Dm23mAHJEyvBA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgC1gAU77RQvNG1wSQRdgM2oh044gmxqCur5qHAlx02qICIE5bCDR1c3OYbbu0EZ0Po6YZgYXmH33jb6nMh3GQgPl-&alr=yes&cpn=zXVNKiRmmKhjL_Ld&cver=1.20210214.0.0&range=420705-692351&rn=9&rbuf=19291

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6eebf7aa/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:60::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4f4b55b5766ed7b2dc7452e4815e494e57d6a54dd14d0ed2840b1274bcf0ae21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 04:45:23 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 271647
Last-Modified: Wed, 10 Feb 2021 19:27:37 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21288
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 18 Feb 2021 04:45:23 GMT

GET
H2 204 watchtime
www.youtube.com/api/stats/ Frame CD06 0
142 B 14ms
14ms Image
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=zXVNKiRmmKhjL_Ld&docid=o1OtQKhlixU&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fo1OtQKhlixU%3Fcontrols%3D1%26autoplay%3D1%26mute%3D1&cmt=12.492&ei=1_AtYIf1M6qDx_AP__-qyAo&fmt=243&fs=0&rt=13&of=XgaT62fk8cU_1MyGPgQVRg&euri=https%3A%2F%2Fdl.pokemoner.com%2F2019%2F06%2Fpokemon-omega-ruby-update-v1-4-for-citra.html&lact=13024&cl=357483374&state=playing&vm=CAEQARgEKixBZGdzSDd2dUwzVHEwMXBQRmtmNVlmc2RlNVBSeU11cU12dUlvWGdFUEdjPToyQU9HdF9PS21QY1NDLVJQY0cwd21SeHlweHp3cFhqM0dTdmdCQ3JxQmtiajJzOWVYVWc&volume=100&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210214.0.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=DE&len=831.661&rtn=23&afmt=251&idpj=-8&ldpj=-29&rti=13&muted=1&st=2.492&et=12.492

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/o1OtQKhlixU?controls=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 04:45:24 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b3u2w5c8.stackpathcdn.com
URL: https://b3u2w5c8.stackpathcdn.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casalemedia.com/	1970-01-20 00:59:19	Name: CMID Value: YC3w2EePZARMNYLe0U9ecwAA
.infolinks.com/	1970-01-19 16:15:09	Name: PUBMUSERCOOKIE Value: AA526256-18AB-4A08-959F-838AB8F1A0AC
.casalemedia.com/	1970-01-19 18:23:19	Name: CMPRO Value: 1141
.infolinks.com/	1970-01-19 16:15:09	Name: ZTUSERCOOKIE Value: 1875819617220103417
.casalemedia.com/	1970-01-19 18:23:19	Name: CMPS Value: 3164
.infolinks.com/	1970-01-19 16:15:09	Name: BIZZCUSERCOOKIE Value: 4e42123fce38789612b4874d31f3ab695fa4315da8390bf163a6d8a9c24cd49a
.infolinks.com/	1970-01-19 16:15:09	Name: SOVRNUSERCOOKIE Value: c015a4c307c3d7119de2ca0b
.infolinks.com/	1970-01-19 16:15:09	Name: IXUSERCOOKIE Value: YC3w2EePZARMNYLe0U9ecwAA&1141
.infolinks.com/	1970-01-19 16:15:09	Name: R1USERCOOKIE Value: RX-e1da11d1-bc7e-4c2a-b67b-061ce1041834-003
.casalemedia.com/	1970-01-19 16:15:09	Name: CMST Value: YC3w2GAt8NgA
.infolinks.com/	1970-01-19 16:15:09	Name: OUTHUSERCOOKIE Value: y-ueQMNoN1l2ZlctNf71tfMV66jxhjum16~UP1609d381-71a4-11eb-b56d-06da1a49f4f4
.infolinks.com/	1970-01-19 18:23:19	Name: ZMNUSERCOOKIE Value: ""
.infolinks.com/	1970-01-19 18:23:19	Name: ANUSERCOOKIE Value: 4364165372296136531
.infolinks.com/	1970-01-19 16:15:09	Name: VRUSERCOOKIE Value: y-n199F3R1l2Z8O0dcNbIgnI07_nI7UecMeNZ5cGY-
.casalemedia.com/	1970-01-20 00:59:19	Name: CMRUM3 Value: f1602df0d805a00&1f602df0d805a00&27602df0d80b40&c4602df0d805a0&dd602df0d827600&2d602df0d805a0&e6602df0d827600&6f602df0d827602767710718063186030
.youtube.com/	1970-01-19 20:32:55	Name: VISITOR_INFO1_LIVE Value: D59tknNBlCU
.infolinks.com/	1970-01-19 16:15:09	Name: SXUSERCOOKIE Value: 16348d84-71a4-11eb-b812-107c10e92006
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: OHrVLLn9DfU
dl.pokemoner.com/2019/06	1969-12-31 23:59:59	Name: logglytrackingsession Value: e02f2f8e-1a12-4629-86ed-cc336753fb82

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://b3u2w5c8.stackpathcdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://resources.infolinks.com/js/1733.015-3.011/ice.js(Line 1) Message: [object Object]
console-api	log	URL: https://resources.infolinks.com/js/1733.015-3.011/ice.js(Line 1) Message: Failed to log to loggly because of this exception: SecurityError: Blocked a frame with origin "https://dl.pokemoner.com" from accessing a cross-origin frame.
console-api	log	URL: https://resources.infolinks.com/js/1733.015-3.011/ice.js(Line 1) Message: Failed log data: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ap.lijit.com
b1sync.zemanta.com
b3u2w5c8.stackpathcdn.com
bcp.crwdcntrl.net
c1.adform.net
cm.g.doubleclick.net
de.tynt.com
dl.pokemoner.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
i.ytimg.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
match.adsrvr.org
onetag-sys.com
p.rfihub.com
pixel.advertising.com
px.owneriq.net
r5---sn-4g5e6ns6.googlevideo.com
resources.infolinks.com
router.infolinks.com
s.amazon-adsystem.com
s.cpx.to
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
ups.analytics.yahoo.com
us.ck-ie.com
www.google.com
www.gstatic.com
www.pokemoner.com
www.youtube.com
yt3.ggpht.com
b3u2w5c8.stackpathcdn.com
142.250.186.162
142.250.186.34
151.139.128.11
172.67.39.17
174.137.133.49
176.123.8.49
178.162.133.149
18.156.0.31
18.197.47.23
185.64.189.114
185.64.190.79
185.64.190.80
185.94.180.125
193.0.160.129
208.100.17.172
208.100.17.188
213.19.147.150
213.19.147.151
23.218.208.246
23.37.42.132
2a00:1450:4001:60::a
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2016
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
34.253.109.165
37.157.2.236
37.252.173.62
51.178.20.140
51.89.9.254
52.18.147.13
52.209.120.242
69.173.144.165
70.42.32.63
72.21.206.140
72.251.249.9
88.214.193.83
88.221.62.154
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
054ed0acfab6b8490594e40973aeab27860612d145c4b3883c0416c0b6da3c00
0651e9a718a6ce3d030e0086532dad8caf7571b961e311fda509a47d0ba4bd56
09b7ca5876858319e46f90cda21fbadc331d8f74ee3422fa2461fcdd7c115f1d
0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1
0f5de44db5dd1fb15a0464d21d48311b316e96fa7de1a9ca820d0a406fc82522
0f80499cdd85d60147379378cbed83e183a38cd2ca2d5eb4b8da2955642e957a
123b56fe0a0e2aafe90244979fa682efa54984e48f82b8b1e6cc7813654695b9
1521f8f809cc8c5926960ebfef033f9d4428c17699874b610fbcdd9aad88b944
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
23660eccf0bd249016776aa465acb8d45971d38ce9954b2802158a0c5876cac1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30a3754e02cc0b4a7b85fcee6c75431e62f5ab2b64912f328d3a70e27aa72572
37555d2a8631f6c69e94303caf2b0f844327688c004f02e7549f15834558c263
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38276b3c1055b8020b788afdd1c824704dbe1ff5f0b9e375d7a4da1cfa8db6ff
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
43ebac44950bd4d1a37cc2fd2ff3ebf5418bfbc8e591f6a75dbfc84d8f1bfa83
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c3eea12a7b2e63bd35dedf66cecf80e468c2238e64c803732ad619f035e1f78
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4f4b55b5766ed7b2dc7452e4815e494e57d6a54dd14d0ed2840b1274bcf0ae21
4f61525c435935afe56cf850326d30eddbac45d82f9ec281cc2554eb570efff3
51acacfa29a4836037ad7a3484b636a8d1adf06f44189818d07970054f4cb23a
54ae3a72b56281dc46d94afa904569b1baf2abf47049fc93168a3e88c035859a
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5be7f1c5aafff9458c12362747e1ad99ea6b891b82995622e2f448427ece1480
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5c5a22c704da51d236b29ae32a979a1a8f06969896795c03807774f6de684507
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6109e8fab058603a1e83d35427f0f994937d00b9e19bc79e6cc919e01d4f3280
63e971626cb7961fb014906a5476a7353bba89331013e001bb16b4a6ac5ce93f
669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a04f704f1ff8f018568020f67b9a9a4eb47a0c1029358b195de73feefd36153
6d4a1f82f822b817587f63c06ac401d5c10e5cca7594ad345460efea75cd9b4e
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
70d6fd02b5462a15e479da3064af714710a9afaaaa724e49bc202cb8ccc994fc
730fc5ab4a6f736c63ec286d6cd8f53020160b3ff7291876fd30591cedd12e2a
732904ab52c039ec58e18bf77e3a59668cd8942e39699cf6986ef08eeca6ce87
73bbc5206f991d8a603fe956c759d27cc4185cac74373f507b4e2dbf4764047c
749465d389587e1e1c28f0044cbe3b0fa1dc84da3aa83f68a127b2984c389e06
761dbe686d6a7c2aede21ce7b9de9aab802c872487644f21577c2e1795bf41f3
77424461fa75ef9d152cd049b4c01ad73d89660087d55c0e331f7f2e36f28096
779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875
77d1dac940214c4dfb2ea59277bacd2fa91d08106331e55a9d17f71203c26a2a
7c70a1579ba03863bfb783035a6fab815758a4dafd78e8699f70db1d0a1b7d77
7eebf69bec9791eaad8c406b0cf494cb89de9eb62eb4d8375aee2ae874f048c3
8277d3b312f84417a05400643587eaa0982065618af9e1cafc8f72316e6fd1e1
834086994f56ab79c0940f59fdd5698ec7e527a28f2d3f1884207123f2c1134d
8bcd45111afa22e62cea850cf2e8f84ce1db1982f34cff1f06761a8b23c423f0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
98bcac2e6330a1cdbf945812afa50f8539c1068b41988680ca087d44d1a8a663
a251f490f2cf86fd57b5af9e85626f616f0c3fbb9f6b6129a240cca9500f8999
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a
b90f034cb435bf117c9fcadffb3bc33eca236a437f2b1c091e8d3664124962fb
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c043e209b26776422fdd7a08a36a8d3a3298577f92401a463145d88ebfa93a01
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
c11fb9ac4922e75ae9e0a017f41ae36febd8a185834b7bb608e9049ebe68da62
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ed6b4868df519b5aeb4e6ee97ae6144737cc417f402f19e93434702f2fc9d
c68163174e427e9848277784fd9bc3c3f3d47786f5cbed7401b65c9fb77234ce
c98ad506e6e3529029801bc45b7aeb028945b7885f3f6541536b6a28d330f5a9
cfb829354040f367c2c97ee3716d87f194c6d2a23ecfdd4901d7c22e3b8be3b6
cfdfbee0ab06732e2e1dc88ded995db6e81913b5b3f4cdf1986bf149566a7c18
d784df9ae0fb53699967020a2155d2f6c876b61d1001d3d089a03cb9b3a09bd2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d97cd63d22c6ff6812f27088d666066294e39e007741b4947dbbf279c30a8f60
dd4993e5c6015cb663a4ff917d77897ed71deda6eedaed515b41326305b3ed72
dd78dd39662b24e26a0298d4fcf17c897e802280517b7ee108ac13595c8a69ac
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ab7ae1e01d6076ece634d1ce4aab6c1da47c51877e97ace9d03486c6ab326e
ee5832a0f557ebf0438864ece3c5b1ff633269eebbfe3abe5e9eb54d036eace5
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f003001a164fc40eb7a767dcb8f36dce6ba51e3f6852f38f9400322dfa59f252
fbf959f1cb1f0b832d38cd88d29dc2adc7e4223f750cb36df2efd4e278859289
fe995e4a77e0247cc060ddf1418dce41f899f5e06b83d096c797c7c47b32c70b

dl.pokemoner.com Open in urlscan Pro 176.123.8.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

120 Requests

99 %HTTPS

25 %IPv6

36 Domains

47 Subdomains

30 IPs

8 Countries

4447 kBTransfer

9057 kBSize

19 Cookies

3 Outgoing links

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dl.pokemoner.com Open in urlscan Pro
176.123.8.49 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

99 %
HTTPS

25 %
IPv6

36
Domains

47
Subdomains

30
IPs

8
Countries

4447 kB
Transfer

9057 kB
Size

19
Cookies

120 HTTP transactions
5 data transactions